Mcafee Foundstone Fsl Update

2018-APR-18 FSL version 7.6.18

MCAFEE FOUNDSTONE FSL UPDATE

To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.

NEW CHECKS

23333 - (CTX233832) Citrix XenServer Multiple Vulnerabilities

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-2107, CVE-2016-2108

Description Multiple vulnerabilities are present in some versions of Citrix XenServer.

Observation Citrix XenServer is a popular virtualization platform.

Multiple vulnerabilities are present in some versions of Citrix XenServer. The flaws lie in OpenSSL. Successful exploitation could allow an attacker to decrypt management traffic, execute arbitrary code or cause a denial of service.

163578 - Oracle Enterprise Linux ELSA-2018-1062 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2015-8539, CVE-2016-3672, CVE-2016-7913, CVE-2016-8399, CVE-2016-8633, CVE-2017-1000, CVE-2017-1000111, CVE-2017-1000112, CVE-2017-1000251, CVE-2017-1000252, CVE-2017-1000380, CVE-2017-1000407, CVE-2017-1000410, CVE- 2017-11176, CVE-2017-12154, CVE-2017-12188, CVE-2017-1219, CVE-2017-12190, CVE-2017-13166, CVE-2017-14106, CVE- 2017-14140, CVE-2017-15116, CVE-2017-15121, CVE-2017-15126, CVE-2017-15127, CVE-2017-15129, CVE-2017-15265, CVE- 2017-15649, CVE-2017-17053, CVE-2017-17448, CVE-2017-17449, CVE-2017-17558, CVE-2017-18017, CVE-2017-18203, CVE- 2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2017-7184, CVE-2017-7294, CVE-2017-7472, CVE-2017-7518, CVE-2017-7533, CVE-2017-7541, CVE-2017-7542, CVE-2017-7558, CVE-2017-8824, CVE-2017-9725, CVE-2018-1000004, CVE-2018-5750, CVE- 2018-6927

Description The scan detected that the host is missing the following update: ELSA-2018-1062

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007619.html

OEL7 x86_64 kernel-doc-3.10.0-862.el7 perf-3.10.0-862.el7 python-perf-3.10.0-862.el7 kernel-tools-libs-3.10.0-862.el7 kernel-debug-devel-3.10.0-862.el7 kernel-tools-libs-devel-3.10.0-862.el7 kernel-abi-whitelists-3.10.0-862.el7 kernel-debug-3.10.0-862.el7 kernel-devel-3.10.0-862.el7 kernel-3.10.0-862.el7 kernel-headers-3.10.0-862.el7 kernel-tools-3.10.0-862.el7

23327 - Mozilla Firefox Multiple Vulnerabilities Prior To 59.0.1

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5146, CVE-2018-5147

Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.

Observation Mozilla Firefox is a popular web browser.

Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system.

23328 - Mozilla Firefox Multiple Vulnerabilities Prior To 59.0.1

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5146, CVE-2018-5147

Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.

Observation Mozilla Firefox is a popular web browser.

23342 - Mozilla Thunderbird Multiple Vulnerabilities Prior To 52.7

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146

Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird.

Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client. Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow attackers to remotely execute arbitrary code or cause a denial of service condition on the target system.

23343 - Mozilla Thunderbird Multiple Vulnerabilities Prior To 52.7

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146

Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird.

Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client.

Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow attackers to remotely execute arbitrary code or cause a denial of service condition on the target system.

23431 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1029)

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-1029

Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.

The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.

23432 - (HT208697) Apple iCloud Vulnerabilities Prior To 7.4

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE- 2018-4121, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4130, CVE-2018-4144, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165

Description Multiple vulnerabilities are present in some versions of Apple iCloud.

Observation Apple iCloud is a manager for the Apple's cloud-based storage service.

Multiple vulnerabilities are present in some versions of Apple iCloud. The flaws lie in multiple components. Successful exploitation could allow an attacker to execute remote arbitrary code, cause a denial-of-service condition or lead to information disclosure.

23438 - Cisco IOS Software Smart Install Remote Code Execution Vulnerability Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0171

Description A vulnerability is present in some versions of Cisco IOS.

Observation Cisco IOS is an operating system used in Cisco devices.

A vulnerability is present in some versions of Cisco IOS. The flaw is due to improper handling of a crafted Smart Install message. Successful exploitation could allow a remote attacker to cause a denial of service or execute arbitrary code.

23451 - Cisco IOS Software Quality of Service Remote Code Execution Vulnerability

Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0151

Description A vulnerability is present in some versions of Cisco IOS.

Observation Cisco IOS is an operating system used in Cisco devices.

A vulnerability is present in some versions of Cisco IOS. The flaw lies in quality of service subsystem. Successful exploitation by an unauthenticated, remote attacker could result in execution of arbitrary code on the affected device with elevated privileges and cause a temporary denial of service condition.

139092 - Oracle Solaris 11.3.29.5.0 Update Is Not Installed (Third Party Components)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2015-7554, CVE-2015-7557, CVE-2015-7558, CVE-2016-2334, CVE-2016-2335, CVE-2016-4347, CVE-2016-4348, CVE- 2016-6163, CVE-2016-9296, CVE-2017-10965, CVE-2017-10966, CVE-2017-11464, CVE-2017-13726, CVE-2017-13727, CVE-2017- 15227, CVE-2017-15228, CVE-2017-15721, CVE-2017-15722, CVE-2017-15723, CVE-2017-17880, CVE-2017-2753, CVE-2017- 2885, CVE-2017-3142, CVE-2017-3143, CVE-2017-5884, CVE-2017-5885, CVE-2017-7829, CVE-2017-7845, CVE-2017-7846, CVE- 2017-7847, CVE-2017-7848, CVE-2017-9468, CVE-2017-9765, CVE-2018-2753, CVE-2018-2754, CVE-2018-5089, CVE-2018-5091, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018- 5104, CVE-2018-5117, CVE-2018-5205, CVE-2018-5206, CVE-2018-5207, CVE-2018-5208, CVE-2018-5334, CVE-2018-5335, CVE- 2018-5336

Description The scan detected that the host is missing the following update: SRU 11.3.29.5.0

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/rs?type=doc&id=2361795.1 https://support.oracle.com/epmos/faces/DocumentDisplay? _afrLoop=507462766511768&id=1448883.1&_afrWindowMode=0&_adf.ctrl-state=98kg3qcn0_33#aref_section26 141931 - Red Hat Enterprise Linux RHSA-2018-1119 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937

Description The scan detected that the host is missing the following update: RHSA-2018-1119

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-April/msg00031.html

RHEL6D x86_64 flash-plugin-29.0.0.140-1.el6_9 i386 flash-plugin-29.0.0.140-1.el6_9

RHEL6S x86_64 flash-plugin-29.0.0.140-1.el6_9 i386 flash-plugin-29.0.0.140-1.el6_9

RHEL6WS x86_64 flash-plugin-29.0.0.140-1.el6_9 i386 flash-plugin-29.0.0.140-1.el6_9

23330 - Mozilla Firefox ESR Vulnerability Prior To ESR 52.7.3

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5148

Description A vulnerability is present in some versions of Mozilla Firefox ESR.

Observation Mozilla Firefox ESR is a popular web browser.

A vulnerability is present in some versions of Mozilla Firefox ESR. The flaw lies in the graphics processing component. Successful exploitation could allow an attacker to cause a denial of service condition.

23331 - Mozilla Firefox ESR Vulnerability Prior To ESR 52.7.3

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5148

Description A vulnerability is present in some versions of Mozilla Firefox ESR.

Observation Mozilla Firefox ESR is a popular web browser.

23400 - Mozilla Firefox Vulnerability Prior To 59.0.2

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5148

Description A vulnerability is present in some versions of Mozilla Firefox.

Observation Mozilla Firefox is a popular web browser.

A vulnerability is present in some versions of Mozilla Firefox. The flaw lies in the compositor component. Successful exploitation could allow an attacker to cause a denial-of-service.

23401 - Mozilla Firefox Vulnerability Prior To 59.0.2

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5148

Description A vulnerability is present in some versions of Mozilla Firefox.

Observation Mozilla Firefox is a popular web browser.

A vulnerability is present in some versions of Mozilla Firefox. The flaw lies in the compositor component. Successful exploitation could allow an attacker to cause a denial-of-service.

23433 - Cisco IOS Software Bidirectional Forwarding Detection Denial Of Service Vulnerability (sa-20180328-bfd)

Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0155

Description A denial of service vulnerability is present in some versions of Cisco IOS. Observation Cisco IOS is an operating system used in Cisco devices.

A denial of service vulnerability is present in some versions of Cisco IOS. The flaw is related to the Bidirectional Forwarding Detection feature. Successful exploitation by an attacker could result in a denial-of-service condition.

23453 - Oracle Java SE Critical Patch Update April 2018

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-2783, CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE- 2018-2799, CVE-2018-2800, CVE-2018-2811, CVE-2018-2814, CVE-2018-2815, CVE-2018-2825, CVE-2018-2826

Description Multiple vulnerabilities are present in some versions of Oracle Java SE.

Observation Oracle Java SE is used to run Java applications.

Multiple vulnerabilities are present in some versions of Oracle Java SE. The flaws lie in multiple components. Successful exploitation could allow an attacker to remotely execute code on the target system and cause a denial of service condition.

193565 - Fedora Linux 26 FEDORA-2018-4ca01704a2 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-1000111, CVE-2017-1000112, CVE-2017-1000251, CVE-2017-1000255, CVE-2017-1000405, CVE-2017-10810, CVE-2017-12134, CVE-2017-12153, CVE-2017-12154, CVE-2017-12190, CVE-2017-12193, CVE-2017-13693, CVE-2017-13694, CVE-2017-13695, CVE-2017-14051, CVE-2017-14497, CVE-2017-14954, CVE-2017-15115, CVE-2017-15265, CVE-2017-16532, CVE-2017-16538, CVE-2017-16644, CVE-2017-16647, CVE-2017-16649, CVE-2017-16650, CVE-2017-17448, CVE-2017-17449, CVE-2017-17450, CVE-2017-17558, CVE-2017-17712, CVE-2017-17741, CVE-2017-17852, CVE-2017-17853, CVE-2017-17854, CVE-2017-17855, CVE-2017-17856, CVE-2017-17857, CVE-2017-17862, CVE-2017-17863, CVE-2017-17864, CVE-2017-18232, CVE-2017-5123, CVE-2017-7533, CVE-2017-7558, CVE-2017-8824, CVE-2018-1000004, CVE-2018-1000026, CVE-2018-10021, CVE-2018-1065, CVE-2018-5332, CVE-2018-5333, CVE-2018-5344, CVE-2018-5750, CVE-2018-5803, CVE-2018-7757, CVE-2018- 7995, CVE-2018-8043

Description The scan detected that the host is missing the following update: FEDORA-2018-4ca01704a2

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=1

Fedora Core 26 kernel-4.15.17-200.fc26

23411 - (VMSA-2018-0008) VMware Workstation Player 14.X Denial Of Service Vulnerability

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-6957

Description A denial of service vulnerability is present in some versions of VMware Workstation Player.

Observation VMware Workstation Player is a virtualization software.

A denial of service vulnerability is present in some versions of VMware Workstation Player. The flaw lies in the VNC component. Successful exploitation could allow an attacker to cause a denial of service condition on the target system.

23414 - (HPESBUX03747) HP-UX BIND Remote Denial of Service Vulnerabilities

Category: SSH Module -> NonIntrusive -> HP-UX Patches and Hotfixes Risk Level: High CVE: CVE-2017-3135, CVE-2017-3136

Description Multiple vulnerabilities are present in some versions of HP-UX.

Observation HP-UX is a Unix-based operating system.

Multiple vulnerabilities are present in some versions of HP-UX. The flaws lie in the BIND component. Successful exploitation could allow an attacker to cause a denial of service.

23415 - Cisco IOS Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability

Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0172

Description A vulnerability is present in some versions of Cisco IOS.

Observation Cisco IOS is an operating system used in Cisco devices.

A vulnerability is present in some versions of Cisco IOS. The flaw is due to improper handling of DHCP Version 4 packets. Successful exploitation could allow a remote attacker to cause a denial of service.

23420 - (HT208695) Apple Safari Vulnerabilities Prior To 11.1

Category: SSH Module -> NonIntrusive -> Mac OS X Patches and Hotfixes Risk Level: High CVE: CVE-2018-4101, CVE-2018-4102, CVE-2018-4113, CVE-2018-4114, CVE-2018-4116, CVE-2018-4117, CVE-2018-4118, CVE- 2018-4119, CVE-2018-4120, CVE-2018-4121, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4130, CVE-2018-4133, CVE-2018-4137, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018- 4165

Description Multiple vulnerabilities are present in some versions of Apple Safari. Observation Apple Safari is a popular web browser.

Multiple vulnerabilities are present in some versions of Apple Safari. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a spoofing attack, obtain sensitive information, cause a denial of service condition and may lead to other attacks.

23421 - Cisco IOS Software DHCP Version 4 Relay Denial of Service Vulnerability

Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0174

Description A denial of service vulnerability is present in some versions of Cisco IOS.

Observation Cisco IOS is an operating system used in Cisco devices.

A denial of service vulnerability is present in some versions of Cisco IOS. The flaw is due to improper handling of DHCP Version 4 packets. Successful exploitation could allow a remote attacker to cause a denial of service.

23427 - (HT208692) Apple macOS Multiple Vulnerabilities Prior To 10.13.4

Category: SSH Module -> NonIntrusive -> Mac OS X Patches and Hotfixes Risk Level: High CVE: CVE-2017-13890, CVE-2017-8816, CVE-2018-4104, CVE-2018-4105, CVE-2018-4106, CVE-2018-4107, CVE-2018-4108, CVE-2018-4111, CVE-2018-4112, CVE-2018-4115, CVE-2018-4131, CVE-2018-4132, CVE-2018-4135, CVE-2018-4136, CVE-2018- 4138, CVE-2018-4139, CVE-2018-4142, CVE-2018-4143, CVE-2018-4144, CVE-2018-4150, CVE-2018-4151, CVE-2018-4152, CVE- 2018-4154, CVE-2018-4155, CVE-2018-4156, CVE-2018-4157, CVE-2018-4158, CVE-2018-4160, CVE-2018-4166, CVE-2018-4167, CVE-2018-4170, CVE-2018-4173, CVE-2018-4174, CVE-2018-4175, CVE-2018-4176, CVE-2018-4179

Description Multiple vulnerabilities are present in some versions of Apple macOS.

Observation Apple macOS is the operating system developed by Apple.

Multiple vulnerabilities are present in some versions of Apple macOS. The flaws lie in several components. Successful exploitation could allow an attacker to retrieve sensitive data, escalate privileges, cause a denial of service condition or remotely execute arbitrary code on the target system.

23429 - Cisco IOS Software Integrated Services Module for VPN Denial of Service Vulnerability

Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0154

Description A vulnerability is present in some versions of Cisco IOS.

Observation Cisco IOS is an operating system used in Cisco devices.

A vulnerability is present in some versions of Cisco IOS. The flaw lies in crypto engine of the Cisco Integrated Services Module for VPN. Successful exploitation by an attacker could result in a denial-of-service condition.

23435 - Wireshark Multiple Vulnerabilities Prior To 2.2.14

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-MAP-NOMATCH

Description Multiple vulnerabilities are present in some versions of Wireshark.

Observation Wireshark is a tool that is used to analyze the network protocol and traffic.

Multiple vulnerabilities are present in some versions of Wireshark. The flaws lie in multiple dissectors. Successful exploitation could allow an attacker to cause a denial of service condition.

23442 - Cisco IOS Software SNMP GET MIB Object ID Denial Of Service Vulnerability (sa-20180328-snmp)

Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0161

Description A denial of service vulnerability is present in some versions of Cisco IOS.

Observation Cisco IOS is an operating system used in Cisco devices.

A denial of service vulnerability is present in some versions of Cisco IOS. The flaw lies in the SNMP subsystem. Successful exploitation by an attacker could result in a denial-of-service condition.

132446 - Oracle VM OVMSA-2018-0033 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2017-17052, CVE-2017-7518

Description The scan detected that the host is missing the following update: OVMSA-2018-0033

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/oraclevm-errata/2018-April/000842.html

OVM3.4 x86_64 kernel-uek-firmware-4.1.12-112.16.7.el6uek kernel-uek-4.1.12-112.16.7.el6uek

139091 - Oracle Solaris 11.3.30.4.0 Update Is Not Installed (Third Party Components)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2017-3144, CVE-2017-3145, CVE-2018-2763, CVE-2018-2764, CVE-2018-2808, CVE-2018-6836, CVE-2018-7320, CVE- 2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333, CVE-2018-7334, CVE-2018-7335, CVE-2018- 7336, CVE-2018-7337, CVE-2018-7417, CVE-2018-7418, CVE-2018-7419, CVE-2018-7420, CVE-2018-7421

Description The scan detected that the host is missing the following update: SRU 11.3.30.4.0

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/rs?type=doc&id=2373752.1 https://support.oracle.com/epmos/faces/DocumentDisplay? _afrLoop=507462766511768&id=1448883.1&_afrWindowMode=0&_adf.ctrl-state=98kg3qcn0_33#aref_section26

139093 - Oracle Solaris 11.3.31.6.0 Update Is Not Installed (Third Party Components)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2015-1315, CVE-2016-10397, CVE-2016-1245, CVE-2016-1283, CVE-2017-1000158, CVE-2017-11142, CVE-2017- 11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11146, CVE-2017-11147, CVE-2017-12932, CVE-2017-15706, CVE-2017- 16227, CVE-2017-16611, CVE-2017-16612, CVE-2017-16642, CVE-2017-17784, CVE-2017-17789, CVE-2017-3735, CVE-2017- 3736, CVE-2017-3737, CVE-2017-3738, CVE-2017-5581, CVE-2017-5753, CVE-2017-7392, CVE-2017-7393, CVE-2017-7394, CVE- 2017-7395, CVE-2017-7396, CVE-2017-7890, CVE-2018-1000007, CVE-2018-1000031, CVE-2018-1000032, CVE-2018-1000033, CVE-2018-1000034, CVE-2018-1000035, CVE-2018-1304, CVE-2018-1305, CVE-2018-2562, CVE-2018-2573, CVE-2018-2583, CVE-2018-2590, CVE-2018-2591, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2647, CVE-2018- 2665, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703, CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE- 2018-5131, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146, CVE-2018-5148, CVE-2018-5378, CVE-2018-5379, CVE-2018-5381, CVE-2018-5711, CVE-2018-5712, CVE-2018-5732, CVE-2018-5733, CVE-2018-7050, CVE-2018-7051, CVE-2018-7052, CVE-2018- 7053, CVE-2018-7054, CVE-2018-7170, CVE-2018-7182, CVE-2018-7183, CVE-2018-7184, CVE-2018-7185, CVE-2018-7584

Description The scan detected that the host is missing the following update: SRU 11.3.31.6.0

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/rs?type=doc&id=2385753.1 https://support.oracle.com/epmos/faces/DocumentDisplay? _afrLoop=507462766511768&id=1448883.1&_afrWindowMode=0&_adf.ctrl-state=98kg3qcn0_33#aref_section26

141932 - Red Hat Enterprise Linux RHSA-2018-1124 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750

Description The scan detected that the host is missing the following update: RHSA-2018-1124

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-April/msg00033.html

RHEL6D noarch python-paramiko-1.7.5-4.el6_9

RHEL6S noarch python-paramiko-1.7.5-4.el6_9

RHEL6WS noarch python-paramiko-1.7.5-4.el6_9

141933 - Red Hat Enterprise Linux RHSA-2018-1125 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750

Description The scan detected that the host is missing the following update: RHSA-2018-1125

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-April/msg00032.html

RHEL6_7S noarch python-paramiko-1.7.5-4.el6_7

RHEL6_6S noarch python-paramiko-1.7.5-4.el6_6

RHEL6_5S noarch python-paramiko-1.7.5-4.el6_5

RHEL6_4S noarch python-paramiko-1.7.5-4.el6_4

146596 - SuSE Linux 42.3 openSUSE-SU-2018:0965-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000164

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0965-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00040.html

SuSE Linux 42.3 noarch python-gunicorn-doc-19.3.0-4.3.1 python3-gunicorn-19.3.0-5.3.1 python-gunicorn-19.3.0-4.3.1 python3-gunicorn-doc-19.3.0-5.3.1

146597 - SuSE Linux 42.3 openSUSE-SU-2018:0967-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-7158, CVE-2018-7159

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0967-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00042.html

SuSE Linux 42.3 i586 nodejs4-debuginfo-4.9.1-14.1 nodejs4-4.9.1-14.1 nodejs4-devel-4.9.1-14.1 nodejs4-debugsource-4.9.1-14.1 npm4-4.9.1-14.1 noarch nodejs4-docs-4.9.1-14.1 x86_64 nodejs4-debuginfo-4.9.1-14.1 nodejs4-4.9.1-14.1 nodejs4-devel-4.9.1-14.1 nodejs4-debugsource-4.9.1-14.1 npm4-4.9.1-14.1

146598 - SuSE Linux 42.3 openSUSE-SU-2018:0970-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1549, CVE-2018-7170, CVE-2018-7182, CVE-2018-7183, CVE-2018-7184, CVE-2018-7185

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0970-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00045.html

SuSE Linux 42.3 x86_64 ntp-debuginfo-4.2.8p11-31.3.1 ntp-debugsource-4.2.8p11-31.3.1 ntp-doc-4.2.8p11-31.3.1 ntp-4.2.8p11-31.3.1 i586 ntp-debuginfo-4.2.8p11-31.3.1 ntp-debugsource-4.2.8p11-31.3.1 ntp-doc-4.2.8p11-31.3.1 ntp-4.2.8p11-31.3.1

146601 - SuSE SLES 12 SP2, 12 SP3, SLED 12 SP2, 12 SP3 SUSE-SU-2018:0925-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-0739

Description The scan detected that the host is missing the following update: SUSE-SU-2018:0925-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003886.html

SuSE SLES 12 SP2 noarch openssl-doc-1.0.2j-60.24.1 x86_64 openssl-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.24.1 libopenssl-devel-1.0.2j-60.24.1 libopenssl1_0_0-hmac-1.0.2j-60.24.1 openssl-debugsource-1.0.2j-60.24.1 libopenssl1_0_0-32bit-1.0.2j-60.24.1 openssl-1.0.2j-60.24.1 libopenssl1_0_0-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.24.1

SuSE SLED 12 SP3 x86_64 openssl-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-1.0.2j-60.24.1 libopenssl-devel-1.0.2j-60.24.1 openssl-1.0.2j-60.24.1 openssl-debugsource-1.0.2j-60.24.1 libopenssl1_0_0-32bit-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.24.1 libopenssl1_0_0-1.0.2j-60.24.1

SuSE SLED 12 SP2 x86_64 openssl-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-1.0.2j-60.24.1 libopenssl-devel-1.0.2j-60.24.1 openssl-1.0.2j-60.24.1 openssl-debugsource-1.0.2j-60.24.1 libopenssl1_0_0-32bit-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.24.1 libopenssl1_0_0-1.0.2j-60.24.1

SuSE SLES 12 SP3 noarch openssl-doc-1.0.2j-60.24.1 x86_64 openssl-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.24.1 libopenssl-devel-1.0.2j-60.24.1 libopenssl1_0_0-hmac-1.0.2j-60.24.1 openssl-debugsource-1.0.2j-60.24.1 libopenssl1_0_0-32bit-1.0.2j-60.24.1 openssl-1.0.2j-60.24.1 libopenssl1_0_0-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.24.1

146605 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0956-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1549, CVE-2018-7170, CVE-2018-7182, CVE-2018-7183, CVE-2018-7184, CVE-2018-7185

Description The scan detected that the host is missing the following update: SUSE-SU-2018:0956-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003894.html

SuSE SLED 12 SP3 x86_64 ntp-debugsource-4.2.8p11-64.3.2 ntp-4.2.8p11-64.3.2 ntp-debuginfo-4.2.8p11-64.3.2 ntp-doc-4.2.8p11-64.3.2

SuSE SLES 12 SP3 x86_64 ntp-debugsource-4.2.8p11-64.3.2 ntp-4.2.8p11-64.3.2 ntp-debuginfo-4.2.8p11-64.3.2 ntp-doc-4.2.8p11-64.3.2

146607 - SuSE Linux 42.3 openSUSE-SU-2018:0936-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-0739

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0936-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00027.html

SuSE Linux 42.3 i586 openssl-debuginfo-1.0.2j-19.1 openssl-1.0.2j-19.1 openssl-cavs-1.0.2j-19.1 libopenssl1_0_0-1.0.2j-19.1 libopenssl1_0_0-hmac-1.0.2j-19.1 openssl-cavs-debuginfo-1.0.2j-19.1 libopenssl-devel-1.0.2j-19.1 libopenssl1_0_0-debuginfo-1.0.2j-19.1 openssl-debugsource-1.0.2j-19.1 noarch openssl-doc-1.0.2j-19.1 x86_64 libopenssl-devel-32bit-1.0.2j-19.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-19.1 libopenssl-devel-1.0.2j-19.1 libopenssl1_0_0-1.0.2j-19.1 openssl-debuginfo-1.0.2j-19.1 libopenssl1_0_0-32bit-1.0.2j-19.1 openssl-debugsource-1.0.2j-19.1 libopenssl1_0_0-hmac-1.0.2j-19.1 libopenssl1_0_0-hmac-32bit-1.0.2j-19.1 libopenssl1_0_0-debuginfo-1.0.2j-19.1 openssl-cavs-1.0.2j-19.1 openssl-1.0.2j-19.1 openssl-cavs-debuginfo-1.0.2j-19.1

163573 - Oracle Enterprise Linux ELSA-2018-1098 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-5148

Description The scan detected that the host is missing the following update: ELSA-2018-1098

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007607.html

OEL6 x86_64 firefox-52.7.3-1.0.1.el6_9 i386 firefox-52.7.3-1.0.1.el6_9

163575 - Oracle Enterprise Linux ELSA-2018-0805 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2014-9402, CVE-2015-5180, CVE-2016-3706, CVE-2017-1213, CVE-2017-12132, CVE-2017-15670, CVE-2017-15804, CVE-2018-1000001

Description The scan detected that the host is missing the following update: ELSA-2018-0805

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007611.html

OEL7 x86_64 glibc-static-2.17-222.el7 glibc-2.17-222.el7 nscd-2.17-222.el7 glibc-headers-2.17-222.el7 glibc-devel-2.17-222.el7 glibc-common-2.17-222.el7 glibc-utils-2.17-222.el7 163576 - Oracle Enterprise Linux ELSA-2018-0855 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-7426, CVE-2016-7429, CVE-2016-7433, CVE-2016-9310, CVE-2016-9311, CVE-2017-6462, CVE-2017-6463, CVE- 2017-6464

Description The scan detected that the host is missing the following update: ELSA-2018-0855

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007616.html

OEL7 x86_64 ntpdate-4.2.6p5-28.el7 sntp-4.2.6p5-28.el7 ntp-4.2.6p5-28.el7 ntp-perl-4.2.6p5-28.el7 ntp-doc-4.2.6p5-28.el7

163580 - Oracle Enterprise Linux ELSA-2018-1124 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750

Description The scan detected that the host is missing the following update: ELSA-2018-1124

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007608.html

OEL6 x86_64 python-paramiko-1.7.5-4.el6_9 i386 python-paramiko-1.7.5-4.el6_9

163582 - Oracle Enterprise Linux ELSA-2018-4062 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-17052, CVE-2017-7518

Description The scan detected that the host is missing the following update: ELSA-2018-4062

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007604.html http://oss.oracle.com/pipermail/el-errata/2018-April/007605.html

OEL7 x86_64 kernel-uek-firmware-4.1.12-112.16.7.el7uek kernel-uek-doc-4.1.12-112.16.7.el7uek kernel-uek-debug-devel-4.1.12-112.16.7.el7uek kernel-uek-4.1.12-112.16.7.el7uek kernel-uek-debug-4.1.12-112.16.7.el7uek kernel-uek-devel-4.1.12-112.16.7.el7uek

OEL6 x86_64 kernel-uek-debug-4.1.12-112.16.7.el6uek kernel-uek-debug-devel-4.1.12-112.16.7.el6uek kernel-uek-firmware-4.1.12-112.16.7.el6uek kernel-uek-4.1.12-112.16.7.el6uek kernel-uek-doc-4.1.12-112.16.7.el6uek kernel-uek-devel-4.1.12-112.16.7.el6uek

163584 - Oracle Enterprise Linux ELSA-2018-0816 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-10664, CVE-2017-13672, CVE-2017-13711, CVE-2017-14167, CVE-2017-15124, CVE-2017-15268, CVE-2017- 15289, CVE-2017-5715, CVE-2018-5683

Description The scan detected that the host is missing the following update: ELSA-2018-0816

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007614.html

OEL7 x86_64 qemu-kvm-1.5.3-156.el7 qemu-kvm-common-1.5.3-156.el7 qemu-kvm-tools-1.5.3-156.el7 qemu-img-1.5.3-156.el7

175348 - Scientific Linux Security ERRATA Critical: python-paramiko on SL6.x (noarch) (1804-1576)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2018-7750

Description The scan detected that the host is missing the following update: Security ERRATA Critical: python-paramiko on SL6.x (noarch) (1804-1576)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1804&L=scientific-linux-errata&F=&S=&P=1576

SL6 noarch python-paramiko-1.7.5-4.el6_9

175349 - Scientific Linux Security ERRATA Important: firefox on SL6.x i386/x86_64 (1804-1250)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2018-5148

Description The scan detected that the host is missing the following update: Security ERRATA Important: firefox on SL6.x i386/x86_64 (1804-1250)

SL6 x86_64 firefox-debuginfo-52.7.3-1.el6_9 firefox-52.7.3-1.el6_9 i386 firefox-debuginfo-52.7.3-1.el6_9 firefox-52.7.3-1.el6_9

178614 - Gentoo Linux GLSA-201804-11 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: GLSA-201804-11

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-11

Affected packages: www-plugins/adobe-flash < 29.0.0.140

182672 - FreeBSD ipsec-tools Remotely Exploitable Computational-complexity Attack (974a6d32-3fda-11e8-aea4- 001b216d295b)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2016-10396

Description The scan detected that the host is missing the following update: ipsec-tools -- remotely exploitable computational-complexity attack (974a6d32-3fda-11e8-aea4-001b216d295b)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/974a6d32-3fda-11e8-aea4-001b216d295b.html

Affected packages: ipsec-tools < 0.8.2_3

193569 - Fedora Linux 27 FEDORA-2018-e38f759144 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7753

Description The scan detected that the host is missing the following update: FEDORA-2018-e38f759144

Fedora Core 27 python-bleach-2.1.3-1.fc27

193573 - Fedora Linux 28 FEDORA-2018-bfdad62cd6 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-17997, CVE-2017-6014, CVE-2017-9616, CVE-2017-9617, CVE-2017-9766, CVE-2018-5334, CVE-2018-5335, CVE-2018-6836, CVE-2018-7320, CVE-2018-7334, CVE-2018-7335, CVE-2018-7336, CVE-2018-7337, CVE-2018-7417, CVE-2018- 7418, CVE-2018-7419, CVE-2018-7420

Description The scan detected that the host is missing the following update: FEDORA-2018-bfdad62cd6

Fedora Core 28 wireshark-2.4.5-3.fc28

193581 - Fedora Linux 27 FEDORA-2018-1e033dc308 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-1000405, CVE-2017-12193, CVE-2017-15115, CVE-2017-16532, CVE-2017-16538, CVE-2017-16644, CVE-2017- 16647, CVE-2017-16649, CVE-2017-16650, CVE-2017-17448, CVE-2017-17449, CVE-2017-17450, CVE-2017-17558, CVE-2017- 17712, CVE-2017-17741, CVE-2017-17852, CVE-2017-17853, CVE-2017-17854, CVE-2017-17855, CVE-2017-17856, CVE-2017- 17857, CVE-2017-17862, CVE-2017-17863, CVE-2017-17864, CVE-2017-18232, CVE-2017-8824, CVE-2018-1000004, CVE-2018- 1000026, CVE-2018-10021, CVE-2018-1065, CVE-2018-5332, CVE-2018-5333, CVE-2018-5344, CVE-2018-5750, CVE-2018-5803, CVE-2018-7757, CVE-2018-7995, CVE-2018-8043

Description The scan detected that the host is missing the following update: FEDORA-2018-1e033dc308

Fedora Core 27 kernel-4.15.17-300.fc27

23326 - Pulse Secure Linux Client SSL Certificates Validation Vulnerability

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2018-6374

Description A vulnerability is present in some versions of Pulse Secure Linux Client.

Observation Pulse Secure is an SSL VPN solution.

A vulnerability is present in some versions of Pulse Secure Linux Client. The flaw lies in the WebKit component. Successful exploitation by a remote attacker could bypass security restrictions and modify information given by user.

23329 - PostgreSQL Vulnerability (Mar 2018) Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1058

Description A vulnerability is present in some versions of PostgreSQL.

Observation PostgreSQL is an open-source object-relational database management system.

A vulnerability is present in some versions of PostgreSQL. The flaw is due to uncontrolled search path element. Successful exploitation could allow an attacker to execute code on the target.

23440 - (APSB18-13) Vulnerabilities In Adobe Digital Editions

Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-4925, CVE-2018-4926

Description Multiple vulnerabilities are present in some versions of Adobe Digital Editions.

Observation Adobe Digital Editions is the Adobe's eBook reader software.

Multiple vulnerabilities are present in some versions of Adobe Digital Editions. The flaws lie in multiple components. Successful exploitation could allow an attacker to obtain sensitive information.

23441 - (APSB18-13) Vulnerabilities In Adobe Digital Editions

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2018-4925, CVE-2018-4926

Description Multiple vulnerabilities are present in some versions of Adobe Digital Editions.

Observation Adobe Digital Editions is the Adobe's eBook reader software.

Multiple vulnerabilities are present in some versions of Adobe Digital Editions. The flaws lie in multiple components. Successful exploitation could allow an attacker to obtain sensitive information.

131079 - Debian Linux 9.0 DSA-4173-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-12110, CVE-2017-12111, CVE-2017-2896, CVE-2017-2897, CVE-2017-2919

Description The scan detected that the host is missing the following update: DSA-4173-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4173

Debian 9.0 all r-cran-readxl_0.1.1-1+deb9u1

182674 - FreeBSD freeimage Code Execution Vulnerability (5b1631dc-eafd-11e6-9ac1-a4badb2f4699)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-5684

Description The scan detected that the host is missing the following update: freeimage -- code execution vulnerability (5b1631dc-eafd-11e6-9ac1-a4badb2f4699)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/5b1631dc-eafd-11e6-9ac1-a4badb2f4699.html

Affected packages: freeimage < 3.16.0_4

193567 - Fedora Linux 27 FEDORA-2018-1b3a73b45f Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-14731, CVE-2017-2816, CVE-2017-2920

Description The scan detected that the host is missing the following update: FEDORA-2018-1b3a73b45f

Fedora Core 27 libofx-0.9.10-5.fc27

193580 - Fedora Linux 26 FEDORA-2018-4a2b875d6b Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-14731, CVE-2017-2816, CVE-2017-2920

Description The scan detected that the host is missing the following update: FEDORA-2018-4a2b875d6b

Fedora Core 26 libofx-0.9.10-5.fc26

23315 - (K82570157) F5 BIG-IP NTP Vulnerability

Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2018-7170

Description A vulnerability is present in some versions of F5's BIG-IP products.

Observation F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.

A vulnerability is present in some versions of F5's BIG-IP products. The flaw lies in the NTPD component. Successful exploitation could allow attackers to bypass certain security restrictions and modify victim's clock via a Sybil attack.

23335 - (VMSA-2018-0004) VMware Workstation Pro Speculative Execution Vulnerability

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-5715

Description A vulnerability is present in some versions of VMware Workstation Pro.

Observation VMware Workstation is a virtualization software.

A vulnerability is present in some versions of VMware Workstation Pro. The flaw relates to speculative execution side-channel attacks. Successful exploitation could allow an attacker to obtain sensitive information.

23393 - Apache HTTP Server Vulnerability Prior To 2.4.30

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-15710, CVE-2017-15715, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312

Description Multiple vulnerabilities are present in some versions of Apache HTTP Server.

Observation Apache HTTP Server is an open source web server.

Multiple vulnerabilities are present in some versions of Apache HTTP Server. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a denial of service condition.

23412 - (VMSA-2018-0004) VMware Fusion Speculative Execution Vulnerability

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2017-5715

Description An information disclosure vulnerability is present in some versions of VMware Fusion.

Observation VMware Fusion is a popular virtualization platform.

An information disclosure vulnerability is present in some versions of VMware Fusion. The flaw is related with the new speculative- execution control mechanism for virtual machines. Successful exploitation could allow an attacker to retrieve sensitive data from the target system.

23413 - (K01043241) F5 BIG-IP Linux kernel Vulnerability

Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2017-17448

Description A vulnerability is present in some versions of F5 BIG-IP products.

Observation F5's BIG-IP products are network appliances that run F5's Traffic Management Operating System.

A vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in Linux kernel. Successful exploitation could allow attackers to bypass certain security restrictions and perform unauthorized actions.

23428 - IBM WebSphere Portal Cross-Site Scripting Vulnerability (swg22015317)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1483

Description A cross-site-scripting vulnerability is present in some versions of IBM WebSphere Portal.

Observation IBM WebSphere Portal is a set of software tools that is used to build and manage web portals.

A cross-site-scripting vulnerability is present in some versions of IBM WebSphere Portal. The flaw lies in Web UI. Successful exploitation could allow an attacker to embed arbitrary JavaScript code in the web-based user interface.

23439 - (K32485746) F5 BIG-IP OpenSSH Vulnerability

Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2016-10708

Description A vulnerability is present in some versions of F5 BIG-IP products.

Observation F5's BIG-IP products are network appliances that run F5's Traffic Management Operating System.

A vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in OpenSSH. Successful exploitation could allow remote attackers to cause a denial of service.

23449 - WordPress Simple Fields Plugin File Inclusion Vulnerability

Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-MAP-NOMATCH

Description A vulnerability is present in some versions of Simple Fields WordPress plugin.

Observation Simple Fields is an old WordPress plugin which is not actively developed anymore.

A vulnerability is present in some versions of Simple Fields WordPress plugin. The flaw is due to improper handling of 'wp_abspath' parameter. Successful exploitation could allow an attacker to obtain sensitive information and execute arbitrary code.

146609 - SuSE Linux 42.3 openSUSE-SU-2018:0968-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1000115

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0968-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00043.html

SuSE Linux 42.3 x86_64 memcached-debugsource-1.4.39-11.6.1 memcached-1.4.39-11.6.1 memcached-devel-1.4.39-11.6.1 memcached-debuginfo-1.4.39-11.6.1 i586 memcached-debugsource-1.4.39-11.6.1 memcached-1.4.39-11.6.1 memcached-devel-1.4.39-11.6.1 memcached-debuginfo-1.4.39-11.6.1

146610 - SuSE SLES 12 SP3 SUSE-SU-2018:0955-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1000115

Description The scan detected that the host is missing the following update: SUSE-SU-2018:0955-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003893.html

SuSE SLES 12 SP3 x86_64 memcached-debuginfo-1.4.39-4.6.1 memcached-debugsource-1.4.39-4.6.1 memcached-1.4.39-4.6.1

163574 - Oracle Enterprise Linux ELSA-2018-0980 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-15906

Description The scan detected that the host is missing the following update: ELSA-2018-0980

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007617.html

OEL7 x86_64 openssh-clients-7.4p1-16.el7 pam_ssh_agent_auth-0.10.3-2.16.el7 openssh-7.4p1-16.el7 openssh-askpass-7.4p1-16.el7 openssh-ldap-7.4p1-16.el7 openssh-cavs-7.4p1-16.el7 openssh-keycat-7.4p1-16.el7 openssh-server-sysvinit-7.4p1-16.el7 openssh-server-7.4p1-16.el7

178613 - Gentoo Linux GLSA-201804-12 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: GLSA-201804-12

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-12

Affected packages: dev-lang/go < 1.10.1

178615 - Gentoo Linux GLSA-201804-13 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: GLSA-201804-13

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-13

Affected packages: sys-libs/ncurses < 6.1

178616 - Gentoo Linux GLSA-201804-15 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: GLSA-201804-15

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-15

Affected packages: app-text/evince < 3.24.2-r1

178617 - Gentoo Linux GLSA-201804-14 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: GLSA-201804-14

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-14

Affected packages: x11-libs/gdk-pixbuf < 2.36.11

186177 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3625-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8853, CVE-2016-6185, CVE-2017-6512, CVE-2018-6797, CVE-2018-6798, CVE-2018-6913

Description The scan detected that the host is missing the following update: USN-3625-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2018-April/004358.html

Ubuntu 16.04 perl_5.22.1-9ubuntu0.3

Ubuntu 14.04 perl_5.18.2-2ubuntu1.4

Ubuntu 17.10 perl_5.26.0-8ubuntu1.1 193575 - Fedora Linux 28 FEDORA-2018-2926fd93f4 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2004-2779, CVE-2017-11550

Description The scan detected that the host is missing the following update: FEDORA-2018-2926fd93f4

Fedora Core 28 mingw-libid3tag-0.15.1b-24.fc28

135196 - Oracle Solaris 11.3.31.6.0 Update Is Not Installed (CVE-2017-5753)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-5753

Description The scan detected that the host is missing the following update: SRU 11.3.31.6.0

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494

141930 - Red Hat Enterprise Linux RHSA-2018-1129 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-5754

Description The scan detected that the host is missing the following update: RHSA-2018-1129

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-April/msg00035.html

RHEL7_3S noarch kernel-abi-whitelists-3.10.0-514.48.1.el7 kernel-doc-3.10.0-514.48.1.el7 x86_64 kernel-debug-devel-3.10.0-514.48.1.el7 kernel-3.10.0-514.48.1.el7 kernel-debuginfo-common-x86_64-3.10.0-514.48.1.el7 kernel-tools-debuginfo-3.10.0-514.48.1.el7 kernel-debug-3.10.0-514.48.1.el7 python-perf-3.10.0-514.48.1.el7 kernel-debug-debuginfo-3.10.0-514.48.1.el7 kernel-tools-libs-devel-3.10.0-514.48.1.el7 python-perf-debuginfo-3.10.0-514.48.1.el7 kernel-debuginfo-3.10.0-514.48.1.el7 perf-3.10.0-514.48.1.el7 kernel-tools-libs-3.10.0-514.48.1.el7 kernel-tools-3.10.0-514.48.1.el7 kernel-devel-3.10.0-514.48.1.el7 perf-debuginfo-3.10.0-514.48.1.el7 kernel-headers-3.10.0-514.48.1.el7

146592 - SuSE Linux 42.3 openSUSE-SU-2018:0960-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000159

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0960-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00035.html

SuSE Linux 42.3 x86_64 evince-plugin-comicsdocument-debuginfo-3.20.2-9.1 evince-browser-plugin-debuginfo-3.20.2-9.1 evince-3.20.2-9.1 evince-plugin-tiffdocument-3.20.2-9.1 evince-devel-3.20.2-9.1 evince-plugin-djvudocument-3.20.2-9.1 evince-plugin-psdocument-debuginfo-3.20.2-9.1 evince-plugin-pdfdocument-debuginfo-3.20.2-9.1 evince-plugin-tiffdocument-debuginfo-3.20.2-9.1 evince-plugin-comicsdocument-3.20.2-9.1 evince-plugin-pdfdocument-3.20.2-9.1 libevdocument3-4-3.20.2-9.1 evince-plugin-xpsdocument-debuginfo-3.20.2-9.1 evince-debugsource-3.20.2-9.1 libevdocument3-4-debuginfo-3.20.2-9.1 evince-browser-plugin-3.20.2-9.1 nautilus-evince-3.20.2-9.1 evince-plugin-djvudocument-debuginfo-3.20.2-9.1 evince-plugin-dvidocument-3.20.2-9.1 evince-plugin-psdocument-3.20.2-9.1 evince-plugin-xpsdocument-3.20.2-9.1 typelib-1_0-EvinceView-3_0-3.20.2-9.1 evince-plugin-dvidocument-debuginfo-3.20.2-9.1 nautilus-evince-debuginfo-3.20.2-9.1 libevview3-3-3.20.2-9.1 evince-debuginfo-3.20.2-9.1 typelib-1_0-EvinceDocument-3_0-3.20.2-9.1 libevview3-3-debuginfo-3.20.2-9.1 noarch evince-lang-3.20.2-9.1

146593 - SuSE SLED 12 SP3 SUSE-SU-2018:0919-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-7725, CVE-2018-7726

Description The scan detected that the host is missing the following update: SUSE-SU-2018:0919-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003884.html

SuSE SLED 12 SP3 x86_64 libzzip-0-13-debuginfo-0.13.67-10.8.1 libzzip-0-13-0.13.67-10.8.1 zziplib-debugsource-0.13.67-10.8.1

146594 - SuSE Linux 42.3 openSUSE-SU-2018:0939-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-5715, CVE-2018-1064, CVE-2018-6764

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0939-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00030.html

SuSE Linux 42.3 i586 libvirt-daemon-uml-3.3.0-15.1 libvirt-nss-3.3.0-15.1 libvirt-daemon-driver-storage-disk-3.3.0-15.1 libvirt-daemon-vbox-3.3.0-15.1 libvirt-daemon-driver-interface-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-core-debuginfo-3.3.0-15.1 libvirt-daemon-driver-uml-debuginfo-3.3.0-15.1 libvirt-libs-3.3.0-15.1 libvirt-daemon-driver-vbox-3.3.0-15.1 libvirt-daemon-hooks-3.3.0-15.1 libvirt-daemon-driver-storage-3.3.0-15.1 libvirt-devel-3.3.0-15.1 libvirt-libs-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-15.1 libvirt-daemon-lxc-3.3.0-15.1 libvirt-daemon-driver-network-3.3.0-15.1 libvirt-daemon-qemu-3.3.0-15.1 libvirt-client-3.3.0-15.1 libvirt-doc-3.3.0-15.1 libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-15.1 libvirt-daemon-driver-network-debuginfo-3.3.0-15.1 libvirt-daemon-driver-nodedev-debuginfo-3.3.0-15.1 libvirt-daemon-driver-lxc-3.3.0-15.1 libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-15.1 libvirt-client-debuginfo-3.3.0-15.1 libvirt-lock-sanlock-debuginfo-3.3.0-15.1 libvirt-daemon-driver-secret-3.3.0-15.1 libvirt-daemon-driver-storage-scsi-3.3.0-15.1 libvirt-admin-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-logical-3.3.0-15.1 libvirt-daemon-driver-interface-3.3.0-15.1 libvirt-daemon-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-iscsi-3.3.0-15.1 libvirt-daemon-driver-secret-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-mpath-3.3.0-15.1 libvirt-daemon-driver-lxc-debuginfo-3.3.0-15.1 libvirt-daemon-3.3.0-15.1 libvirt-daemon-config-network-3.3.0-15.1 libvirt-daemon-config-nwfilter-3.3.0-15.1 libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-15.1 libvirt-nss-debuginfo-3.3.0-15.1 libvirt-debugsource-3.3.0-15.1 libvirt-daemon-driver-storage-core-3.3.0-15.1 libvirt-daemon-driver-uml-3.3.0-15.1 libvirt-daemon-driver-nodedev-3.3.0-15.1 libvirt-daemon-driver-vbox-debuginfo-3.3.0-15.1 libvirt-3.3.0-15.1 libvirt-daemon-driver-qemu-debuginfo-3.3.0-15.1 libvirt-daemon-driver-nwfilter-3.3.0-15.1 libvirt-daemon-driver-qemu-3.3.0-15.1 libvirt-admin-3.3.0-15.1 libvirt-lock-sanlock-3.3.0-15.1 noarch virt-install-1.4.1-9.1 virt-manager-1.4.1-9.1 virt-manager-common-1.4.1-9.1 x86_64 libvirt-daemon-uml-3.3.0-15.1 libvirt-nss-3.3.0-15.1 libvirt-daemon-driver-storage-disk-3.3.0-15.1 libvirt-daemon-vbox-3.3.0-15.1 libvirt-daemon-driver-interface-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-core-debuginfo-3.3.0-15.1 libvirt-daemon-driver-uml-debuginfo-3.3.0-15.1 libvirt-libs-3.3.0-15.1 libvirt-daemon-driver-vbox-3.3.0-15.1 libvirt-daemon-hooks-3.3.0-15.1 libvirt-daemon-driver-libxl-3.3.0-15.1 libvirt-devel-32bit-3.3.0-15.1 libvirt-daemon-driver-storage-3.3.0-15.1 libvirt-devel-3.3.0-15.1 libvirt-libs-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-15.1 libvirt-daemon-lxc-3.3.0-15.1 libvirt-daemon-driver-network-3.3.0-15.1 libvirt-daemon-qemu-3.3.0-15.1 libvirt-client-3.3.0-15.1 libvirt-doc-3.3.0-15.1 libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-15.1 libvirt-daemon-driver-network-debuginfo-3.3.0-15.1 libvirt-daemon-driver-nodedev-debuginfo-3.3.0-15.1 libvirt-daemon-driver-lxc-3.3.0-15.1 libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-15.1 libvirt-client-debuginfo-3.3.0-15.1 libvirt-lock-sanlock-debuginfo-3.3.0-15.1 libvirt-daemon-driver-secret-3.3.0-15.1 libvirt-daemon-driver-storage-scsi-3.3.0-15.1 libvirt-admin-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-logical-3.3.0-15.1 libvirt-daemon-driver-interface-3.3.0-15.1 libvirt-daemon-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-iscsi-3.3.0-15.1 libvirt-daemon-driver-secret-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-rbd-3.3.0-15.1 libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-mpath-3.3.0-15.1 libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-15.1 libvirt-daemon-driver-lxc-debuginfo-3.3.0-15.1 libvirt-daemon-xen-3.3.0-15.1 libvirt-daemon-3.3.0-15.1 libvirt-daemon-config-network-3.3.0-15.1 libvirt-daemon-config-nwfilter-3.3.0-15.1 libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-15.1 libvirt-nss-debuginfo-3.3.0-15.1 libvirt-debugsource-3.3.0-15.1 libvirt-daemon-driver-storage-core-3.3.0-15.1 libvirt-daemon-driver-uml-3.3.0-15.1 libvirt-daemon-driver-nodedev-3.3.0-15.1 libvirt-daemon-driver-vbox-debuginfo-3.3.0-15.1 libvirt-3.3.0-15.1 libvirt-client-debuginfo-32bit-3.3.0-15.1 libvirt-daemon-driver-qemu-debuginfo-3.3.0-15.1 libvirt-daemon-driver-nwfilter-3.3.0-15.1 libvirt-daemon-driver-qemu-3.3.0-15.1 libvirt-daemon-driver-libxl-debuginfo-3.3.0-15.1 libvirt-admin-3.3.0-15.1 libvirt-lock-sanlock-3.3.0-15.1 146600 - SuSE Linux 42.3 openSUSE-SU-2018:0966-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-18207

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0966-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00041.html

SuSE Linux 42.3 i586 python3-testsuite-3.4.6-12.3.1 python3-testsuite-debuginfo-3.4.6-12.3.1 python3-dbm-3.4.6-12.3.1 python3-tools-3.4.6-12.3.1 python3-dbm-debuginfo-3.4.6-12.3.1 python3-base-debugsource-3.4.6-12.3.1 python3-debuginfo-3.4.6-12.3.1 python3-curses-debuginfo-3.4.6-12.3.1 python3-curses-3.4.6-12.3.1 python3-3.4.6-12.3.1 python3-devel-3.4.6-12.3.1 python3-debugsource-3.4.6-12.3.1 python3-base-debuginfo-3.4.6-12.3.1 python3-base-3.4.6-12.3.1 libpython3_4m1_0-3.4.6-12.3.1 python3-devel-debuginfo-3.4.6-12.3.1 libpython3_4m1_0-debuginfo-3.4.6-12.3.1 python3-tk-3.4.6-12.3.1 python3-tk-debuginfo-3.4.6-12.3.1 python3-idle-3.4.6-12.3.1 noarch python3-doc-pdf-3.4.6-12.3.2 python3-doc-3.4.6-12.3.2 x86_64 python3-testsuite-3.4.6-12.3.1 python3-testsuite-debuginfo-3.4.6-12.3.1 python3-dbm-3.4.6-12.3.1 python3-tools-3.4.6-12.3.1 python3-dbm-debuginfo-3.4.6-12.3.1 python3-base-debugsource-3.4.6-12.3.1 python3-debuginfo-3.4.6-12.3.1 python3-curses-debuginfo-3.4.6-12.3.1 python3-curses-3.4.6-12.3.1 python3-3.4.6-12.3.1 python3-devel-3.4.6-12.3.1 python3-base-32bit-3.4.6-12.3.1 python3-debugsource-3.4.6-12.3.1 python3-32bit-3.4.6-12.3.1 python3-debuginfo-32bit-3.4.6-12.3.1 python3-base-debuginfo-3.4.6-12.3.1 python3-base-3.4.6-12.3.1 libpython3_4m1_0-debuginfo-32bit-3.4.6-12.3.1 libpython3_4m1_0-32bit-3.4.6-12.3.1 libpython3_4m1_0-3.4.6-12.3.1 python3-base-debuginfo-32bit-3.4.6-12.3.1 python3-devel-debuginfo-3.4.6-12.3.1 libpython3_4m1_0-debuginfo-3.4.6-12.3.1 python3-tk-3.4.6-12.3.1 python3-tk-debuginfo-3.4.6-12.3.1 python3-idle-3.4.6-12.3.1

146602 - SuSE Linux 42.3 openSUSE-SU-2018:0972-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1091, CVE-2018-7740, CVE-2018-8043

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0972-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00047.html

SuSE Linux 42.3 x86_64 kernel-debug-debuginfo-4.4.126-48.2 kernel-obs-build-debugsource-4.4.126-48.2 kernel-debug-base-4.4.126-48.2 kernel-default-base-debuginfo-4.4.126-48.2 kernel-vanilla-devel-4.4.126-48.2 kselftests-kmp-default-4.4.126-48.2 kselftests-kmp-default-debuginfo-4.4.126-48.2 kernel-syms-4.4.126-48.1 kernel-vanilla-debugsource-4.4.126-48.2 kernel-default-4.4.126-48.2 kernel-debug-base-debuginfo-4.4.126-48.2 kernel-debug-debugsource-4.4.126-48.2 kernel-debug-devel-4.4.126-48.2 kernel-obs-build-4.4.126-48.2 kernel-debug-4.4.126-48.2 kernel-default-devel-4.4.126-48.2 kernel-vanilla-base-debuginfo-4.4.126-48.2 kernel-default-base-4.4.126-48.2 kernel-vanilla-base-4.4.126-48.2 kernel-obs-qa-4.4.126-48.1 kernel-vanilla-debuginfo-4.4.126-48.2 kernel-default-debuginfo-4.4.126-48.2 kernel-vanilla-4.4.126-48.2 kselftests-kmp-vanilla-debuginfo-4.4.126-48.2 kernel-debug-devel-debuginfo-4.4.126-48.2 kselftests-kmp-debug-4.4.126-48.2 kselftests-kmp-debug-debuginfo-4.4.126-48.2 kernel-default-debugsource-4.4.126-48.2 kselftests-kmp-vanilla-4.4.126-48.2 noarch kernel-source-vanilla-4.4.126-48.1 kernel-source-4.4.126-48.1 kernel-devel-4.4.126-48.1 kernel-macros-4.4.126-48.1 kernel-docs-html-4.4.126-48.1 kernel-docs-pdf-4.4.126-48.1 kernel-docs-4.4.126-48.1

146603 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0947-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000159

Description The scan detected that the host is missing the following update: SUSE-SU-2018:0947-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003891.html

SuSE SLED 12 SP3 x86_64 typelib-1_0-EvinceDocument-3_0-3.20.2-6.22.9 libevdocument3-4-3.20.2-6.22.9 evince-plugin-djvudocument-debuginfo-3.20.2-6.22.9 evince-plugin-pdfdocument-debuginfo-3.20.2-6.22.9 evince-browser-plugin-debuginfo-3.20.2-6.22.9 evince-plugin-tiffdocument-debuginfo-3.20.2-6.22.9 evince-plugin-psdocument-3.20.2-6.22.9 evince-3.20.2-6.22.9 typelib-1_0-EvinceView-3_0-3.20.2-6.22.9 libevview3-3-3.20.2-6.22.9 evince-plugin-djvudocument-3.20.2-6.22.9 evince-plugin-xpsdocument-debuginfo-3.20.2-6.22.9 evince-plugin-xpsdocument-3.20.2-6.22.9 libevview3-3-debuginfo-3.20.2-6.22.9 libevdocument3-4-debuginfo-3.20.2-6.22.9 evince-debugsource-3.20.2-6.22.9 evince-plugin-pdfdocument-3.20.2-6.22.9 evince-plugin-psdocument-debuginfo-3.20.2-6.22.9 evince-plugin-dvidocument-debuginfo-3.20.2-6.22.9 nautilus-evince-debuginfo-3.20.2-6.22.9 evince-plugin-dvidocument-3.20.2-6.22.9 nautilus-evince-3.20.2-6.22.9 evince-debuginfo-3.20.2-6.22.9 evince-browser-plugin-3.20.2-6.22.9 evince-plugin-tiffdocument-3.20.2-6.22.9 noarch evince-lang-3.20.2-6.22.9 SuSE SLES 12 SP3 noarch evince-lang-3.20.2-6.22.9 x86_64 evince-plugin-pdfdocument-debuginfo-3.20.2-6.22.9 libevdocument3-4-3.20.2-6.22.9 evince-plugin-djvudocument-debuginfo-3.20.2-6.22.9 evince-browser-plugin-debuginfo-3.20.2-6.22.9 evince-plugin-tiffdocument-debuginfo-3.20.2-6.22.9 evince-plugin-psdocument-3.20.2-6.22.9 evince-3.20.2-6.22.9 libevview3-3-3.20.2-6.22.9 evince-plugin-djvudocument-3.20.2-6.22.9 evince-plugin-xpsdocument-debuginfo-3.20.2-6.22.9 evince-plugin-xpsdocument-3.20.2-6.22.9 libevview3-3-debuginfo-3.20.2-6.22.9 libevdocument3-4-debuginfo-3.20.2-6.22.9 evince-debugsource-3.20.2-6.22.9 evince-plugin-pdfdocument-3.20.2-6.22.9 evince-plugin-psdocument-debuginfo-3.20.2-6.22.9 evince-plugin-dvidocument-debuginfo-3.20.2-6.22.9 nautilus-evince-debuginfo-3.20.2-6.22.9 evince-plugin-dvidocument-3.20.2-6.22.9 nautilus-evince-3.20.2-6.22.9 evince-debuginfo-3.20.2-6.22.9 evince-browser-plugin-3.20.2-6.22.9 evince-plugin-tiffdocument-3.20.2-6.22.9

146606 - SuSE Linux 42.3 openSUSE-SU-2018:0940-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-7725, CVE-2018-7726

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0940-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00031.html

SuSE Linux 42.3 x86_64 libzzip-0-13-debuginfo-32bit-0.13.67-13.6.1 zziplib-devel-debuginfo-32bit-0.13.67-13.6.1 zziplib-devel-32bit-0.13.67-13.6.1 zziplib-devel-0.13.67-13.6.1 libzzip-0-13-32bit-0.13.67-13.6.1 zziplib-devel-debuginfo-0.13.67-13.6.1 zziplib-debugsource-0.13.67-13.6.1 libzzip-0-13-0.13.67-13.6.1 libzzip-0-13-debuginfo-0.13.67-13.6.1 i586 zziplib-devel-debuginfo-0.13.67-13.6.1 zziplib-devel-0.13.67-13.6.1 zziplib-debugsource-0.13.67-13.6.1 libzzip-0-13-debuginfo-0.13.67-13.6.1 libzzip-0-13-0.13.67-13.6.1

146608 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0934-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-18207

Description The scan detected that the host is missing the following update: SUSE-SU-2018:0934-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003890.html

SuSE SLED 12 SP3 x86_64 python3-base-debugsource-3.4.6-25.7.1 python3-3.4.6-25.7.1 python3-base-3.4.6-25.7.1 libpython3_4m1_0-debuginfo-3.4.6-25.7.1 python3-curses-debuginfo-3.4.6-25.7.1 libpython3_4m1_0-3.4.6-25.7.1 python3-debuginfo-3.4.6-25.7.1 python3-debugsource-3.4.6-25.7.1 python3-base-debuginfo-3.4.6-25.7.1 python3-curses-3.4.6-25.7.1

SuSE SLES 12 SP3 x86_64 python3-base-debugsource-3.4.6-25.7.1 python3-3.4.6-25.7.1 python3-base-3.4.6-25.7.1 libpython3_4m1_0-debuginfo-3.4.6-25.7.1 python3-curses-debuginfo-3.4.6-25.7.1 libpython3_4m1_0-3.4.6-25.7.1 python3-debuginfo-3.4.6-25.7.1 python3-debugsource-3.4.6-25.7.1 python3-base-debuginfo-3.4.6-25.7.1 python3-curses-3.4.6-25.7.1

146611 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0920-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-5715, CVE-2018-1064, CVE-2018-6764

Description The scan detected that the host is missing the following update: SUSE-SU-2018:0920-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003885.html

SuSE SLED 12 SP3 x86_64 libvirt-daemon-driver-storage-scsi-3.3.0-5.19.2 libvirt-daemon-driver-storage-core-3.3.0-5.19.2 libvirt-daemon-driver-storage-iscsi-3.3.0-5.19.2 libvirt-daemon-driver-lxc-3.3.0-5.19.2 libvirt-daemon-config-network-3.3.0-5.19.2 libvirt-daemon-driver-interface-debuginfo-3.3.0-5.19.2 libvirt-client-debuginfo-3.3.0-5.19.2 libvirt-libs-debuginfo-3.3.0-5.19.2 libvirt-client-3.3.0-5.19.2 libvirt-daemon-driver-qemu-debuginfo-3.3.0-5.19.2 libvirt-daemon-lxc-3.3.0-5.19.2 libvirt-debugsource-3.3.0-5.19.2 libvirt-daemon-qemu-3.3.0-5.19.2 libvirt-daemon-driver-network-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-secret-3.3.0-5.19.2 libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-lxc-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-network-3.3.0-5.19.2 libvirt-daemon-3.3.0-5.19.2 libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-rbd-3.3.0-5.19.2 libvirt-daemon-driver-nodedev-3.3.0-5.19.2 libvirt-daemon-driver-storage-logical-3.3.0-5.19.2 libvirt-daemon-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-disk-3.3.0-5.19.2 libvirt-doc-3.3.0-5.19.2 libvirt-daemon-driver-secret-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-libxl-3.3.0-5.19.2 libvirt-daemon-driver-storage-3.3.0-5.19.2 libvirt-daemon-driver-libxl-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-qemu-3.3.0-5.19.2 libvirt-daemon-driver-storage-mpath-3.3.0-5.19.2 libvirt-daemon-driver-nwfilter-3.3.0-5.19.2 libvirt-daemon-driver-storage-core-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-interface-3.3.0-5.19.2 libvirt-daemon-config-nwfilter-3.3.0-5.19.2 libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-5.19.2 libvirt-admin-3.3.0-5.19.2 libvirt-daemon-driver-nodedev-debuginfo-3.3.0-5.19.2 libvirt-daemon-xen-3.3.0-5.19.2 libvirt-libs-3.3.0-5.19.2 libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-5.19.2 libvirt-admin-debuginfo-3.3.0-5.19.2 libvirt-3.3.0-5.19.2 libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-5.19.2 noarch virt-install-1.4.1-5.8.1 virt-manager-common-1.4.1-5.8.1 virt-manager-1.4.1-5.8.1

SuSE SLES 12 SP3 noarch virt-install-1.4.1-5.8.1 virt-manager-common-1.4.1-5.8.1 virt-manager-1.4.1-5.8.1 x86_64 libvirt-nss-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-scsi-3.3.0-5.19.2 libvirt-daemon-driver-storage-core-3.3.0-5.19.2 libvirt-daemon-driver-storage-iscsi-3.3.0-5.19.2 libvirt-daemon-driver-lxc-3.3.0-5.19.2 libvirt-daemon-config-network-3.3.0-5.19.2 libvirt-daemon-driver-interface-debuginfo-3.3.0-5.19.2 libvirt-client-debuginfo-3.3.0-5.19.2 libvirt-libs-debuginfo-3.3.0-5.19.2 libvirt-client-3.3.0-5.19.2 libvirt-daemon-driver-qemu-debuginfo-3.3.0-5.19.2 libvirt-lock-sanlock-3.3.0-5.19.2 libvirt-daemon-hooks-3.3.0-5.19.2 libvirt-doc-3.3.0-5.19.2 libvirt-daemon-qemu-3.3.0-5.19.2 libvirt-daemon-driver-network-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-rbd-3.3.0-5.19.2 libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-secret-3.3.0-5.19.2 libvirt-daemon-lxc-3.3.0-5.19.2 libvirt-daemon-driver-lxc-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-network-3.3.0-5.19.2 libvirt-daemon-3.3.0-5.19.2 libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-5.19.2 libvirt-debugsource-3.3.0-5.19.2 libvirt-daemon-driver-nodedev-3.3.0-5.19.2 libvirt-daemon-driver-storage-logical-3.3.0-5.19.2 libvirt-daemon-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-disk-3.3.0-5.19.2 libvirt-daemon-driver-secret-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-3.3.0-5.19.2 libvirt-daemon-driver-libxl-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-qemu-3.3.0-5.19.2 libvirt-daemon-driver-storage-mpath-3.3.0-5.19.2 libvirt-daemon-driver-nwfilter-3.3.0-5.19.2 libvirt-daemon-driver-storage-core-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-interface-3.3.0-5.19.2 libvirt-daemon-config-nwfilter-3.3.0-5.19.2 libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-5.19.2 libvirt-lock-sanlock-debuginfo-3.3.0-5.19.2 libvirt-admin-3.3.0-5.19.2 libvirt-daemon-driver-nodedev-debuginfo-3.3.0-5.19.2 libvirt-nss-3.3.0-5.19.2 libvirt-libs-3.3.0-5.19.2 libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-5.19.2 libvirt-admin-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-libxl-3.3.0-5.19.2 libvirt-3.3.0-5.19.2 libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-5.19.2 libvirt-daemon-xen-3.3.0-5.19.2

163572 - Oracle Enterprise Linux ELSA-2018-0998 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-3736, CVE-2017-3737, CVE-2017-3738

Description The scan detected that the host is missing the following update: ELSA-2018-0998

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007618.html

OEL7 x86_64 openssl-1.0.2k-12.el7 openssl-perl-1.0.2k-12.el7 openssl-devel-1.0.2k-12.el7 openssl-static-1.0.2k-12.el7 openssl-libs-1.0.2k-12.el7

163579 - Oracle Enterprise Linux ELSA-2018-0666 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11368, CVE-2017-7562

Description The scan detected that the host is missing the following update: ELSA-2018-0666

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007610.html

OEL7 x86_64 krb5-pkinit-1.15.1-18.el7 libkadm5-1.15.1-18.el7 krb5-server-ldap-1.15.1-18.el7 krb5-devel-1.15.1-18.el7 krb5-server-1.15.1-18.el7 krb5-libs-1.15.1-18.el7 krb5-workstation-1.15.1-18.el7

163583 - Oracle Enterprise Linux ELSA-2018-0842 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-15131

Description The scan detected that the host is missing the following update: ELSA-2018-0842

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007612.html

OEL7 x86_64 xdg-user-dirs-0.15-5.el7

23337 - Oracle Business Intelligence Enterprise Edition Critical Patch Update October 2016

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Low CVE: CVE-2016-2107

Description A vulnerability is present in some versions of Oracle Business Intelligence Enterprise Edition.

Observation Oracle Business Intelligence Enterprise Edition is an enterprise software suite that provides reporting and analysis.

A vulnerability is present in some versions of Oracle Business Intelligence Enterprise Edition. The flaw lies in the installation subcomponent. Successful exploitation could allow an attacker to affect confidentiality.

33381 - Oracle Solaris 150377-07 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2563

Description The scan detected that the host is missing the following update: 150377-07

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://getupdates.oracle.com/readme/150377-07

SunOS 5.10: LDAP Patch

SOLARIS_10

SUNWarc:11.10.0,REV=2005.01.21.15.53 SUNWcsl:11.10.0,REV=2005.01.21.15.53 SUNWnisu:11.10.0,REV=2005.01.21.15.53

33382 - Oracle Solaris 150378-07 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2563

Description The scan detected that the host is missing the following update: 150378-07

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://getupdates.oracle.com/readme/150378-07

SunOS 5.10(x86): LDAP Patch

SOLARIS_10_x86

SUNWnisu:11.10.0,REV=2005.01.21.16.34 SUNWarc:11.10.0,REV=2005.01.21.16.34 SUNWcsl:11.10.0,REV=2005.01.21.16.34

131078 - Debian Linux 8.0, 9.0 DSA-4172-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-6797, CVE-2018-6798, CVE-2018-6913

Description The scan detected that the host is missing the following update: DSA-4172-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4172

Debian 8.0 all perl_5.20.2-3+deb8u10

Debian 9.0 all perl_5.24.1-3+deb9u3

131080 - Debian Linux 9.0 DSA-4169-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1086

Description The scan detected that the host is missing the following update: DSA-4169-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4169

Debian 9.0 all pcs_0.9.155+dfsg-2+deb9u1

131081 - Debian Linux 9.0 DSA-4171-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-8048

Description The scan detected that the host is missing the following update: DSA-4171-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4171

Debian 9.0 all ruby-loofah_2.0.3-2+deb9u1

131082 - Debian Linux 9.0 DSA-4174-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1084

Description The scan detected that the host is missing the following update: DSA-4174-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4174

Debian 9.0 all corosync_2.4.2-3+deb9u1 146595 - SuSE SLES 12 SP2, 12 SP3 SUSE-SU-2018:0926-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1063

Description The scan detected that the host is missing the following update: SUSE-SU-2018:0926-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003887.html

SuSE SLES 12 SP3 x86_64 policycoreutils-python-2.5-10.3.1 policycoreutils-2.5-10.3.1 policycoreutils-debugsource-2.5-10.3.1 policycoreutils-python-debuginfo-2.5-10.3.1 policycoreutils-debuginfo-2.5-10.3.1

SuSE SLES 12 SP2 x86_64 policycoreutils-python-2.5-10.3.1 policycoreutils-2.5-10.3.1 policycoreutils-debugsource-2.5-10.3.1 policycoreutils-python-debuginfo-2.5-10.3.1 policycoreutils-debuginfo-2.5-10.3.1

146599 - SuSE SLES 11 SP4 SUSE-SU-2018:0927-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1063

Description The scan detected that the host is missing the following update: SUSE-SU-2018:0927-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003888.html

SuSE SLES 11 SP4 i586 policycoreutils-2.0.79-4.9.3.3 x86_64 policycoreutils-2.0.79-4.9.3.3 146604 - SuSE Linux 42.3 openSUSE-SU-2018:0937-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1063

Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0937-1

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00028.html

SuSE Linux 42.3 x86_64 policycoreutils-gui-2.5-6.4.1 policycoreutils-sandbox-2.5-6.4.1 policycoreutils-python-2.5-6.4.1 policycoreutils-2.5-6.4.1 policycoreutils-python-debuginfo-2.5-6.4.1 policycoreutils-newrole-debuginfo-2.5-6.4.1 policycoreutils-newrole-2.5-6.4.1 policycoreutils-debugsource-2.5-6.4.1 policycoreutils-sandbox-debuginfo-2.5-6.4.1 policycoreutils-debuginfo-2.5-6.4.1 noarch policycoreutils-lang-2.5-6.4.1

163581 - Oracle Enterprise Linux ELSA-2018-0913 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1063

Description The scan detected that the host is missing the following update: ELSA-2018-0913

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007615.html

OEL7 x86_64 policycoreutils-gui-2.5-22.el7 policycoreutils-2.5-22.el7 policycoreutils-restorecond-2.5-22.el7 policycoreutils-devel-2.5-22.el7 policycoreutils-newrole-2.5-22.el7 policycoreutils-python-2.5-22.el7 policycoreutils-sandbox-2.5-22.el7

182670 - FreeBSD jenkins Multiple Vulnerabilities (aaba17aa-782e-4843-8a79-7756cfa2bf89)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: jenkins -- multiple vulnerabilities (aaba17aa-782e-4843-8a79-7756cfa2bf89)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/aaba17aa-782e-4843-8a79-7756cfa2bf89.html

Affected packages: jenkins <= 2.115 jenkins-lts <= 2.107.1

182671 - FreeBSD OpenSSL Cache Timing Vulnerability (8f353420-4197-11e8-8777-b499baebfeaf)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-0737

Description The scan detected that the host is missing the following update: OpenSSL -- Cache timing vulnerability (8f353420-4197-11e8-8777-b499baebfeaf)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/8f353420-4197-11e8-8777-b499baebfeaf.html

Affected packages: openssl < 1.0.2o_2,1 openssl-devel < 1.1.0h_1

182673 - FreeBSD roundcube IMAP Command Injection Vulnerability (48894ca9-3e6f-11e8-92f0-f0def167eeea)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-9846

Description The scan detected that the host is missing the following update: roundcube -- IMAP command injection vulnerability (48894ca9-3e6f-11e8-92f0-f0def167eeea)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/48894ca9-3e6f-11e8-92f0-f0def167eeea.html

Affected packages: roundcube <= 1.3.5,1

182675 - FreeBSD drupal Drupal Core - Multiple Vulnerabilities (a9e466e8-4144-11e8-a292-00e04c1ea73d)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-7600

Description The scan detected that the host is missing the following update: drupal -- Drupal Core - Multiple Vulnerabilities (a9e466e8-4144-11e8-a292-00e04c1ea73d)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/a9e466e8-4144-11e8-a292-00e04c1ea73d.html

Affected packages: drupal7 < 7.57

182676 - FreeBSD nghttp2 Denial Of Service Due To NULL Pointer Dereference (1fccb25e-8451-438c-a2b9-6a021e4d7a31)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1000168

Description The scan detected that the host is missing the following update: nghttp2 -- Denial of service due to NULL pointer dereference (1fccb25e-8451-438c-a2b9-6a021e4d7a31)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/1fccb25e-8451-438c-a2b9-6a021e4d7a31.html

Affected packages: 1.10.0 <= libnghttp2 < 1.31.1 1.10.0 <= nghttp2 < 1.31.1

182677 - FreeBSD perl Multiple Vulnerabilities (41c96ffd-29a6-4dcc-9a88-65f5038fa6eb)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-6797, CVE-2018-6798, CVE-2018-6913

Description The scan detected that the host is missing the following update: perl -- multiple vulnerabilities (41c96ffd-29a6-4dcc-9a88-65f5038fa6eb)

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/41c96ffd-29a6-4dcc-9a88-65f5038fa6eb.html

Affected packages: 5.24.0 <= perl5 < 5.24.4 5.26.0 <= perl5 < 5.26.2

193562 - Fedora Linux 28 FEDORA-2018-54aa882a3f Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2018-54aa882a3f

Fedora Core 28 firefox-59.0.2-1.fc28

193563 - Fedora Linux 28 FEDORA-2018-dd8162c004 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-17742, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780

Description The scan detected that the host is missing the following update: FEDORA-2018-dd8162c004

Fedora Core 28 ruby-2.5.1-92.fc28

193564 - Fedora Linux 27 FEDORA-2018-d48955723f Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2018-d48955723f

Fedora Core 27 wordpress-4.9.5-1.fc27

193566 - Fedora Linux 28 FEDORA-2018-50039f6b61 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2018-50039f6b61

Fedora Core 28 anki-2.0.50-1.fc28

193568 - Fedora Linux 28 FEDORA-2018-bdefa5e5bb Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1000168

Description The scan detected that the host is missing the following update: FEDORA-2018-bdefa5e5bb

193570 - Fedora Linux 28 FEDORA-2018-bbfb0f5bc9 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1079, CVE-2018-1086

Description The scan detected that the host is missing the following update: FEDORA-2018-bbfb0f5bc9

Fedora Core 28 pcs-0.9.164-1.fc28

193571 - Fedora Linux 26 FEDORA-2018-42a426b17e Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-9234

Description The scan detected that the host is missing the following update: FEDORA-2018-42a426b17e

Fedora Core 26 gnupg2-2.2.6-1.fc26

193574 - Fedora Linux 26 FEDORA-2018-97ad7e69c1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2018-97ad7e69c1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=3

Fedora Core 26 wordpress-4.9.5-1.fc26

193576 - Fedora Linux 28 FEDORA-2018-12da088117 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1084

Description The scan detected that the host is missing the following update: FEDORA-2018-12da088117

Fedora Core 28 corosync-2.4.4-1.fc28

193577 - Fedora Linux 26 FEDORA-2018-81d3af3f36 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1002150

Description The scan detected that the host is missing the following update: FEDORA-2018-81d3af3f36

Fedora Core 26 koji-1.15.1-1.fc26

193578 - Fedora Linux 28 FEDORA-2018-62268d69c9 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2018-62268d69c9

Fedora Core 28 freexl-1.0.5-1.fc28

193579 - Fedora Linux 28 FEDORA-2018-da6a17e6a3 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-9234

Description The scan detected that the host is missing the following update: FEDORA-2018-da6a17e6a3

Fedora Core 28 gnupg2-2.2.6-1.fc28

193582 - Fedora Linux 27 FEDORA-2018-3fc05e009d Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-9234

Description The scan detected that the host is missing the following update: FEDORA-2018-3fc05e009d

Fedora Core 27 gnupg2-2.2.6-1.fc27 193583 - Fedora Linux 28 FEDORA-2018-49ab80333f Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Description The scan detected that the host is missing the following update: FEDORA-2018-49ab80333f

Fedora Core 28 star-1.5.3-12.fc28

163577 - Oracle Enterprise Linux ELSA-2018-0849 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Low CVE: CVE-2017-11671

Description The scan detected that the host is missing the following update: ELSA-2018-0849

Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007613.html

OEL7 x86_64 gcc-go-4.8.5-28.el7 libgo-devel-4.8.5-28.el7 gcc-objc-4.8.5-28.el7 libatomic-static-4.8.5-28.el7 libgcc-4.8.5-28.el7 libgo-static-4.8.5-28.el7 libquadmath-static-4.8.5-28.el7 libgfortran-4.8.5-28.el7 libstdc++-devel-4.8.5-28.el7 libmudflap-devel-4.8.5-28.el7 libgfortran-static-4.8.5-28.el7 libobjc-4.8.5-28.el7 libtsan-static-4.8.5-28.el7 libgnat-devel-4.8.5-28.el7 libmudflap-4.8.5-28.el7 gcc-4.8.5-28.el7 gcc-plugin-devel-4.8.5-28.el7 libstdc++-static-4.8.5-28.el7 cpp-4.8.5-28.el7 gcc-gnat-4.8.5-28.el7 gcc-gfortran-4.8.5-28.el7 libgnat-4.8.5-28.el7 libstdc++-docs-4.8.5-28.el7 libasan-static-4.8.5-28.el7 libatomic-4.8.5-28.el7 libgomp-4.8.5-28.el7 libstdc++-4.8.5-28.el7 libitm-devel-4.8.5-28.el7 libitm-4.8.5-28.el7 libquadmath-4.8.5-28.el7 libquadmath-devel-4.8.5-28.el7 libgo-4.8.5-28.el7 libgnat-static-4.8.5-28.el7 gcc-objc++-4.8.5-28.el7 libmudflap-static-4.8.5-28.el7 libtsan-4.8.5-28.el7 libasan-4.8.5-28.el7 gcc-c++-4.8.5-28.el7 libitm-static-4.8.5-28.el7

193572 - Fedora Linux 28 FEDORA-2018-a5e9a619f6 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1071, CVE-2018-1083, CVE-2018-1100

Description The scan detected that the host is missing the following update: FEDORA-2018-a5e9a619f6

Fedora Core 28 zsh-5.5-1.fc28

135197 - Oracle Solaris 11.3.27.4.0 Update Is Not Installed (CVE-2018-2563)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2563

Description The scan detected that the host is missing the following update: SRU 11.3.27.4.0

135198 - Oracle Solaris 11.3.28.4.0 Update Is Not Installed (CVE-2018-2718)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2718

Description The scan detected that the host is missing the following update: SRU 11.3.28.4.0

135199 - Oracle Solaris 11.3.29.5.0 Update Is Not Installed (CVE-2018-2753)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2753

Description The scan detected that the host is missing the following update: SRU 11.3.29.5.0

135200 - Oracle Solaris 11.3.29.5.0 Update Is Not Installed (CVE-2018-2754)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2754

Description The scan detected that the host is missing the following update: SRU 11.3.29.5.0

135201 - Oracle Solaris 11.3.30.5.0 Update Is Not Installed (CVE-2018-2763) Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2763

Description The scan detected that the host is missing the following update: SRU 11.3.30.5.0

135202 - Oracle Solaris 11.3.30.5.0 Update Is Not Installed (CVE-2018-2764)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2764

Description The scan detected that the host is missing the following update: SRU 11.3.30.5.0

135203 - Oracle Solaris 11.3.30.5.0 Update Is Not Installed (CVE-2018-2792)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2792

Description The scan detected that the host is missing the following update: SRU 11.3.30.5.0

135204 - Oracle Solaris 11.3.30.5.0 Update Is Not Installed (CVE-2018-2808)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2808

Description The scan detected that the host is missing the following update: SRU 11.3.30.5.0

ENHANCED CHECKS

The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 139072 - Oracle Solaris 11.3.25.3.0 Update Is Not Installed (Third Party Components)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2015-7511, CVE-2016-3492, CVE-2016-5584, CVE-2016-5612, CVE-2016-5624, CVE-2016-5629, CVE-2016-6313, CVE- 2016-6662, CVE-2016-6663, CVE-2016-6664, CVE-2016-7440, CVE-2016-8283, CVE-2016-8318, CVE-2017-1000383, CVE-2017- 12150, CVE-2017-12151, CVE-2017-12163, CVE-2017-13765, CVE-2017-13766, CVE-2017-13767, CVE-2017-14482, CVE-2017- 3238, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3273, CVE-2017-3291, CVE-2017-3312, CVE- 2017-3634, CVE-2017-3635, CVE-2017-3636, CVE-2017-3641, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653, CVE-2017-3732, CVE-2017-7526, CVE-2017-7674, CVE-2017-7675, CVE-2017-7793, CVE-2017- 7805, CVE-2017-7810, CVE-2017-7814, CVE-2017-7818, CVE-2017-7819, CVE-2017-7823, CVE-2017-7824, CVE-2017-7825

Update Details CVE is updated

146576 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0877-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2017-12194

Update Details Risk is updated

146580 - SuSE Linux 42.3 openSUSE-SU-2018:0892-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2017-12194

Update Details Risk is updated

23355 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1029)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1029 Update Details Observation is updated

33312 - Oracle Solaris 152078-91 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33313 - Oracle Solaris 152076-91 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33314 - Oracle Solaris 152079-91 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33315 - Oracle Solaris 152077-91 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

139089 - Oracle Solaris 11.3.28.4.0 Update Is Not Installed (Third Party Components)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2015-3193, CVE-2015-8213, CVE-2016-0701, CVE-2016-10207, CVE-2017-13721, CVE-2017-13723, CVE-2017-14867, CVE-2017-15298, CVE-2017-17083, CVE-2017-17084, CVE-2017-17085, CVE-2017-3732, CVE-2017-3736, CVE-2017-3737, CVE- 2017-3738, CVE-2017-7843, CVE-2017-9798, CVE-2018-2718

Update Details CVE is updated 139090 - Oracle Solaris 11.3.27.4.0 Update Is Not Installed (Third Party Components)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2015-8870, CVE-2016-10092, CVE-2016-10093, CVE-2016-10094, CVE-2016-10095, CVE-2016-3186, CVE-2016-3619, CVE-2016-3620, CVE-2016-3621, CVE-2016-3622, CVE- 2016-3623, CVE-2016-3624, CVE-2016-3625, CVE-2016-3631, CVE-2016-3632, CVE-2016-3633, CVE-2016-3634, CVE-2016-3658, CVE-2016-3945, CVE-2016-3990, CVE-2016-3991, CVE-2016-5102, CVE-2016-5314, CVE-2016-5315, CVE-2016-5316, CVE-2016- 5317, CVE-2016-5318, CVE-2016-5319, CVE-2016-5321, CVE-2016-5322, CVE-2016-5323, CVE-2016-6223, CVE-2016-9273, CVE- 2016-9297, CVE-2016-9318, CVE-2016-9532, CVE-2016-9533, CVE-2016-9534, CVE-2016-9535, CVE-2016-9536, CVE-2016-9537, CVE-2016-9538, CVE-2016-9539, CVE-2016-9540, CVE-2017-0379, CVE-2017-10155, CVE-2017-10227, CVE-2017-10268, CVE- 2017-10276, CVE-2017-10279, CVE-2017-10283, CVE-2017-10286, CVE-2017-10294, CVE-2017-10314, CVE-2017-10378, CVE- 2017-10379, CVE-2017-10384, CVE-2017-10989, CVE-2017-13089, CVE-2017-13090, CVE-2017-13704, CVE-2017-14491, CVE- 2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, CVE-2017-16548, CVE-2017-3651, CVE- 2017-3652, CVE-2017-3653, CVE-2017-3731, CVE-2017-5225, CVE-2017-5563, CVE-2017-5969, CVE-2017-6508, CVE-2017-7592, CVE-2017-7593, CVE-2017-7594, CVE-2017-7595, CVE-2017-7596, CVE-2017-7597, CVE-2017-7598, CVE-2017-7599, CVE-2017- 7600, CVE-2017-7601, CVE-2017-7602, CVE-2017-7826, CVE-2017-7828, CVE-2017-7830, CVE-2017-9117, CVE-2017-9526, CVE- 2018-2560, CVE-2018-2563, CVE-2018-2577, CVE-2018-2578

Update Details CVE is updated

131044 - Debian Linux 9.0 DSA-4145-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2017-0915, CVE-2017-0916, CVE-2017-0917, CVE-2017-0918, CVE-2017-0925, CVE-2017-0926, CVE-2018-3710

Update Details Risk is updated

132354 - Oracle VM OVMSA-2017-0059 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2017-2628

Update Details Risk is updated

139051 - Oracle Solaris 11.3.26.5.0 Update Is Not Installed (Third Party Components)

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-12617, CVE-2017-12893, CVE-2017- 12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017- 12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12989, CVE-2017- 12990, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12995, CVE-2017-12996, CVE-2017- 12997, CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, CVE-2017-13002, CVE-2017-13003, CVE-2017- 13004, CVE-2017-13005, CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009, CVE-2017-13010, CVE-2017- 13011, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014, CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017- 13018, CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, CVE-2017-13023, CVE-2017-13024, CVE-2017- 13025, CVE-2017-13026, CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030, CVE-2017-13031, CVE-2017- 13032, CVE-2017-13033, CVE-2017-13034, CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, CVE-2017- 13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017- 13046, CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050, CVE-2017-13051, CVE-2017-13052, CVE-2017- 13053, CVE-2017-13054, CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, CVE-2017-13690, CVE-2017- 13725, CVE-2017-14989, CVE-2017-15189, CVE-2017-15190, CVE-2017-15191, CVE-2017-15192, CVE-2017-15193, CVE-2017- 15281, CVE-2017-18209, CVE-2017-3735, CVE-2017-7793, CVE-2017-7805, CVE-2017-7810, CVE-2017-7814, CVE-2017-7818, CVE-2017-7819, CVE-2017-7823, CVE-2017-7824, CVE-2017-7825

Update Details CVE is updated

163318 - Oracle Enterprise Linux ELSA-2017-0847 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-2628

Update Details Risk is updated

170957 - Amazon Linux AMI ALAS-2018-989 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750

Update Details Risk is updated

182579 - FreeBSD gitlab Remote Code Execution On Project Import (65fab89f-2231-46db-8541-978f4e87f32a)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2017-0915, CVE-2018-3710

Update Details Risk is updated

186135 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3603-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750

Update Details Risk is updated

186138 - Ubuntu Linux 12.04 USN-3603-2 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750

Update Details Risk is updated

193462 - Fedora Linux 26 FEDORA-2018-c188d3f09a Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000134

Update Details Risk is updated

193488 - Fedora Linux 28 FEDORA-2018-8f9d81a3fb Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750

Update Details Risk is updated

193507 - Fedora Linux 27 FEDORA-2018-0a473d6e7b Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000134

Update Details Risk is updated

193508 - Fedora Linux 26 FEDORA-2018-c1769746da Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750

Update Details Risk is updated

193511 - Fedora Linux 28 FEDORA-2018-e8635ed222 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000134

Update Details Risk is updated

193518 - Fedora Linux 27 FEDORA-2018-6db2f7a02e Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750

Update Details Risk is updated

33145 - Oracle Solaris 150401-61 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2004-0230, CVE-2013-0399, CVE-2013-3799, CVE-2013-5862, CVE-2013-5876, CVE-2014-4215, CVE-2014-6575, CVE- 2015-0375, CVE-2015-0471, CVE-2015-2580, CVE-2015-4869, CVE-2016-3419, CVE-2016-3441, CVE-2016-3453, CVE-2016-5544, CVE-2016-5553, CVE-2017-10004, CVE-2017-10036, CVE-2017-10042, CVE-2017-10122, CVE-2018-2710, CVE-2018-2717, CVE- 2018-2764

Update Details Name is updated Description is updated Observation is updated Recommendation is updated CVE is updated FASLScript is updated

88853 - Slackware Linux 14.0, 14.1, 14.2 SSA:2017-082-02 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

88855 - Slackware Linux 14.0, 14.1, 14.2 SSA:2017-091-01 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

88924 - Slackware Linux 14.0, 14.1, 14.2 SSA:2018-072-02 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1057

Update Details Risk is updated

130727 - Debian Linux 8.0 DSA-3816-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

131074 - Debian Linux 8.0 DSA-4168-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8741

Update Details Risk is updated

131075 - Debian Linux 8.0, 9.0 DSA-4167-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1000097

Update Details Risk is updated

141579 - Red Hat Enterprise Linux RHSA-2017-1265 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-2125, CVE-2017-2619

Update Details Risk is updated

141724 - Red Hat Enterprise Linux RHSA-2017-2789 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-12150, CVE-2017-12163, CVE-2017-2619

Update Details Risk is updated

145274 - SuSE SLES 11 SP4 SUSE-SU-2017:0841-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

145282 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:0858-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

145283 - SuSE SLES 12 SP1, 12 SP2, SLED 12 SP1, 12 SP2 SUSE-SU-2017:0859-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

145339 - SuSE SLES 11 SP4 SUSE-SU-2017:1216-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

145570 - SuSE Linux 42.2 openSUSE-SU-2017:0944-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

145869 - SuSE Linux 42.1 openSUSE-SU-2017:0935-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

146587 - SuSE Linux 42.3 openSUSE-SU-2018:0917-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1000132

Update Details Risk is updated

160254 - CentOS 7 CESA-2017-1265 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-2125, CVE-2017-2619

Update Details Risk is updated

163357 - Oracle Enterprise Linux ELSA-2017-1265 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-2125, CVE-2017-2619

Update Details Risk is updated

163464 - Oracle Enterprise Linux ELSA-2017-2789 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-12150, CVE-2017-12163, CVE-2017-2619

Update Details Risk is updated

163571 - Oracle Enterprise Linux ELSA-2018-4061 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1002101, CVE-2017-1002102

Update Details Risk is updated

175174 - Scientific Linux Security ERRATA Moderate: samba on SL7.x x86_64 (1705-5873)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2016-2125, CVE-2017-2619

Update Details Risk is updated

175265 - Scientific Linux Security ERRATA Moderate: samba on SL6.x i386/x86_64 (1709-3115)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2017-12150, CVE-2017-12163, CVE-2017-2619

Update Details Risk is updated

182316 - FreeBSD samba Symlink Race Allows Access Outside Share Definition (2826317b-10ec-11e7-944e-000c292e4fd8)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

182646 - FreeBSD SquirrelMail Post-authentication Access Privileges (928d5c59-2a5a-11e8-a712-0025908740c2)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8741

Update Details Risk is updated

185641 - Ubuntu Linux 12.04, 14.04, 16.04, 16.10 USN-3242-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

185676 - Ubuntu Linux 17.04 USN-3267-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

191897 - Fedora Linux 25 FEDORA-2017-c22a1dbe8b Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

191927 - Fedora Linux 26 FEDORA-2017-fb9ed95cf3 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

191954 - Fedora Linux 24 FEDORA-2017-97fb93e1d1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619

Update Details Risk is updated

22954 - (MSPT-Jan2018) Microsoft .NET Framework Core Denial of Service (CVE-2018-0764)

Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0764

Update Details FASLScript is updated

146573 - SuSE Linux 42.3 openSUSE-SU-2018:0899-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-9256, CVE-2018-9259, CVE-2018-9260, CVE-2018-9261, CVE-2018-9262, CVE-2018-9263, CVE-2018-9264, CVE- 2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274

Update Details Risk is updated

23304 - Omron CX-Supervisor Multiple Vulnerabilities

Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-7513, CVE-2018-7515, CVE-2018-7517, CVE-2018-7519, CVE-2018-7521, CVE-2018-7523, CVE-2018-7525

Update Details Risk is updated

33162 - Oracle Solaris 150400-61 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2004-0230, CVE-2013-5862, CVE-2013-5876, CVE-2014-0447, CVE-2014-6473, CVE-2014-6575, CVE-2015-0375, CVE- 2015-0471, CVE-2015-2580, CVE-2015-2589, CVE-2015-4869, CVE-2016-3419, CVE-2016-3441, CVE-2016-3453, CVE-2016-5553, CVE-2017-10004, CVE-2017-10036, CVE-2017-10042, CVE-2017-10122, CVE-2018-2710, CVE-2018-2717, CVE-2018-2764 Update Details Name is updated Description is updated Observation is updated Recommendation is updated CVE is updated FASLScript is updated

33291 - Oracle Solaris 150120-05 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-6481

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33294 - Oracle Solaris 150119-05 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-6481

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33326 - Oracle Solaris 152260-04 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0535, CVE-2017-10003, CVE-2018-2718

Update Details Name is updated Description is updated Observation is updated Recommendation is updated CVE is updated FASLScript is updated

33327 - Oracle Solaris 152261-04 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0535, CVE-2017-10003, CVE-2018-2718

Update Details Name is updated Description is updated Observation is updated Recommendation is updated CVE is updated FASLScript is updated

191886 - Fedora Linux 24 FEDORA-2017-7accc8010b Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2661

Update Details Risk is updated

191896 - Fedora Linux 25 FEDORA-2017-71e69a691b Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2661

Update Details Risk is updated

193420 - Fedora Linux 27 FEDORA-2018-a2cc71c081 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8050

Update Details Risk is updated

193495 - Fedora Linux 28 FEDORA-2018-50686c8410 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8050

Update Details Risk is updated

33336 - Oracle Solaris 152099-81 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33339 - Oracle Solaris 152097-81 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33340 - Oracle Solaris 152098-81 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated 33341 - Oracle Solaris 152096-81 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33349 - Oracle Solaris 152101-71 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33350 - Oracle Solaris 152100-71 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33360 - Oracle Solaris 152510-07 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33364 - Oracle Solaris 152511-07 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33365 - Oracle Solaris 152644-06 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

33366 - Oracle Solaris 152643-06 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated

182014 - FreeBSD tiff Buffer Overflow (0ab66088-4aa5-11e6-a7bd-14dae9d210b8)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5314, CVE-2016-5320

Update Details CVE is updated

131041 - Debian Linux 9.0 DSA-4135-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057

Update Details Risk is updated

146521 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0754-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050

Update Details Risk is updated

146531 - SuSE Linux 42.3 openSUSE-SU-2018:0801-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050

Update Details Risk is updated

146550 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2018:0832-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050

Update Details Risk is updated

182639 - FreeBSD samba Multiple Vulnerabilities (fb26f78a-26a9-11e8-a1c2-00505689d4ae)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057

Update Details Risk is updated

186134 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3595-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057

Update Details Risk is updated

193400 - Fedora Linux 26 FEDORA-2018-7d0acd608b Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057

Update Details Risk is updated

193405 - Fedora Linux 27 FEDORA-2018-c5c651ac44 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057

Update Details Risk is updated

HOW TO UPDATE

FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.

FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.

MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.

MCAFEE TECHNICAL SUPPORT

ServicePortal: https://mysupport.mcafee.com/ Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.

This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.