DOCSLIB.ORG

Mcafee Foundstone Fsl Update

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Mcafee Foundstone Fsl Update 2016-JUL-14 FSL version 7.5.834 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 20245 - IBM WebSphere Application Server Apache Struts Multiple Vulnerabilities Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-1181, CVE-2016-1182 Description Multiple vulnerabilities are present in some versions of IBM WebSphere Application Server. Observation IBM WebSphere Application Server is a Java application server. Multiple vulnerabilities are present in some versions of IBM WebSphere Application Server. The flaws lie in Apache Struts component. Successful exploitation could allow an attacker to execute arbitrary code. 144735 - SuSE Linux 13.1 openSUSE-SU-2016:1767-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1952, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1960, CVE- 2016-1961, CVE-2016-1964, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016- 2801, CVE-2016-2802, CVE-2016-2806, CVE-2016-2807, CVE-2016-2815, CVE-2016-2818 Description The scan detected that the host is missing the following update: openSUSE-SU-2016:1767-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-07/msg00027.html SuSE Linux 13.1 x86_64 MozillaThunderbird-buildsymbols-45.2-70.83.1 MozillaThunderbird-translations-other-45.2-70.83.1 MozillaThunderbird-debuginfo-45.2-70.83.1 MozillaThunderbird-debugsource-45.2-70.83.1 MozillaThunderbird-45.2-70.83.1 MozillaThunderbird-devel-45.2-70.83.1 MozillaThunderbird-translations-common-45.2-70.83.1 i586 MozillaThunderbird-buildsymbols-45.2-70.83.1 MozillaThunderbird-translations-other-45.2-70.83.1 MozillaThunderbird-debuginfo-45.2-70.83.1 MozillaThunderbird-debugsource-45.2-70.83.1 MozillaThunderbird-45.2-70.83.1 MozillaThunderbird-devel-45.2-70.83.1 MozillaThunderbird-translations-common-45.2-70.83.1 144736 - SuSE SLES 12 SP1 SUSE-SU-2016:1764-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-7566, CVE-2015-8550, CVE-2015-8551, CVE-2015-8552, CVE-2015-8709, CVE-2015-8785, CVE-2015-8812, CVE- 2015-8816, CVE-2016-0723, CVE-2016-2143, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2188, CVE-2016-2384, CVE-2016-2782, CVE-2016-3134, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3139, CVE-2016-3140, CVE-2016- 3156, CVE-2016-3689, CVE-2016-3707, CVE-2016-3951 Description The scan detected that the host is missing the following update: SUSE-SU-2016:1764-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-July/002150.html SuSE SLES 12 SP1 x86_64 kernel-rt-3.12.58-14.1 kernel-rt-debuginfo-3.12.58-14.1 kernel-rt-base-debuginfo-3.12.58-14.1 kernel-compute_debug-debuginfo-3.12.58-14.1 kernel-rt_debug-devel-3.12.58-14.1 kernel-compute-base-3.12.58-14.1 kernel-compute_debug-devel-debuginfo-3.12.58-14.1 kernel-rt-debugsource-3.12.58-14.1 kernel-compute-devel-3.12.58-14.1 kernel-rt-base-3.12.58-14.1 kernel-rt-devel-3.12.58-14.1 kernel-compute-base-debuginfo-3.12.58-14.1 kernel-compute-debuginfo-3.12.58-14.1 kernel-compute-debugsource-3.12.58-14.1 kernel-rt_debug-debugsource-3.12.58-14.1 kernel-compute_debug-debugsource-3.12.58-14.1 kernel-rt_debug-debuginfo-3.12.58-14.1 kernel-compute_debug-devel-3.12.58-14.1 kernel-rt_debug-devel-debuginfo-3.12.58-14.1 kernel-syms-rt-3.12.58-14.1 kernel-compute-3.12.58-14.1 noarch kernel-devel-rt-3.12.58-14.1 kernel-source-rt-3.12.58-14.1 144738 - SuSE SLES 11 SP4 SUSE-SU-2016:1785-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2014-3615, CVE-2014-3689, CVE-2014-9718, CVE-2015-3214, CVE-2015-5239, CVE-2015-5278, CVE-2015-5279, CVE- 2015-5745, CVE-2015-6855, CVE-2015-7295, CVE-2015-7549, CVE-2015-8504, CVE-2015-8558, CVE-2015-8613, CVE-2015-8619, CVE-2015-8743, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922, CVE-2016-1981, CVE-2016-2198, CVE-2016-2538, CVE-2016- 2841, CVE-2016-2857, CVE-2016-2858, CVE-2016-3710, CVE-2016-3712, CVE-2016-4001, CVE-2016-4002, CVE-2016-4020, CVE- 2016-4037, CVE-2016-4439, CVE-2016-4441 Description The scan detected that the host is missing the following update: SUSE-SU-2016:1785-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-July/002154.html SuSE SLES 11 SP4 i586 kvm-1.4.2-44.1 x86_64 kvm-1.4.2-44.1 144741 - SuSE Linux 13.2 openSUSE-SU-2016:1778-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1952, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1960, CVE- 2016-1961, CVE-2016-1964, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016- 2801, CVE-2016-2802, CVE-2016-2806, CVE-2016-2807, CVE-2016-2815, CVE-2016-2818 Description The scan detected that the host is missing the following update: openSUSE-SU-2016:1778-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-07/msg00038.html SuSE Linux 13.2 x86_64 MozillaThunderbird-translations-other-45.2-43.1 MozillaThunderbird-debuginfo-45.2-43.1 MozillaThunderbird-45.2-43.1 MozillaThunderbird-translations-common-45.2-43.1 MozillaThunderbird-debugsource-45.2-43.1 MozillaThunderbird-buildsymbols-45.2-43.1 MozillaThunderbird-devel-45.2-43.1 i586 MozillaThunderbird-translations-other-45.2-43.1 MozillaThunderbird-debuginfo-45.2-43.1 MozillaThunderbird-45.2-43.1 MozillaThunderbird-translations-common-45.2-43.1 MozillaThunderbird-debugsource-45.2-43.1 MozillaThunderbird-buildsymbols-45.2-43.1 MozillaThunderbird-devel-45.2-43.1 20317 - (SYM16-010) Symantec Endpoint Protection Multiple Vulnerabilities Category: Windows Host Assessment -> Anti-Virus Software (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-2207, CVE-2016-2209, CVE-2016-2210, CVE-2016-2211, CVE-2016-3644, CVE-2016-3645, CVE-2016-3646 Description Multiple vulnerabilities are present in some versions of Symantec Endpoint Protection. Observation Symantec Endpoint Protection is an all-in-one antivirus software. Multiple vulnerabilities are present in some versions of Symantec Endpoint Protection. The flaws lie in the Symantec Decomposer Engine. Successful exploitation could allow an attacker to cause a denial of service or perform remote code execution. 20327 - (HPSBGN03569) HPE OneView for VMware vCenter Information Disclosure Vulnerability Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2014-3566, CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842 Description Multiple vulnerabilities are present in some versions of HPE OneView for VMware vCenter. Observation HPE OneView for VMware vCenter manage HPE infrastructure using VMware solutions. Multiple vulnerabilities are present in some versions of HPE OneView for VMware vCenter. The flaws lie in OpenSSL. Successful exploitation could allow an attacker to retrieve sensitive data or cause a denial of service condition. 178200 - Gentoo Linux GLSA-201607-02 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2014-8964, CVE-2015-5073, CVE-2015-8380, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE- 2015-8386, CVE-2015-8387, CVE-2015-8388, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8392, CVE-2015-8393, CVE-2015-8394, CVE-2015-8395, CVE-2016-1283 Description The scan detected that the host is missing the following update: GLSA-201607-02 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201607-02 Affected packages: dev-libs/libpcre < 8.38-r1 185351 - Ubuntu Linux 12.04, 14.04, 15.10, 16.04 USN-3029-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2016-2834 Description The scan detected that the host is missing the following update: USN-3029-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-July/003496.html Ubuntu 12.04 libnss3_3.23-0ubuntu0.12.04.1 Ubuntu 16.04 libnss3_3.23-0ubuntu0.16.04.1 Ubuntu 15.10 libnss3_3.23-0ubuntu0.15.10.1 Ubuntu 14.04 libnss3_3.23-0ubuntu0.14.04.1 141220 - Red Hat Enterprise Linux RHSA-2016-1406 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-4565 Description The scan detected that the host is missing the following update: RHSA-2016-1406 Observation Updates often remediate critical security problems that should be quickly addressed.
Load more

Recommended publications
  • Mcafee Foundstone Fsl Update
    2016-OCT-13 FSL version 7.5.857 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 191256 - Fedora Linux 25 FEDORA-2016-81e5a36d8c Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-7116, CVE-2016-7161, CVE-2016-7777 Description The scan detected that the host is missing the following update: FEDORA-2016-81e5a36d8c Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3 Fedora Core 25 xen-4.7.0-6.fc25 130604 - Debian Linux 8.0 DSA-3688-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2015-4000, CVE-2015-7181, CVE-2015-7182, CVE-2015-7575, CVE-2016-1938, CVE-2016-1950, CVE-2016-1978, CVE- 2016-1979, CVE-2016-2834 Description The scan detected that the host is missing the following update: DSA-3688-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3688 Debian 8.0 all libnss3-tools_2:3.26-1+debu8u1 libnss3-1d_2:3.26-1+debu8u1 libnss3_2:3.26-1+debu8u1 libnss3-dbg_2:3.26-1+debu8u1 libnss3-dev_2:3.26-1+debu8u1 144916 - SuSE Linux 13.2 openSUSE-SU-2016:2496-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1669, CVE-2016-2178, CVE-2016-2183, CVE-2016-5325, CVE-2016-6304, CVE-2016-6306, CVE-2016-7052, CVE- 2016-7099 Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2496-1 Observation Updates often remediate critical security problems that should be quickly addressed.
    [Show full text]
  • Wrobel: "Gentoo Linux"
    Wrobel: Gentoo Linux Gunnar Wrobel: "Gentoo Linux" (http://creativecommons.org/licenses/by-sa/3.0/de/) Original Edition: Open Source Press (http://www.opensourcepress.de) Gunnar Wrobel: "Gentoo Linux" (http://creativecommons.org/licenses/by-sa/3.0/de/) Original Edition: Open Source Press (http://www.opensourcepress.de) Gunnar Wrobel Gentoo Linux Installation – Konfiguration – Administration Gunnar Wrobel: "Gentoo Linux" (http://creativecommons.org/licenses/by-sa/3.0/de/) Original Edition: Open Source Press (http://www.opensourcepress.de) Alle in diesem Buch enthaltenen Programme, Darstellungen und Informationen wurden nach bestem Wissen erstellt. Dennoch sind Fehler nicht ganz auszuschließen. Aus diesem Grunde sind die in dem vorliegenden Buch enthaltenen Informationen mit keiner Verpflichtung oder Garantie irgendeiner Art verbunden. Autor(en), Herausgeber, Übersetzer und Verlag übernehmen infolgedessen keine Verantwor- tung und werden keine daraus folgende Haftung übernehmen, die auf irgendeine Art aus der Benutzung dieser Informationen – oder Teilen davon – entsteht, auch nicht für die Verletzung von Patentrechten, die daraus resultieren können. Ebenso wenig übernehmen Autor(en) und Verlag die Gewähr dafür, dass die beschriebenen Verfahren usw. frei von Schutzrechten Dritter sind. Die in diesem Werk wiedergegebenen Gebrauchsnamen, Handelsnamen, Warenbezeichnungen usw. werden ohne Gewährleistung der freien Verwendbarkeit benutzt und können auch ohne besondere Kennzeichnung eingetragene Marken oder Warenzeichen sein und als solche den gesetzlichen
    [Show full text]
  • 20 Linux Server Hardening Security Tips - Nixcraft
    10/29/2014 20 Linux Server Hardening Security Tips - nixCraft About Contact us Forums Home Linux How-to & Tutorials Shell Scripts RSS/Feed nixCraft 20 Linux Server Hardening Security Tips by nixCraft on October 30, 2009 · 130 comments· LAST UPDATED January 25, 2014 in Debian Linux, fedora linux, Gentoo Linux Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system. Linux Server Hardening Checklist and Tips The following instructions assume that you are using CentOS/RHEL or Ubuntu/Debian based Linux distribution. #1: Encrypt Data Communication All data transmitted over a network is open to monitoring. Encrypt transmitted data whenever possible with password or using keys / certificates. 1. Use scp, ssh, rsync, or sftp for file transfer. You can also mount remote server file system or your own home directory using special sshfs and fuse tools. 2. GnuPG allows to encrypt and sign your data and communication, features a versatile key managment system as well as access modules for all kind of public key directories. 3. Fugu is a graphical frontend to the commandline Secure File Transfer application (SFTP). SFTP is similar to FTP, but unlike FTP, the entire session is encrypted, meaning no passwords are sent in cleartext form, and is thus much less vulnerable to third-party interception. Another option is FileZilla - a cross-platform client that supports FTP, FTP over SSL/TLS (FTPS), and SSH File Transfer Protocol (SFTP).
    [Show full text]
  • Mcafee Foundstone Fsl Update
    2016-NOV-03 FSL version 7.5.862 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 141313 - Red Hat Enterprise Linux RHSA-2016-2131 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-3492, CVE-2016-5612, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-6662, CVE- 2016-6663, CVE-2016-8283 Description The scan detected that the host is missing the following update: RHSA-2016-2131 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://rhn.redhat.com/errata/RHSA-2016-2131.html RHEL6_6S x86_64 mariadb55-mariadb-libs-5.5.53-1.el6 mariadb55-mariadb-bench-5.5.53-1.el6 mariadb55-mariadb-devel-5.5.53-1.el6 mariadb55-mariadb-5.5.53-1.el6 mariadb55-mariadb-debuginfo-5.5.53-1.el6 mariadb55-mariadb-test-5.5.53-1.el6 mariadb55-mariadb-server-5.5.53-1.el6 RHEL6S x86_64 mariadb55-mariadb-libs-5.5.53-1.el6 mariadb55-mariadb-bench-5.5.53-1.el6 mariadb55-mariadb-devel-5.5.53-1.el6 mariadb55-mariadb-5.5.53-1.el6 mariadb55-mariadb-debuginfo-5.5.53-1.el6 mariadb55-mariadb-test-5.5.53-1.el6 mariadb55-mariadb-server-5.5.53-1.el6 RHEL6WS x86_64 mariadb55-mariadb-libs-5.5.53-1.el6 mariadb55-mariadb-bench-5.5.53-1.el6 mariadb55-mariadb-devel-5.5.53-1.el6 mariadb55-mariadb-5.5.53-1.el6 mariadb55-mariadb-debuginfo-5.5.53-1.el6
    [Show full text]
  • Php-Pear Rpm Download
    Php-pear rpm download click here to download Package, Summary, Distribution, Download. www.doorway.ru, PEAR - PHP Extension and Application Repository, Mandriva for i, www.doorway.ru · www.doorway.ru, PEAR - PHP Extension and Application Repository, Mandriva Package, Summary, Distribution, Download. www.doorway.ru, PEAR: Database Abstraction Layer, Fedora 27 for sx, www.doorway.ru · www.doorway.ru, PEAR: Database Abstraction Layer, Fedora Rawhide for armhfp, www.doorway.ru Package, Summary, Distribution, Download. www.doorway.ru, Abstracted logging facility for PHP, Fedora 27 for sx, www.doorway.ru · www.doorway.ru, Abstracted logging facility for PHP, Fedora Rawhide for sx. Package, Summary, Distribution, Download. www.doorway.ru, Abstraction of various SASL mechanism responses, Fedora 27 for sx, www.doorway.ru · www.doorway.ru, Abstraction of various SASL mechanism responses, Fedora. Download phpphp-pear(PEAR) packages for CentOS, Fedora. Package name: php-pear. Package version: Package release: www.doorway.ru6. Package architecture: noarch. Package type: rpm. Installed size: MB. Download size: KB. Official Mirror: www.doorway.ru PEAR is a framework and distribution system for reusable PHP components. This package contains the basic. php-pear-DB - PEAR: Database Abstraction Layer. Distribution: CentOS 6. Repository: EPEL i Package name: php-pear-DB. Package version: Package release: www.doorway.ru6. Package architecture: noarch. Package type: rpm. Installed size: KB. Download size: KB. Official Mirror: www.doorway.ru php-pear-DB - PEAR: Database Abstraction Layer. Distribution: CentOS 7. Repository: EPEL x86_ Package name: php-pear-DB. Package version: Package release: www.doorway.ru7. Package architecture: noarch. Package type: rpm. Installed size: KB. Download size: KB.
    [Show full text]