2018-APR-18 FSL version 7.6.18
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.
NEW CHECKS
23333 - (CTX233832) Citrix XenServer Multiple Vulnerabilities
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-2107, CVE-2016-2108
Description Multiple vulnerabilities are present in some versions of Citrix XenServer.
Observation Citrix XenServer is a popular virtualization platform.
Multiple vulnerabilities are present in some versions of Citrix XenServer. The flaws lie in OpenSSL. Successful exploitation could allow an attacker to decrypt management traffic, execute arbitrary code or cause a denial of service.
163578 - Oracle Enterprise Linux ELSA-2018-1062 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2015-8539, CVE-2016-3672, CVE-2016-7913, CVE-2016-8399, CVE-2016-8633, CVE-2017-1000, CVE-2017-1000111, CVE-2017-1000112, CVE-2017-1000251, CVE-2017-1000252, CVE-2017-1000380, CVE-2017-1000407, CVE-2017-1000410, CVE- 2017-11176, CVE-2017-12154, CVE-2017-12188, CVE-2017-1219, CVE-2017-12190, CVE-2017-13166, CVE-2017-14106, CVE- 2017-14140, CVE-2017-15116, CVE-2017-15121, CVE-2017-15126, CVE-2017-15127, CVE-2017-15129, CVE-2017-15265, CVE- 2017-15649, CVE-2017-17053, CVE-2017-17448, CVE-2017-17449, CVE-2017-17558, CVE-2017-18017, CVE-2017-18203, CVE- 2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2017-7184, CVE-2017-7294, CVE-2017-7472, CVE-2017-7518, CVE-2017-7533, CVE-2017-7541, CVE-2017-7542, CVE-2017-7558, CVE-2017-8824, CVE-2017-9725, CVE-2018-1000004, CVE-2018-5750, CVE- 2018-6927
Description The scan detected that the host is missing the following update: ELSA-2018-1062
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007619.html
OEL7 x86_64 kernel-doc-3.10.0-862.el7 perf-3.10.0-862.el7 python-perf-3.10.0-862.el7 kernel-tools-libs-3.10.0-862.el7 kernel-debug-devel-3.10.0-862.el7 kernel-tools-libs-devel-3.10.0-862.el7 kernel-abi-whitelists-3.10.0-862.el7 kernel-debug-3.10.0-862.el7 kernel-devel-3.10.0-862.el7 kernel-3.10.0-862.el7 kernel-headers-3.10.0-862.el7 kernel-tools-3.10.0-862.el7
23327 - Mozilla Firefox Multiple Vulnerabilities Prior To 59.0.1
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5146, CVE-2018-5147
Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.
Observation Mozilla Firefox is a popular web browser.
Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system.
23328 - Mozilla Firefox Multiple Vulnerabilities Prior To 59.0.1
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5146, CVE-2018-5147
Description Multiple vulnerabilities are present in some versions of Mozilla Firefox.
Observation Mozilla Firefox is a popular web browser.
Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system.
23342 - Mozilla Thunderbird Multiple Vulnerabilities Prior To 52.7
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146
Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird.
Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client. Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow attackers to remotely execute arbitrary code or cause a denial of service condition on the target system.
23343 - Mozilla Thunderbird Multiple Vulnerabilities Prior To 52.7
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146
Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird.
Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client.
Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow attackers to remotely execute arbitrary code or cause a denial of service condition on the target system.
23431 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1029)
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-1029
Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution.
The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
23432 - (HT208697) Apple iCloud Vulnerabilities Prior To 7.4
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE- 2018-4121, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4130, CVE-2018-4144, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165
Description Multiple vulnerabilities are present in some versions of Apple iCloud.
Observation Apple iCloud is a manager for the Apple's cloud-based storage service.
Multiple vulnerabilities are present in some versions of Apple iCloud. The flaws lie in multiple components. Successful exploitation could allow an attacker to execute remote arbitrary code, cause a denial-of-service condition or lead to information disclosure.
23438 - Cisco IOS Software Smart Install Remote Code Execution Vulnerability Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0171
Description A vulnerability is present in some versions of Cisco IOS.
Observation Cisco IOS is an operating system used in Cisco devices.
A vulnerability is present in some versions of Cisco IOS. The flaw is due to improper handling of a crafted Smart Install message. Successful exploitation could allow a remote attacker to cause a denial of service or execute arbitrary code.
23451 - Cisco IOS Software Quality of Service Remote Code Execution Vulnerability
Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0151
Description A vulnerability is present in some versions of Cisco IOS.
Observation Cisco IOS is an operating system used in Cisco devices.
A vulnerability is present in some versions of Cisco IOS. The flaw lies in quality of service subsystem. Successful exploitation by an unauthenticated, remote attacker could result in execution of arbitrary code on the affected device with elevated privileges and cause a temporary denial of service condition.
139092 - Oracle Solaris 11.3.29.5.0 Update Is Not Installed (Third Party Components)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2015-7554, CVE-2015-7557, CVE-2015-7558, CVE-2016-2334, CVE-2016-2335, CVE-2016-4347, CVE-2016-4348, CVE- 2016-6163, CVE-2016-9296, CVE-2017-10965, CVE-2017-10966, CVE-2017-11464, CVE-2017-13726, CVE-2017-13727, CVE-2017- 15227, CVE-2017-15228, CVE-2017-15721, CVE-2017-15722, CVE-2017-15723, CVE-2017-17880, CVE-2017-2753, CVE-2017- 2885, CVE-2017-3142, CVE-2017-3143, CVE-2017-5884, CVE-2017-5885, CVE-2017-7829, CVE-2017-7845, CVE-2017-7846, CVE- 2017-7847, CVE-2017-7848, CVE-2017-9468, CVE-2017-9765, CVE-2018-2753, CVE-2018-2754, CVE-2018-5089, CVE-2018-5091, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018- 5104, CVE-2018-5117, CVE-2018-5205, CVE-2018-5206, CVE-2018-5207, CVE-2018-5208, CVE-2018-5334, CVE-2018-5335, CVE- 2018-5336
Description The scan detected that the host is missing the following update: SRU 11.3.29.5.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/rs?type=doc&id=2361795.1 https://support.oracle.com/epmos/faces/DocumentDisplay? _afrLoop=507462766511768&id=1448883.1&_afrWindowMode=0&_adf.ctrl-state=98kg3qcn0_33#aref_section26 141931 - Red Hat Enterprise Linux RHSA-2018-1119 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937
Description The scan detected that the host is missing the following update: RHSA-2018-1119
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-April/msg00031.html
RHEL6D x86_64 flash-plugin-29.0.0.140-1.el6_9 i386 flash-plugin-29.0.0.140-1.el6_9
RHEL6S x86_64 flash-plugin-29.0.0.140-1.el6_9 i386 flash-plugin-29.0.0.140-1.el6_9
RHEL6WS x86_64 flash-plugin-29.0.0.140-1.el6_9 i386 flash-plugin-29.0.0.140-1.el6_9
23330 - Mozilla Firefox ESR Vulnerability Prior To ESR 52.7.3
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5148
Description A vulnerability is present in some versions of Mozilla Firefox ESR.
Observation Mozilla Firefox ESR is a popular web browser.
A vulnerability is present in some versions of Mozilla Firefox ESR. The flaw lies in the graphics processing component. Successful exploitation could allow an attacker to cause a denial of service condition.
23331 - Mozilla Firefox ESR Vulnerability Prior To ESR 52.7.3
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5148
Description A vulnerability is present in some versions of Mozilla Firefox ESR.
Observation Mozilla Firefox ESR is a popular web browser.
A vulnerability is present in some versions of Mozilla Firefox ESR. The flaw lies in the graphics processing component. Successful exploitation could allow an attacker to cause a denial of service condition.
23400 - Mozilla Firefox Vulnerability Prior To 59.0.2
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5148
Description A vulnerability is present in some versions of Mozilla Firefox.
Observation Mozilla Firefox is a popular web browser.
A vulnerability is present in some versions of Mozilla Firefox. The flaw lies in the compositor component. Successful exploitation could allow an attacker to cause a denial-of-service.
23401 - Mozilla Firefox Vulnerability Prior To 59.0.2
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5148
Description A vulnerability is present in some versions of Mozilla Firefox.
Observation Mozilla Firefox is a popular web browser.
A vulnerability is present in some versions of Mozilla Firefox. The flaw lies in the compositor component. Successful exploitation could allow an attacker to cause a denial-of-service.
23433 - Cisco IOS Software Bidirectional Forwarding Detection Denial Of Service Vulnerability (sa-20180328-bfd)
Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0155
Description A denial of service vulnerability is present in some versions of Cisco IOS. Observation Cisco IOS is an operating system used in Cisco devices.
A denial of service vulnerability is present in some versions of Cisco IOS. The flaw is related to the Bidirectional Forwarding Detection feature. Successful exploitation by an attacker could result in a denial-of-service condition.
23453 - Oracle Java SE Critical Patch Update April 2018
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-2783, CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE- 2018-2799, CVE-2018-2800, CVE-2018-2811, CVE-2018-2814, CVE-2018-2815, CVE-2018-2825, CVE-2018-2826
Description Multiple vulnerabilities are present in some versions of Oracle Java SE.
Observation Oracle Java SE is used to run Java applications.
Multiple vulnerabilities are present in some versions of Oracle Java SE. The flaws lie in multiple components. Successful exploitation could allow an attacker to remotely execute code on the target system and cause a denial of service condition.
193565 - Fedora Linux 26 FEDORA-2018-4ca01704a2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-1000111, CVE-2017-1000112, CVE-2017-1000251, CVE-2017-1000255, CVE-2017-1000405, CVE-2017-10810, CVE-2017-12134, CVE-2017-12153, CVE-2017-12154, CVE-2017-12190, CVE-2017-12193, CVE-2017-13693, CVE-2017-13694, CVE-2017-13695, CVE-2017-14051, CVE-2017-14497, CVE-2017-14954, CVE-2017-15115, CVE-2017-15265, CVE-2017-16532, CVE-2017-16538, CVE-2017-16644, CVE-2017-16647, CVE-2017-16649, CVE-2017-16650, CVE-2017-17448, CVE-2017-17449, CVE-2017-17450, CVE-2017-17558, CVE-2017-17712, CVE-2017-17741, CVE-2017-17852, CVE-2017-17853, CVE-2017-17854, CVE-2017-17855, CVE-2017-17856, CVE-2017-17857, CVE-2017-17862, CVE-2017-17863, CVE-2017-17864, CVE-2017-18232, CVE-2017-5123, CVE-2017-7533, CVE-2017-7558, CVE-2017-8824, CVE-2018-1000004, CVE-2018-1000026, CVE-2018-10021, CVE-2018-1065, CVE-2018-5332, CVE-2018-5333, CVE-2018-5344, CVE-2018-5750, CVE-2018-5803, CVE-2018-7757, CVE-2018- 7995, CVE-2018-8043
Description The scan detected that the host is missing the following update: FEDORA-2018-4ca01704a2
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=1
Fedora Core 26 kernel-4.15.17-200.fc26
23411 - (VMSA-2018-0008) VMware Workstation Player 14.X Denial Of Service Vulnerability
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-6957
Description A denial of service vulnerability is present in some versions of VMware Workstation Player.
Observation VMware Workstation Player is a virtualization software.
A denial of service vulnerability is present in some versions of VMware Workstation Player. The flaw lies in the VNC component. Successful exploitation could allow an attacker to cause a denial of service condition on the target system.
23414 - (HPESBUX03747) HP-UX BIND Remote Denial of Service Vulnerabilities
Category: SSH Module -> NonIntrusive -> HP-UX Patches and Hotfixes Risk Level: High CVE: CVE-2017-3135, CVE-2017-3136
Description Multiple vulnerabilities are present in some versions of HP-UX.
Observation HP-UX is a Unix-based operating system.
Multiple vulnerabilities are present in some versions of HP-UX. The flaws lie in the BIND component. Successful exploitation could allow an attacker to cause a denial of service.
23415 - Cisco IOS Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0172
Description A vulnerability is present in some versions of Cisco IOS.
Observation Cisco IOS is an operating system used in Cisco devices.
A vulnerability is present in some versions of Cisco IOS. The flaw is due to improper handling of DHCP Version 4 packets. Successful exploitation could allow a remote attacker to cause a denial of service.
23420 - (HT208695) Apple Safari Vulnerabilities Prior To 11.1
Category: SSH Module -> NonIntrusive -> Mac OS X Patches and Hotfixes Risk Level: High CVE: CVE-2018-4101, CVE-2018-4102, CVE-2018-4113, CVE-2018-4114, CVE-2018-4116, CVE-2018-4117, CVE-2018-4118, CVE- 2018-4119, CVE-2018-4120, CVE-2018-4121, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4130, CVE-2018-4133, CVE-2018-4137, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018- 4165
Description Multiple vulnerabilities are present in some versions of Apple Safari. Observation Apple Safari is a popular web browser.
Multiple vulnerabilities are present in some versions of Apple Safari. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a spoofing attack, obtain sensitive information, cause a denial of service condition and may lead to other attacks.
23421 - Cisco IOS Software DHCP Version 4 Relay Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0174
Description A denial of service vulnerability is present in some versions of Cisco IOS.
Observation Cisco IOS is an operating system used in Cisco devices.
A denial of service vulnerability is present in some versions of Cisco IOS. The flaw is due to improper handling of DHCP Version 4 packets. Successful exploitation could allow a remote attacker to cause a denial of service.
23427 - (HT208692) Apple macOS Multiple Vulnerabilities Prior To 10.13.4
Category: SSH Module -> NonIntrusive -> Mac OS X Patches and Hotfixes Risk Level: High CVE: CVE-2017-13890, CVE-2017-8816, CVE-2018-4104, CVE-2018-4105, CVE-2018-4106, CVE-2018-4107, CVE-2018-4108, CVE-2018-4111, CVE-2018-4112, CVE-2018-4115, CVE-2018-4131, CVE-2018-4132, CVE-2018-4135, CVE-2018-4136, CVE-2018- 4138, CVE-2018-4139, CVE-2018-4142, CVE-2018-4143, CVE-2018-4144, CVE-2018-4150, CVE-2018-4151, CVE-2018-4152, CVE- 2018-4154, CVE-2018-4155, CVE-2018-4156, CVE-2018-4157, CVE-2018-4158, CVE-2018-4160, CVE-2018-4166, CVE-2018-4167, CVE-2018-4170, CVE-2018-4173, CVE-2018-4174, CVE-2018-4175, CVE-2018-4176, CVE-2018-4179
Description Multiple vulnerabilities are present in some versions of Apple macOS.
Observation Apple macOS is the operating system developed by Apple.
Multiple vulnerabilities are present in some versions of Apple macOS. The flaws lie in several components. Successful exploitation could allow an attacker to retrieve sensitive data, escalate privileges, cause a denial of service condition or remotely execute arbitrary code on the target system.
23429 - Cisco IOS Software Integrated Services Module for VPN Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0154
Description A vulnerability is present in some versions of Cisco IOS.
Observation Cisco IOS is an operating system used in Cisco devices.
A vulnerability is present in some versions of Cisco IOS. The flaw lies in crypto engine of the Cisco Integrated Services Module for VPN. Successful exploitation by an attacker could result in a denial-of-service condition.
23435 - Wireshark Multiple Vulnerabilities Prior To 2.2.14
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-MAP-NOMATCH
Description Multiple vulnerabilities are present in some versions of Wireshark.
Observation Wireshark is a tool that is used to analyze the network protocol and traffic.
Multiple vulnerabilities are present in some versions of Wireshark. The flaws lie in multiple dissectors. Successful exploitation could allow an attacker to cause a denial of service condition.
23442 - Cisco IOS Software SNMP GET MIB Object ID Denial Of Service Vulnerability (sa-20180328-snmp)
Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0161
Description A denial of service vulnerability is present in some versions of Cisco IOS.
Observation Cisco IOS is an operating system used in Cisco devices.
A denial of service vulnerability is present in some versions of Cisco IOS. The flaw lies in the SNMP subsystem. Successful exploitation by an attacker could result in a denial-of-service condition.
132446 - Oracle VM OVMSA-2018-0033 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2017-17052, CVE-2017-7518
Description The scan detected that the host is missing the following update: OVMSA-2018-0033
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/oraclevm-errata/2018-April/000842.html
OVM3.4 x86_64 kernel-uek-firmware-4.1.12-112.16.7.el6uek kernel-uek-4.1.12-112.16.7.el6uek
139091 - Oracle Solaris 11.3.30.4.0 Update Is Not Installed (Third Party Components)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2017-3144, CVE-2017-3145, CVE-2018-2763, CVE-2018-2764, CVE-2018-2808, CVE-2018-6836, CVE-2018-7320, CVE- 2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333, CVE-2018-7334, CVE-2018-7335, CVE-2018- 7336, CVE-2018-7337, CVE-2018-7417, CVE-2018-7418, CVE-2018-7419, CVE-2018-7420, CVE-2018-7421
Description The scan detected that the host is missing the following update: SRU 11.3.30.4.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/rs?type=doc&id=2373752.1 https://support.oracle.com/epmos/faces/DocumentDisplay? _afrLoop=507462766511768&id=1448883.1&_afrWindowMode=0&_adf.ctrl-state=98kg3qcn0_33#aref_section26
139093 - Oracle Solaris 11.3.31.6.0 Update Is Not Installed (Third Party Components)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2015-1315, CVE-2016-10397, CVE-2016-1245, CVE-2016-1283, CVE-2017-1000158, CVE-2017-11142, CVE-2017- 11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11146, CVE-2017-11147, CVE-2017-12932, CVE-2017-15706, CVE-2017- 16227, CVE-2017-16611, CVE-2017-16612, CVE-2017-16642, CVE-2017-17784, CVE-2017-17789, CVE-2017-3735, CVE-2017- 3736, CVE-2017-3737, CVE-2017-3738, CVE-2017-5581, CVE-2017-5753, CVE-2017-7392, CVE-2017-7393, CVE-2017-7394, CVE- 2017-7395, CVE-2017-7396, CVE-2017-7890, CVE-2018-1000007, CVE-2018-1000031, CVE-2018-1000032, CVE-2018-1000033, CVE-2018-1000034, CVE-2018-1000035, CVE-2018-1304, CVE-2018-1305, CVE-2018-2562, CVE-2018-2573, CVE-2018-2583, CVE-2018-2590, CVE-2018-2591, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2647, CVE-2018- 2665, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703, CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE- 2018-5131, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146, CVE-2018-5148, CVE-2018-5378, CVE-2018-5379, CVE-2018-5381, CVE-2018-5711, CVE-2018-5712, CVE-2018-5732, CVE-2018-5733, CVE-2018-7050, CVE-2018-7051, CVE-2018-7052, CVE-2018- 7053, CVE-2018-7054, CVE-2018-7170, CVE-2018-7182, CVE-2018-7183, CVE-2018-7184, CVE-2018-7185, CVE-2018-7584
Description The scan detected that the host is missing the following update: SRU 11.3.31.6.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/rs?type=doc&id=2385753.1 https://support.oracle.com/epmos/faces/DocumentDisplay? _afrLoop=507462766511768&id=1448883.1&_afrWindowMode=0&_adf.ctrl-state=98kg3qcn0_33#aref_section26
141932 - Red Hat Enterprise Linux RHSA-2018-1124 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750
Description The scan detected that the host is missing the following update: RHSA-2018-1124
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-April/msg00033.html
RHEL6D noarch python-paramiko-1.7.5-4.el6_9
RHEL6S noarch python-paramiko-1.7.5-4.el6_9
RHEL6WS noarch python-paramiko-1.7.5-4.el6_9
141933 - Red Hat Enterprise Linux RHSA-2018-1125 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750
Description The scan detected that the host is missing the following update: RHSA-2018-1125
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-April/msg00032.html
RHEL6_7S noarch python-paramiko-1.7.5-4.el6_7
RHEL6_6S noarch python-paramiko-1.7.5-4.el6_6
RHEL6_5S noarch python-paramiko-1.7.5-4.el6_5
RHEL6_4S noarch python-paramiko-1.7.5-4.el6_4
146596 - SuSE Linux 42.3 openSUSE-SU-2018:0965-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000164
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0965-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00040.html
SuSE Linux 42.3 noarch python-gunicorn-doc-19.3.0-4.3.1 python3-gunicorn-19.3.0-5.3.1 python-gunicorn-19.3.0-4.3.1 python3-gunicorn-doc-19.3.0-5.3.1
146597 - SuSE Linux 42.3 openSUSE-SU-2018:0967-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-7158, CVE-2018-7159
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0967-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00042.html
SuSE Linux 42.3 i586 nodejs4-debuginfo-4.9.1-14.1 nodejs4-4.9.1-14.1 nodejs4-devel-4.9.1-14.1 nodejs4-debugsource-4.9.1-14.1 npm4-4.9.1-14.1 noarch nodejs4-docs-4.9.1-14.1 x86_64 nodejs4-debuginfo-4.9.1-14.1 nodejs4-4.9.1-14.1 nodejs4-devel-4.9.1-14.1 nodejs4-debugsource-4.9.1-14.1 npm4-4.9.1-14.1
146598 - SuSE Linux 42.3 openSUSE-SU-2018:0970-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1549, CVE-2018-7170, CVE-2018-7182, CVE-2018-7183, CVE-2018-7184, CVE-2018-7185
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0970-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00045.html
SuSE Linux 42.3 x86_64 ntp-debuginfo-4.2.8p11-31.3.1 ntp-debugsource-4.2.8p11-31.3.1 ntp-doc-4.2.8p11-31.3.1 ntp-4.2.8p11-31.3.1 i586 ntp-debuginfo-4.2.8p11-31.3.1 ntp-debugsource-4.2.8p11-31.3.1 ntp-doc-4.2.8p11-31.3.1 ntp-4.2.8p11-31.3.1
146601 - SuSE SLES 12 SP2, 12 SP3, SLED 12 SP2, 12 SP3 SUSE-SU-2018:0925-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-0739
Description The scan detected that the host is missing the following update: SUSE-SU-2018:0925-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003886.html
SuSE SLES 12 SP2 noarch openssl-doc-1.0.2j-60.24.1 x86_64 openssl-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.24.1 libopenssl-devel-1.0.2j-60.24.1 libopenssl1_0_0-hmac-1.0.2j-60.24.1 openssl-debugsource-1.0.2j-60.24.1 libopenssl1_0_0-32bit-1.0.2j-60.24.1 openssl-1.0.2j-60.24.1 libopenssl1_0_0-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.24.1
SuSE SLED 12 SP3 x86_64 openssl-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-1.0.2j-60.24.1 libopenssl-devel-1.0.2j-60.24.1 openssl-1.0.2j-60.24.1 openssl-debugsource-1.0.2j-60.24.1 libopenssl1_0_0-32bit-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.24.1 libopenssl1_0_0-1.0.2j-60.24.1
SuSE SLED 12 SP2 x86_64 openssl-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-1.0.2j-60.24.1 libopenssl-devel-1.0.2j-60.24.1 openssl-1.0.2j-60.24.1 openssl-debugsource-1.0.2j-60.24.1 libopenssl1_0_0-32bit-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.24.1 libopenssl1_0_0-1.0.2j-60.24.1
SuSE SLES 12 SP3 noarch openssl-doc-1.0.2j-60.24.1 x86_64 openssl-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-1.0.2j-60.24.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.24.1 libopenssl-devel-1.0.2j-60.24.1 libopenssl1_0_0-hmac-1.0.2j-60.24.1 openssl-debugsource-1.0.2j-60.24.1 libopenssl1_0_0-32bit-1.0.2j-60.24.1 openssl-1.0.2j-60.24.1 libopenssl1_0_0-1.0.2j-60.24.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.24.1
146605 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0956-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1549, CVE-2018-7170, CVE-2018-7182, CVE-2018-7183, CVE-2018-7184, CVE-2018-7185
Description The scan detected that the host is missing the following update: SUSE-SU-2018:0956-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003894.html
SuSE SLED 12 SP3 x86_64 ntp-debugsource-4.2.8p11-64.3.2 ntp-4.2.8p11-64.3.2 ntp-debuginfo-4.2.8p11-64.3.2 ntp-doc-4.2.8p11-64.3.2
SuSE SLES 12 SP3 x86_64 ntp-debugsource-4.2.8p11-64.3.2 ntp-4.2.8p11-64.3.2 ntp-debuginfo-4.2.8p11-64.3.2 ntp-doc-4.2.8p11-64.3.2
146607 - SuSE Linux 42.3 openSUSE-SU-2018:0936-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-0739
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0936-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00027.html
SuSE Linux 42.3 i586 openssl-debuginfo-1.0.2j-19.1 openssl-1.0.2j-19.1 openssl-cavs-1.0.2j-19.1 libopenssl1_0_0-1.0.2j-19.1 libopenssl1_0_0-hmac-1.0.2j-19.1 openssl-cavs-debuginfo-1.0.2j-19.1 libopenssl-devel-1.0.2j-19.1 libopenssl1_0_0-debuginfo-1.0.2j-19.1 openssl-debugsource-1.0.2j-19.1 noarch openssl-doc-1.0.2j-19.1 x86_64 libopenssl-devel-32bit-1.0.2j-19.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-19.1 libopenssl-devel-1.0.2j-19.1 libopenssl1_0_0-1.0.2j-19.1 openssl-debuginfo-1.0.2j-19.1 libopenssl1_0_0-32bit-1.0.2j-19.1 openssl-debugsource-1.0.2j-19.1 libopenssl1_0_0-hmac-1.0.2j-19.1 libopenssl1_0_0-hmac-32bit-1.0.2j-19.1 libopenssl1_0_0-debuginfo-1.0.2j-19.1 openssl-cavs-1.0.2j-19.1 openssl-1.0.2j-19.1 openssl-cavs-debuginfo-1.0.2j-19.1
163573 - Oracle Enterprise Linux ELSA-2018-1098 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-5148
Description The scan detected that the host is missing the following update: ELSA-2018-1098
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007607.html
OEL6 x86_64 firefox-52.7.3-1.0.1.el6_9 i386 firefox-52.7.3-1.0.1.el6_9
163575 - Oracle Enterprise Linux ELSA-2018-0805 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2014-9402, CVE-2015-5180, CVE-2016-3706, CVE-2017-1213, CVE-2017-12132, CVE-2017-15670, CVE-2017-15804, CVE-2018-1000001
Description The scan detected that the host is missing the following update: ELSA-2018-0805
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007611.html
OEL7 x86_64 glibc-static-2.17-222.el7 glibc-2.17-222.el7 nscd-2.17-222.el7 glibc-headers-2.17-222.el7 glibc-devel-2.17-222.el7 glibc-common-2.17-222.el7 glibc-utils-2.17-222.el7 163576 - Oracle Enterprise Linux ELSA-2018-0855 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-7426, CVE-2016-7429, CVE-2016-7433, CVE-2016-9310, CVE-2016-9311, CVE-2017-6462, CVE-2017-6463, CVE- 2017-6464
Description The scan detected that the host is missing the following update: ELSA-2018-0855
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007616.html
OEL7 x86_64 ntpdate-4.2.6p5-28.el7 sntp-4.2.6p5-28.el7 ntp-4.2.6p5-28.el7 ntp-perl-4.2.6p5-28.el7 ntp-doc-4.2.6p5-28.el7
163580 - Oracle Enterprise Linux ELSA-2018-1124 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750
Description The scan detected that the host is missing the following update: ELSA-2018-1124
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007608.html
OEL6 x86_64 python-paramiko-1.7.5-4.el6_9 i386 python-paramiko-1.7.5-4.el6_9
163582 - Oracle Enterprise Linux ELSA-2018-4062 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-17052, CVE-2017-7518
Description The scan detected that the host is missing the following update: ELSA-2018-4062
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007604.html http://oss.oracle.com/pipermail/el-errata/2018-April/007605.html
OEL7 x86_64 kernel-uek-firmware-4.1.12-112.16.7.el7uek kernel-uek-doc-4.1.12-112.16.7.el7uek kernel-uek-debug-devel-4.1.12-112.16.7.el7uek kernel-uek-4.1.12-112.16.7.el7uek kernel-uek-debug-4.1.12-112.16.7.el7uek kernel-uek-devel-4.1.12-112.16.7.el7uek
OEL6 x86_64 kernel-uek-debug-4.1.12-112.16.7.el6uek kernel-uek-debug-devel-4.1.12-112.16.7.el6uek kernel-uek-firmware-4.1.12-112.16.7.el6uek kernel-uek-4.1.12-112.16.7.el6uek kernel-uek-doc-4.1.12-112.16.7.el6uek kernel-uek-devel-4.1.12-112.16.7.el6uek
163584 - Oracle Enterprise Linux ELSA-2018-0816 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-10664, CVE-2017-13672, CVE-2017-13711, CVE-2017-14167, CVE-2017-15124, CVE-2017-15268, CVE-2017- 15289, CVE-2017-5715, CVE-2018-5683
Description The scan detected that the host is missing the following update: ELSA-2018-0816
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007614.html
OEL7 x86_64 qemu-kvm-1.5.3-156.el7 qemu-kvm-common-1.5.3-156.el7 qemu-kvm-tools-1.5.3-156.el7 qemu-img-1.5.3-156.el7
175348 - Scientific Linux Security ERRATA Critical: python-paramiko on SL6.x (noarch) (1804-1576)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2018-7750
Description The scan detected that the host is missing the following update: Security ERRATA Critical: python-paramiko on SL6.x (noarch) (1804-1576)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1804&L=scientific-linux-errata&F=&S=&P=1576
SL6 noarch python-paramiko-1.7.5-4.el6_9
175349 - Scientific Linux Security ERRATA Important: firefox on SL6.x i386/x86_64 (1804-1250)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2018-5148
Description The scan detected that the host is missing the following update: Security ERRATA Important: firefox on SL6.x i386/x86_64 (1804-1250)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1804&L=scientific-linux-errata&F=&S=&P=1250
SL6 x86_64 firefox-debuginfo-52.7.3-1.el6_9 firefox-52.7.3-1.el6_9 i386 firefox-debuginfo-52.7.3-1.el6_9 firefox-52.7.3-1.el6_9
178614 - Gentoo Linux GLSA-201804-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: GLSA-201804-11
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-11
Affected packages: www-plugins/adobe-flash < 29.0.0.140
182672 - FreeBSD ipsec-tools Remotely Exploitable Computational-complexity Attack (974a6d32-3fda-11e8-aea4- 001b216d295b)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2016-10396
Description The scan detected that the host is missing the following update: ipsec-tools -- remotely exploitable computational-complexity attack (974a6d32-3fda-11e8-aea4-001b216d295b)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/974a6d32-3fda-11e8-aea4-001b216d295b.html
Affected packages: ipsec-tools < 0.8.2_3
193569 - Fedora Linux 27 FEDORA-2018-e38f759144 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7753
Description The scan detected that the host is missing the following update: FEDORA-2018-e38f759144
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=1
Fedora Core 27 python-bleach-2.1.3-1.fc27
193573 - Fedora Linux 28 FEDORA-2018-bfdad62cd6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-17997, CVE-2017-6014, CVE-2017-9616, CVE-2017-9617, CVE-2017-9766, CVE-2018-5334, CVE-2018-5335, CVE-2018-6836, CVE-2018-7320, CVE-2018-7334, CVE-2018-7335, CVE-2018-7336, CVE-2018-7337, CVE-2018-7417, CVE-2018- 7418, CVE-2018-7419, CVE-2018-7420
Description The scan detected that the host is missing the following update: FEDORA-2018-bfdad62cd6
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=2
Fedora Core 28 wireshark-2.4.5-3.fc28
193581 - Fedora Linux 27 FEDORA-2018-1e033dc308 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2017-1000405, CVE-2017-12193, CVE-2017-15115, CVE-2017-16532, CVE-2017-16538, CVE-2017-16644, CVE-2017- 16647, CVE-2017-16649, CVE-2017-16650, CVE-2017-17448, CVE-2017-17449, CVE-2017-17450, CVE-2017-17558, CVE-2017- 17712, CVE-2017-17741, CVE-2017-17852, CVE-2017-17853, CVE-2017-17854, CVE-2017-17855, CVE-2017-17856, CVE-2017- 17857, CVE-2017-17862, CVE-2017-17863, CVE-2017-17864, CVE-2017-18232, CVE-2017-8824, CVE-2018-1000004, CVE-2018- 1000026, CVE-2018-10021, CVE-2018-1065, CVE-2018-5332, CVE-2018-5333, CVE-2018-5344, CVE-2018-5750, CVE-2018-5803, CVE-2018-7757, CVE-2018-7995, CVE-2018-8043
Description The scan detected that the host is missing the following update: FEDORA-2018-1e033dc308
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=1
Fedora Core 27 kernel-4.15.17-300.fc27
23326 - Pulse Secure Linux Client SSL Certificates Validation Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2018-6374
Description A vulnerability is present in some versions of Pulse Secure Linux Client.
Observation Pulse Secure is an SSL VPN solution.
A vulnerability is present in some versions of Pulse Secure Linux Client. The flaw lies in the WebKit component. Successful exploitation by a remote attacker could bypass security restrictions and modify information given by user.
23329 - PostgreSQL Vulnerability (Mar 2018) Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1058
Description A vulnerability is present in some versions of PostgreSQL.
Observation PostgreSQL is an open-source object-relational database management system.
A vulnerability is present in some versions of PostgreSQL. The flaw is due to uncontrolled search path element. Successful exploitation could allow an attacker to execute code on the target.
23440 - (APSB18-13) Vulnerabilities In Adobe Digital Editions
Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-4925, CVE-2018-4926
Description Multiple vulnerabilities are present in some versions of Adobe Digital Editions.
Observation Adobe Digital Editions is the Adobe's eBook reader software.
Multiple vulnerabilities are present in some versions of Adobe Digital Editions. The flaws lie in multiple components. Successful exploitation could allow an attacker to obtain sensitive information.
23441 - (APSB18-13) Vulnerabilities In Adobe Digital Editions
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2018-4925, CVE-2018-4926
Description Multiple vulnerabilities are present in some versions of Adobe Digital Editions.
Observation Adobe Digital Editions is the Adobe's eBook reader software.
Multiple vulnerabilities are present in some versions of Adobe Digital Editions. The flaws lie in multiple components. Successful exploitation could allow an attacker to obtain sensitive information.
131079 - Debian Linux 9.0 DSA-4173-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-12110, CVE-2017-12111, CVE-2017-2896, CVE-2017-2897, CVE-2017-2919
Description The scan detected that the host is missing the following update: DSA-4173-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4173
Debian 9.0 all r-cran-readxl_0.1.1-1+deb9u1
182674 - FreeBSD freeimage Code Execution Vulnerability (5b1631dc-eafd-11e6-9ac1-a4badb2f4699)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-5684
Description The scan detected that the host is missing the following update: freeimage -- code execution vulnerability (5b1631dc-eafd-11e6-9ac1-a4badb2f4699)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/5b1631dc-eafd-11e6-9ac1-a4badb2f4699.html
Affected packages: freeimage < 3.16.0_4
193567 - Fedora Linux 27 FEDORA-2018-1b3a73b45f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-14731, CVE-2017-2816, CVE-2017-2920
Description The scan detected that the host is missing the following update: FEDORA-2018-1b3a73b45f
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=4
Fedora Core 27 libofx-0.9.10-5.fc27
193580 - Fedora Linux 26 FEDORA-2018-4a2b875d6b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-14731, CVE-2017-2816, CVE-2017-2920
Description The scan detected that the host is missing the following update: FEDORA-2018-4a2b875d6b
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=4
Fedora Core 26 libofx-0.9.10-5.fc26
23315 - (K82570157) F5 BIG-IP NTP Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2018-7170
Description A vulnerability is present in some versions of F5's BIG-IP products.
Observation F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.
A vulnerability is present in some versions of F5's BIG-IP products. The flaw lies in the NTPD component. Successful exploitation could allow attackers to bypass certain security restrictions and modify victim's clock via a Sybil attack.
23335 - (VMSA-2018-0004) VMware Workstation Pro Speculative Execution Vulnerability
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-5715
Description A vulnerability is present in some versions of VMware Workstation Pro.
Observation VMware Workstation is a virtualization software.
A vulnerability is present in some versions of VMware Workstation Pro. The flaw relates to speculative execution side-channel attacks. Successful exploitation could allow an attacker to obtain sensitive information.
23393 - Apache HTTP Server Vulnerability Prior To 2.4.30
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2017-15710, CVE-2017-15715, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312
Description Multiple vulnerabilities are present in some versions of Apache HTTP Server.
Observation Apache HTTP Server is an open source web server.
Multiple vulnerabilities are present in some versions of Apache HTTP Server. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a denial of service condition.
23412 - (VMSA-2018-0004) VMware Fusion Speculative Execution Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2017-5715
Description An information disclosure vulnerability is present in some versions of VMware Fusion.
Observation VMware Fusion is a popular virtualization platform.
An information disclosure vulnerability is present in some versions of VMware Fusion. The flaw is related with the new speculative- execution control mechanism for virtual machines. Successful exploitation could allow an attacker to retrieve sensitive data from the target system.
23413 - (K01043241) F5 BIG-IP Linux kernel Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2017-17448
Description A vulnerability is present in some versions of F5 BIG-IP products.
Observation F5's BIG-IP products are network appliances that run F5's Traffic Management Operating System.
A vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in Linux kernel. Successful exploitation could allow attackers to bypass certain security restrictions and perform unauthorized actions.
23428 - IBM WebSphere Portal Cross-Site Scripting Vulnerability (swg22015317)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-1483
Description A cross-site-scripting vulnerability is present in some versions of IBM WebSphere Portal.
Observation IBM WebSphere Portal is a set of software tools that is used to build and manage web portals.
A cross-site-scripting vulnerability is present in some versions of IBM WebSphere Portal. The flaw lies in Web UI. Successful exploitation could allow an attacker to embed arbitrary JavaScript code in the web-based user interface.
23439 - (K32485746) F5 BIG-IP OpenSSH Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2016-10708
Description A vulnerability is present in some versions of F5 BIG-IP products.
Observation F5's BIG-IP products are network appliances that run F5's Traffic Management Operating System.
A vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in OpenSSH. Successful exploitation could allow remote attackers to cause a denial of service.
23449 - WordPress Simple Fields Plugin File Inclusion Vulnerability
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-MAP-NOMATCH
Description A vulnerability is present in some versions of Simple Fields WordPress plugin.
Observation Simple Fields is an old WordPress plugin which is not actively developed anymore.
A vulnerability is present in some versions of Simple Fields WordPress plugin. The flaw is due to improper handling of 'wp_abspath' parameter. Successful exploitation could allow an attacker to obtain sensitive information and execute arbitrary code.
146609 - SuSE Linux 42.3 openSUSE-SU-2018:0968-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1000115
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0968-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00043.html
SuSE Linux 42.3 x86_64 memcached-debugsource-1.4.39-11.6.1 memcached-1.4.39-11.6.1 memcached-devel-1.4.39-11.6.1 memcached-debuginfo-1.4.39-11.6.1 i586 memcached-debugsource-1.4.39-11.6.1 memcached-1.4.39-11.6.1 memcached-devel-1.4.39-11.6.1 memcached-debuginfo-1.4.39-11.6.1
146610 - SuSE SLES 12 SP3 SUSE-SU-2018:0955-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1000115
Description The scan detected that the host is missing the following update: SUSE-SU-2018:0955-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003893.html
SuSE SLES 12 SP3 x86_64 memcached-debuginfo-1.4.39-4.6.1 memcached-debugsource-1.4.39-4.6.1 memcached-1.4.39-4.6.1
163574 - Oracle Enterprise Linux ELSA-2018-0980 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-15906
Description The scan detected that the host is missing the following update: ELSA-2018-0980
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007617.html
OEL7 x86_64 openssh-clients-7.4p1-16.el7 pam_ssh_agent_auth-0.10.3-2.16.el7 openssh-7.4p1-16.el7 openssh-askpass-7.4p1-16.el7 openssh-ldap-7.4p1-16.el7 openssh-cavs-7.4p1-16.el7 openssh-keycat-7.4p1-16.el7 openssh-server-sysvinit-7.4p1-16.el7 openssh-server-7.4p1-16.el7
178613 - Gentoo Linux GLSA-201804-12 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: GLSA-201804-12
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-12
Affected packages: dev-lang/go < 1.10.1
178615 - Gentoo Linux GLSA-201804-13 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: GLSA-201804-13
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-13
Affected packages: sys-libs/ncurses < 6.1
178616 - Gentoo Linux GLSA-201804-15 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: GLSA-201804-15
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-15
Affected packages: app-text/evince < 3.24.2-r1
178617 - Gentoo Linux GLSA-201804-14 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: GLSA-201804-14
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201804-14
Affected packages: x11-libs/gdk-pixbuf < 2.36.11
186177 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3625-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8853, CVE-2016-6185, CVE-2017-6512, CVE-2018-6797, CVE-2018-6798, CVE-2018-6913
Description The scan detected that the host is missing the following update: USN-3625-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2018-April/004358.html
Ubuntu 16.04 perl_5.22.1-9ubuntu0.3
Ubuntu 14.04 perl_5.18.2-2ubuntu1.4
Ubuntu 17.10 perl_5.26.0-8ubuntu1.1 193575 - Fedora Linux 28 FEDORA-2018-2926fd93f4 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2004-2779, CVE-2017-11550
Description The scan detected that the host is missing the following update: FEDORA-2018-2926fd93f4
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=3
Fedora Core 28 mingw-libid3tag-0.15.1b-24.fc28
135196 - Oracle Solaris 11.3.31.6.0 Update Is Not Installed (CVE-2017-5753)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-5753
Description The scan detected that the host is missing the following update: SRU 11.3.31.6.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494
141930 - Red Hat Enterprise Linux RHSA-2018-1129 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-5754
Description The scan detected that the host is missing the following update: RHSA-2018-1129
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-April/msg00035.html
RHEL7_3S noarch kernel-abi-whitelists-3.10.0-514.48.1.el7 kernel-doc-3.10.0-514.48.1.el7 x86_64 kernel-debug-devel-3.10.0-514.48.1.el7 kernel-3.10.0-514.48.1.el7 kernel-debuginfo-common-x86_64-3.10.0-514.48.1.el7 kernel-tools-debuginfo-3.10.0-514.48.1.el7 kernel-debug-3.10.0-514.48.1.el7 python-perf-3.10.0-514.48.1.el7 kernel-debug-debuginfo-3.10.0-514.48.1.el7 kernel-tools-libs-devel-3.10.0-514.48.1.el7 python-perf-debuginfo-3.10.0-514.48.1.el7 kernel-debuginfo-3.10.0-514.48.1.el7 perf-3.10.0-514.48.1.el7 kernel-tools-libs-3.10.0-514.48.1.el7 kernel-tools-3.10.0-514.48.1.el7 kernel-devel-3.10.0-514.48.1.el7 perf-debuginfo-3.10.0-514.48.1.el7 kernel-headers-3.10.0-514.48.1.el7
146592 - SuSE Linux 42.3 openSUSE-SU-2018:0960-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000159
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0960-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00035.html
SuSE Linux 42.3 x86_64 evince-plugin-comicsdocument-debuginfo-3.20.2-9.1 evince-browser-plugin-debuginfo-3.20.2-9.1 evince-3.20.2-9.1 evince-plugin-tiffdocument-3.20.2-9.1 evince-devel-3.20.2-9.1 evince-plugin-djvudocument-3.20.2-9.1 evince-plugin-psdocument-debuginfo-3.20.2-9.1 evince-plugin-pdfdocument-debuginfo-3.20.2-9.1 evince-plugin-tiffdocument-debuginfo-3.20.2-9.1 evince-plugin-comicsdocument-3.20.2-9.1 evince-plugin-pdfdocument-3.20.2-9.1 libevdocument3-4-3.20.2-9.1 evince-plugin-xpsdocument-debuginfo-3.20.2-9.1 evince-debugsource-3.20.2-9.1 libevdocument3-4-debuginfo-3.20.2-9.1 evince-browser-plugin-3.20.2-9.1 nautilus-evince-3.20.2-9.1 evince-plugin-djvudocument-debuginfo-3.20.2-9.1 evince-plugin-dvidocument-3.20.2-9.1 evince-plugin-psdocument-3.20.2-9.1 evince-plugin-xpsdocument-3.20.2-9.1 typelib-1_0-EvinceView-3_0-3.20.2-9.1 evince-plugin-dvidocument-debuginfo-3.20.2-9.1 nautilus-evince-debuginfo-3.20.2-9.1 libevview3-3-3.20.2-9.1 evince-debuginfo-3.20.2-9.1 typelib-1_0-EvinceDocument-3_0-3.20.2-9.1 libevview3-3-debuginfo-3.20.2-9.1 noarch evince-lang-3.20.2-9.1
146593 - SuSE SLED 12 SP3 SUSE-SU-2018:0919-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-7725, CVE-2018-7726
Description The scan detected that the host is missing the following update: SUSE-SU-2018:0919-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003884.html
SuSE SLED 12 SP3 x86_64 libzzip-0-13-debuginfo-0.13.67-10.8.1 libzzip-0-13-0.13.67-10.8.1 zziplib-debugsource-0.13.67-10.8.1
146594 - SuSE Linux 42.3 openSUSE-SU-2018:0939-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-5715, CVE-2018-1064, CVE-2018-6764
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0939-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00030.html
SuSE Linux 42.3 i586 libvirt-daemon-uml-3.3.0-15.1 libvirt-nss-3.3.0-15.1 libvirt-daemon-driver-storage-disk-3.3.0-15.1 libvirt-daemon-vbox-3.3.0-15.1 libvirt-daemon-driver-interface-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-core-debuginfo-3.3.0-15.1 libvirt-daemon-driver-uml-debuginfo-3.3.0-15.1 libvirt-libs-3.3.0-15.1 libvirt-daemon-driver-vbox-3.3.0-15.1 libvirt-daemon-hooks-3.3.0-15.1 libvirt-daemon-driver-storage-3.3.0-15.1 libvirt-devel-3.3.0-15.1 libvirt-libs-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-15.1 libvirt-daemon-lxc-3.3.0-15.1 libvirt-daemon-driver-network-3.3.0-15.1 libvirt-daemon-qemu-3.3.0-15.1 libvirt-client-3.3.0-15.1 libvirt-doc-3.3.0-15.1 libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-15.1 libvirt-daemon-driver-network-debuginfo-3.3.0-15.1 libvirt-daemon-driver-nodedev-debuginfo-3.3.0-15.1 libvirt-daemon-driver-lxc-3.3.0-15.1 libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-15.1 libvirt-client-debuginfo-3.3.0-15.1 libvirt-lock-sanlock-debuginfo-3.3.0-15.1 libvirt-daemon-driver-secret-3.3.0-15.1 libvirt-daemon-driver-storage-scsi-3.3.0-15.1 libvirt-admin-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-logical-3.3.0-15.1 libvirt-daemon-driver-interface-3.3.0-15.1 libvirt-daemon-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-iscsi-3.3.0-15.1 libvirt-daemon-driver-secret-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-mpath-3.3.0-15.1 libvirt-daemon-driver-lxc-debuginfo-3.3.0-15.1 libvirt-daemon-3.3.0-15.1 libvirt-daemon-config-network-3.3.0-15.1 libvirt-daemon-config-nwfilter-3.3.0-15.1 libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-15.1 libvirt-nss-debuginfo-3.3.0-15.1 libvirt-debugsource-3.3.0-15.1 libvirt-daemon-driver-storage-core-3.3.0-15.1 libvirt-daemon-driver-uml-3.3.0-15.1 libvirt-daemon-driver-nodedev-3.3.0-15.1 libvirt-daemon-driver-vbox-debuginfo-3.3.0-15.1 libvirt-3.3.0-15.1 libvirt-daemon-driver-qemu-debuginfo-3.3.0-15.1 libvirt-daemon-driver-nwfilter-3.3.0-15.1 libvirt-daemon-driver-qemu-3.3.0-15.1 libvirt-admin-3.3.0-15.1 libvirt-lock-sanlock-3.3.0-15.1 noarch virt-install-1.4.1-9.1 virt-manager-1.4.1-9.1 virt-manager-common-1.4.1-9.1 x86_64 libvirt-daemon-uml-3.3.0-15.1 libvirt-nss-3.3.0-15.1 libvirt-daemon-driver-storage-disk-3.3.0-15.1 libvirt-daemon-vbox-3.3.0-15.1 libvirt-daemon-driver-interface-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-core-debuginfo-3.3.0-15.1 libvirt-daemon-driver-uml-debuginfo-3.3.0-15.1 libvirt-libs-3.3.0-15.1 libvirt-daemon-driver-vbox-3.3.0-15.1 libvirt-daemon-hooks-3.3.0-15.1 libvirt-daemon-driver-libxl-3.3.0-15.1 libvirt-devel-32bit-3.3.0-15.1 libvirt-daemon-driver-storage-3.3.0-15.1 libvirt-devel-3.3.0-15.1 libvirt-libs-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-15.1 libvirt-daemon-lxc-3.3.0-15.1 libvirt-daemon-driver-network-3.3.0-15.1 libvirt-daemon-qemu-3.3.0-15.1 libvirt-client-3.3.0-15.1 libvirt-doc-3.3.0-15.1 libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-15.1 libvirt-daemon-driver-network-debuginfo-3.3.0-15.1 libvirt-daemon-driver-nodedev-debuginfo-3.3.0-15.1 libvirt-daemon-driver-lxc-3.3.0-15.1 libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-15.1 libvirt-client-debuginfo-3.3.0-15.1 libvirt-lock-sanlock-debuginfo-3.3.0-15.1 libvirt-daemon-driver-secret-3.3.0-15.1 libvirt-daemon-driver-storage-scsi-3.3.0-15.1 libvirt-admin-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-logical-3.3.0-15.1 libvirt-daemon-driver-interface-3.3.0-15.1 libvirt-daemon-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-iscsi-3.3.0-15.1 libvirt-daemon-driver-secret-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-rbd-3.3.0-15.1 libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-15.1 libvirt-daemon-driver-storage-mpath-3.3.0-15.1 libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-15.1 libvirt-daemon-driver-lxc-debuginfo-3.3.0-15.1 libvirt-daemon-xen-3.3.0-15.1 libvirt-daemon-3.3.0-15.1 libvirt-daemon-config-network-3.3.0-15.1 libvirt-daemon-config-nwfilter-3.3.0-15.1 libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-15.1 libvirt-nss-debuginfo-3.3.0-15.1 libvirt-debugsource-3.3.0-15.1 libvirt-daemon-driver-storage-core-3.3.0-15.1 libvirt-daemon-driver-uml-3.3.0-15.1 libvirt-daemon-driver-nodedev-3.3.0-15.1 libvirt-daemon-driver-vbox-debuginfo-3.3.0-15.1 libvirt-3.3.0-15.1 libvirt-client-debuginfo-32bit-3.3.0-15.1 libvirt-daemon-driver-qemu-debuginfo-3.3.0-15.1 libvirt-daemon-driver-nwfilter-3.3.0-15.1 libvirt-daemon-driver-qemu-3.3.0-15.1 libvirt-daemon-driver-libxl-debuginfo-3.3.0-15.1 libvirt-admin-3.3.0-15.1 libvirt-lock-sanlock-3.3.0-15.1 146600 - SuSE Linux 42.3 openSUSE-SU-2018:0966-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-18207
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0966-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00041.html
SuSE Linux 42.3 i586 python3-testsuite-3.4.6-12.3.1 python3-testsuite-debuginfo-3.4.6-12.3.1 python3-dbm-3.4.6-12.3.1 python3-tools-3.4.6-12.3.1 python3-dbm-debuginfo-3.4.6-12.3.1 python3-base-debugsource-3.4.6-12.3.1 python3-debuginfo-3.4.6-12.3.1 python3-curses-debuginfo-3.4.6-12.3.1 python3-curses-3.4.6-12.3.1 python3-3.4.6-12.3.1 python3-devel-3.4.6-12.3.1 python3-debugsource-3.4.6-12.3.1 python3-base-debuginfo-3.4.6-12.3.1 python3-base-3.4.6-12.3.1 libpython3_4m1_0-3.4.6-12.3.1 python3-devel-debuginfo-3.4.6-12.3.1 libpython3_4m1_0-debuginfo-3.4.6-12.3.1 python3-tk-3.4.6-12.3.1 python3-tk-debuginfo-3.4.6-12.3.1 python3-idle-3.4.6-12.3.1 noarch python3-doc-pdf-3.4.6-12.3.2 python3-doc-3.4.6-12.3.2 x86_64 python3-testsuite-3.4.6-12.3.1 python3-testsuite-debuginfo-3.4.6-12.3.1 python3-dbm-3.4.6-12.3.1 python3-tools-3.4.6-12.3.1 python3-dbm-debuginfo-3.4.6-12.3.1 python3-base-debugsource-3.4.6-12.3.1 python3-debuginfo-3.4.6-12.3.1 python3-curses-debuginfo-3.4.6-12.3.1 python3-curses-3.4.6-12.3.1 python3-3.4.6-12.3.1 python3-devel-3.4.6-12.3.1 python3-base-32bit-3.4.6-12.3.1 python3-debugsource-3.4.6-12.3.1 python3-32bit-3.4.6-12.3.1 python3-debuginfo-32bit-3.4.6-12.3.1 python3-base-debuginfo-3.4.6-12.3.1 python3-base-3.4.6-12.3.1 libpython3_4m1_0-debuginfo-32bit-3.4.6-12.3.1 libpython3_4m1_0-32bit-3.4.6-12.3.1 libpython3_4m1_0-3.4.6-12.3.1 python3-base-debuginfo-32bit-3.4.6-12.3.1 python3-devel-debuginfo-3.4.6-12.3.1 libpython3_4m1_0-debuginfo-3.4.6-12.3.1 python3-tk-3.4.6-12.3.1 python3-tk-debuginfo-3.4.6-12.3.1 python3-idle-3.4.6-12.3.1
146602 - SuSE Linux 42.3 openSUSE-SU-2018:0972-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1091, CVE-2018-7740, CVE-2018-8043
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0972-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00047.html
SuSE Linux 42.3 x86_64 kernel-debug-debuginfo-4.4.126-48.2 kernel-obs-build-debugsource-4.4.126-48.2 kernel-debug-base-4.4.126-48.2 kernel-default-base-debuginfo-4.4.126-48.2 kernel-vanilla-devel-4.4.126-48.2 kselftests-kmp-default-4.4.126-48.2 kselftests-kmp-default-debuginfo-4.4.126-48.2 kernel-syms-4.4.126-48.1 kernel-vanilla-debugsource-4.4.126-48.2 kernel-default-4.4.126-48.2 kernel-debug-base-debuginfo-4.4.126-48.2 kernel-debug-debugsource-4.4.126-48.2 kernel-debug-devel-4.4.126-48.2 kernel-obs-build-4.4.126-48.2 kernel-debug-4.4.126-48.2 kernel-default-devel-4.4.126-48.2 kernel-vanilla-base-debuginfo-4.4.126-48.2 kernel-default-base-4.4.126-48.2 kernel-vanilla-base-4.4.126-48.2 kernel-obs-qa-4.4.126-48.1 kernel-vanilla-debuginfo-4.4.126-48.2 kernel-default-debuginfo-4.4.126-48.2 kernel-vanilla-4.4.126-48.2 kselftests-kmp-vanilla-debuginfo-4.4.126-48.2 kernel-debug-devel-debuginfo-4.4.126-48.2 kselftests-kmp-debug-4.4.126-48.2 kselftests-kmp-debug-debuginfo-4.4.126-48.2 kernel-default-debugsource-4.4.126-48.2 kselftests-kmp-vanilla-4.4.126-48.2 noarch kernel-source-vanilla-4.4.126-48.1 kernel-source-4.4.126-48.1 kernel-devel-4.4.126-48.1 kernel-macros-4.4.126-48.1 kernel-docs-html-4.4.126-48.1 kernel-docs-pdf-4.4.126-48.1 kernel-docs-4.4.126-48.1
146603 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0947-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1000159
Description The scan detected that the host is missing the following update: SUSE-SU-2018:0947-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003891.html
SuSE SLED 12 SP3 x86_64 typelib-1_0-EvinceDocument-3_0-3.20.2-6.22.9 libevdocument3-4-3.20.2-6.22.9 evince-plugin-djvudocument-debuginfo-3.20.2-6.22.9 evince-plugin-pdfdocument-debuginfo-3.20.2-6.22.9 evince-browser-plugin-debuginfo-3.20.2-6.22.9 evince-plugin-tiffdocument-debuginfo-3.20.2-6.22.9 evince-plugin-psdocument-3.20.2-6.22.9 evince-3.20.2-6.22.9 typelib-1_0-EvinceView-3_0-3.20.2-6.22.9 libevview3-3-3.20.2-6.22.9 evince-plugin-djvudocument-3.20.2-6.22.9 evince-plugin-xpsdocument-debuginfo-3.20.2-6.22.9 evince-plugin-xpsdocument-3.20.2-6.22.9 libevview3-3-debuginfo-3.20.2-6.22.9 libevdocument3-4-debuginfo-3.20.2-6.22.9 evince-debugsource-3.20.2-6.22.9 evince-plugin-pdfdocument-3.20.2-6.22.9 evince-plugin-psdocument-debuginfo-3.20.2-6.22.9 evince-plugin-dvidocument-debuginfo-3.20.2-6.22.9 nautilus-evince-debuginfo-3.20.2-6.22.9 evince-plugin-dvidocument-3.20.2-6.22.9 nautilus-evince-3.20.2-6.22.9 evince-debuginfo-3.20.2-6.22.9 evince-browser-plugin-3.20.2-6.22.9 evince-plugin-tiffdocument-3.20.2-6.22.9 noarch evince-lang-3.20.2-6.22.9 SuSE SLES 12 SP3 noarch evince-lang-3.20.2-6.22.9 x86_64 evince-plugin-pdfdocument-debuginfo-3.20.2-6.22.9 libevdocument3-4-3.20.2-6.22.9 evince-plugin-djvudocument-debuginfo-3.20.2-6.22.9 evince-browser-plugin-debuginfo-3.20.2-6.22.9 evince-plugin-tiffdocument-debuginfo-3.20.2-6.22.9 evince-plugin-psdocument-3.20.2-6.22.9 evince-3.20.2-6.22.9 libevview3-3-3.20.2-6.22.9 evince-plugin-djvudocument-3.20.2-6.22.9 evince-plugin-xpsdocument-debuginfo-3.20.2-6.22.9 evince-plugin-xpsdocument-3.20.2-6.22.9 libevview3-3-debuginfo-3.20.2-6.22.9 libevdocument3-4-debuginfo-3.20.2-6.22.9 evince-debugsource-3.20.2-6.22.9 evince-plugin-pdfdocument-3.20.2-6.22.9 evince-plugin-psdocument-debuginfo-3.20.2-6.22.9 evince-plugin-dvidocument-debuginfo-3.20.2-6.22.9 nautilus-evince-debuginfo-3.20.2-6.22.9 evince-plugin-dvidocument-3.20.2-6.22.9 nautilus-evince-3.20.2-6.22.9 evince-debuginfo-3.20.2-6.22.9 evince-browser-plugin-3.20.2-6.22.9 evince-plugin-tiffdocument-3.20.2-6.22.9
146606 - SuSE Linux 42.3 openSUSE-SU-2018:0940-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-7725, CVE-2018-7726
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0940-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00031.html
SuSE Linux 42.3 x86_64 libzzip-0-13-debuginfo-32bit-0.13.67-13.6.1 zziplib-devel-debuginfo-32bit-0.13.67-13.6.1 zziplib-devel-32bit-0.13.67-13.6.1 zziplib-devel-0.13.67-13.6.1 libzzip-0-13-32bit-0.13.67-13.6.1 zziplib-devel-debuginfo-0.13.67-13.6.1 zziplib-debugsource-0.13.67-13.6.1 libzzip-0-13-0.13.67-13.6.1 libzzip-0-13-debuginfo-0.13.67-13.6.1 i586 zziplib-devel-debuginfo-0.13.67-13.6.1 zziplib-devel-0.13.67-13.6.1 zziplib-debugsource-0.13.67-13.6.1 libzzip-0-13-debuginfo-0.13.67-13.6.1 libzzip-0-13-0.13.67-13.6.1
146608 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0934-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-18207
Description The scan detected that the host is missing the following update: SUSE-SU-2018:0934-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003890.html
SuSE SLED 12 SP3 x86_64 python3-base-debugsource-3.4.6-25.7.1 python3-3.4.6-25.7.1 python3-base-3.4.6-25.7.1 libpython3_4m1_0-debuginfo-3.4.6-25.7.1 python3-curses-debuginfo-3.4.6-25.7.1 libpython3_4m1_0-3.4.6-25.7.1 python3-debuginfo-3.4.6-25.7.1 python3-debugsource-3.4.6-25.7.1 python3-base-debuginfo-3.4.6-25.7.1 python3-curses-3.4.6-25.7.1
SuSE SLES 12 SP3 x86_64 python3-base-debugsource-3.4.6-25.7.1 python3-3.4.6-25.7.1 python3-base-3.4.6-25.7.1 libpython3_4m1_0-debuginfo-3.4.6-25.7.1 python3-curses-debuginfo-3.4.6-25.7.1 libpython3_4m1_0-3.4.6-25.7.1 python3-debuginfo-3.4.6-25.7.1 python3-debugsource-3.4.6-25.7.1 python3-base-debuginfo-3.4.6-25.7.1 python3-curses-3.4.6-25.7.1
146611 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0920-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-5715, CVE-2018-1064, CVE-2018-6764
Description The scan detected that the host is missing the following update: SUSE-SU-2018:0920-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003885.html
SuSE SLED 12 SP3 x86_64 libvirt-daemon-driver-storage-scsi-3.3.0-5.19.2 libvirt-daemon-driver-storage-core-3.3.0-5.19.2 libvirt-daemon-driver-storage-iscsi-3.3.0-5.19.2 libvirt-daemon-driver-lxc-3.3.0-5.19.2 libvirt-daemon-config-network-3.3.0-5.19.2 libvirt-daemon-driver-interface-debuginfo-3.3.0-5.19.2 libvirt-client-debuginfo-3.3.0-5.19.2 libvirt-libs-debuginfo-3.3.0-5.19.2 libvirt-client-3.3.0-5.19.2 libvirt-daemon-driver-qemu-debuginfo-3.3.0-5.19.2 libvirt-daemon-lxc-3.3.0-5.19.2 libvirt-debugsource-3.3.0-5.19.2 libvirt-daemon-qemu-3.3.0-5.19.2 libvirt-daemon-driver-network-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-secret-3.3.0-5.19.2 libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-lxc-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-network-3.3.0-5.19.2 libvirt-daemon-3.3.0-5.19.2 libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-rbd-3.3.0-5.19.2 libvirt-daemon-driver-nodedev-3.3.0-5.19.2 libvirt-daemon-driver-storage-logical-3.3.0-5.19.2 libvirt-daemon-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-disk-3.3.0-5.19.2 libvirt-doc-3.3.0-5.19.2 libvirt-daemon-driver-secret-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-libxl-3.3.0-5.19.2 libvirt-daemon-driver-storage-3.3.0-5.19.2 libvirt-daemon-driver-libxl-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-qemu-3.3.0-5.19.2 libvirt-daemon-driver-storage-mpath-3.3.0-5.19.2 libvirt-daemon-driver-nwfilter-3.3.0-5.19.2 libvirt-daemon-driver-storage-core-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-interface-3.3.0-5.19.2 libvirt-daemon-config-nwfilter-3.3.0-5.19.2 libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-5.19.2 libvirt-admin-3.3.0-5.19.2 libvirt-daemon-driver-nodedev-debuginfo-3.3.0-5.19.2 libvirt-daemon-xen-3.3.0-5.19.2 libvirt-libs-3.3.0-5.19.2 libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-5.19.2 libvirt-admin-debuginfo-3.3.0-5.19.2 libvirt-3.3.0-5.19.2 libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-5.19.2 noarch virt-install-1.4.1-5.8.1 virt-manager-common-1.4.1-5.8.1 virt-manager-1.4.1-5.8.1
SuSE SLES 12 SP3 noarch virt-install-1.4.1-5.8.1 virt-manager-common-1.4.1-5.8.1 virt-manager-1.4.1-5.8.1 x86_64 libvirt-nss-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-scsi-3.3.0-5.19.2 libvirt-daemon-driver-storage-core-3.3.0-5.19.2 libvirt-daemon-driver-storage-iscsi-3.3.0-5.19.2 libvirt-daemon-driver-lxc-3.3.0-5.19.2 libvirt-daemon-config-network-3.3.0-5.19.2 libvirt-daemon-driver-interface-debuginfo-3.3.0-5.19.2 libvirt-client-debuginfo-3.3.0-5.19.2 libvirt-libs-debuginfo-3.3.0-5.19.2 libvirt-client-3.3.0-5.19.2 libvirt-daemon-driver-qemu-debuginfo-3.3.0-5.19.2 libvirt-lock-sanlock-3.3.0-5.19.2 libvirt-daemon-hooks-3.3.0-5.19.2 libvirt-doc-3.3.0-5.19.2 libvirt-daemon-qemu-3.3.0-5.19.2 libvirt-daemon-driver-network-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-rbd-3.3.0-5.19.2 libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-secret-3.3.0-5.19.2 libvirt-daemon-lxc-3.3.0-5.19.2 libvirt-daemon-driver-lxc-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-network-3.3.0-5.19.2 libvirt-daemon-3.3.0-5.19.2 libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-5.19.2 libvirt-debugsource-3.3.0-5.19.2 libvirt-daemon-driver-nodedev-3.3.0-5.19.2 libvirt-daemon-driver-storage-logical-3.3.0-5.19.2 libvirt-daemon-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-disk-3.3.0-5.19.2 libvirt-daemon-driver-secret-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-3.3.0-5.19.2 libvirt-daemon-driver-libxl-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-qemu-3.3.0-5.19.2 libvirt-daemon-driver-storage-mpath-3.3.0-5.19.2 libvirt-daemon-driver-nwfilter-3.3.0-5.19.2 libvirt-daemon-driver-storage-core-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-interface-3.3.0-5.19.2 libvirt-daemon-config-nwfilter-3.3.0-5.19.2 libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-5.19.2 libvirt-lock-sanlock-debuginfo-3.3.0-5.19.2 libvirt-admin-3.3.0-5.19.2 libvirt-daemon-driver-nodedev-debuginfo-3.3.0-5.19.2 libvirt-nss-3.3.0-5.19.2 libvirt-libs-3.3.0-5.19.2 libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-5.19.2 libvirt-admin-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-libxl-3.3.0-5.19.2 libvirt-3.3.0-5.19.2 libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-5.19.2 libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-5.19.2 libvirt-daemon-xen-3.3.0-5.19.2
163572 - Oracle Enterprise Linux ELSA-2018-0998 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-3736, CVE-2017-3737, CVE-2017-3738
Description The scan detected that the host is missing the following update: ELSA-2018-0998
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007618.html
OEL7 x86_64 openssl-1.0.2k-12.el7 openssl-perl-1.0.2k-12.el7 openssl-devel-1.0.2k-12.el7 openssl-static-1.0.2k-12.el7 openssl-libs-1.0.2k-12.el7
163579 - Oracle Enterprise Linux ELSA-2018-0666 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-11368, CVE-2017-7562
Description The scan detected that the host is missing the following update: ELSA-2018-0666
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007610.html
OEL7 x86_64 krb5-pkinit-1.15.1-18.el7 libkadm5-1.15.1-18.el7 krb5-server-ldap-1.15.1-18.el7 krb5-devel-1.15.1-18.el7 krb5-server-1.15.1-18.el7 krb5-libs-1.15.1-18.el7 krb5-workstation-1.15.1-18.el7
163583 - Oracle Enterprise Linux ELSA-2018-0842 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-15131
Description The scan detected that the host is missing the following update: ELSA-2018-0842
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007612.html
OEL7 x86_64 xdg-user-dirs-0.15-5.el7
23337 - Oracle Business Intelligence Enterprise Edition Critical Patch Update October 2016
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Low CVE: CVE-2016-2107
Description A vulnerability is present in some versions of Oracle Business Intelligence Enterprise Edition.
Observation Oracle Business Intelligence Enterprise Edition is an enterprise software suite that provides reporting and analysis.
A vulnerability is present in some versions of Oracle Business Intelligence Enterprise Edition. The flaw lies in the installation subcomponent. Successful exploitation could allow an attacker to affect confidentiality.
33381 - Oracle Solaris 150377-07 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2563
Description The scan detected that the host is missing the following update: 150377-07
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://getupdates.oracle.com/readme/150377-07
SunOS 5.10: LDAP Patch
SOLARIS_10
SUNWarc:11.10.0,REV=2005.01.21.15.53 SUNWcsl:11.10.0,REV=2005.01.21.15.53 SUNWnisu:11.10.0,REV=2005.01.21.15.53
33382 - Oracle Solaris 150378-07 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2563
Description The scan detected that the host is missing the following update: 150378-07
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://getupdates.oracle.com/readme/150378-07
SunOS 5.10(x86): LDAP Patch
SOLARIS_10_x86
SUNWnisu:11.10.0,REV=2005.01.21.16.34 SUNWarc:11.10.0,REV=2005.01.21.16.34 SUNWcsl:11.10.0,REV=2005.01.21.16.34
131078 - Debian Linux 8.0, 9.0 DSA-4172-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-6797, CVE-2018-6798, CVE-2018-6913
Description The scan detected that the host is missing the following update: DSA-4172-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4172
Debian 8.0 all perl_5.20.2-3+deb8u10
Debian 9.0 all perl_5.24.1-3+deb9u3
131080 - Debian Linux 9.0 DSA-4169-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1086
Description The scan detected that the host is missing the following update: DSA-4169-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4169
Debian 9.0 all pcs_0.9.155+dfsg-2+deb9u1
131081 - Debian Linux 9.0 DSA-4171-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-8048
Description The scan detected that the host is missing the following update: DSA-4171-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4171
Debian 9.0 all ruby-loofah_2.0.3-2+deb9u1
131082 - Debian Linux 9.0 DSA-4174-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1084
Description The scan detected that the host is missing the following update: DSA-4174-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4174
Debian 9.0 all corosync_2.4.2-3+deb9u1 146595 - SuSE SLES 12 SP2, 12 SP3 SUSE-SU-2018:0926-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1063
Description The scan detected that the host is missing the following update: SUSE-SU-2018:0926-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003887.html
SuSE SLES 12 SP3 x86_64 policycoreutils-python-2.5-10.3.1 policycoreutils-2.5-10.3.1 policycoreutils-debugsource-2.5-10.3.1 policycoreutils-python-debuginfo-2.5-10.3.1 policycoreutils-debuginfo-2.5-10.3.1
SuSE SLES 12 SP2 x86_64 policycoreutils-python-2.5-10.3.1 policycoreutils-2.5-10.3.1 policycoreutils-debugsource-2.5-10.3.1 policycoreutils-python-debuginfo-2.5-10.3.1 policycoreutils-debuginfo-2.5-10.3.1
146599 - SuSE SLES 11 SP4 SUSE-SU-2018:0927-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1063
Description The scan detected that the host is missing the following update: SUSE-SU-2018:0927-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2018-April/003888.html
SuSE SLES 11 SP4 i586 policycoreutils-2.0.79-4.9.3.3 x86_64 policycoreutils-2.0.79-4.9.3.3 146604 - SuSE Linux 42.3 openSUSE-SU-2018:0937-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1063
Description The scan detected that the host is missing the following update: openSUSE-SU-2018:0937-1
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2018-04/msg00028.html
SuSE Linux 42.3 x86_64 policycoreutils-gui-2.5-6.4.1 policycoreutils-sandbox-2.5-6.4.1 policycoreutils-python-2.5-6.4.1 policycoreutils-2.5-6.4.1 policycoreutils-python-debuginfo-2.5-6.4.1 policycoreutils-newrole-debuginfo-2.5-6.4.1 policycoreutils-newrole-2.5-6.4.1 policycoreutils-debugsource-2.5-6.4.1 policycoreutils-sandbox-debuginfo-2.5-6.4.1 policycoreutils-debuginfo-2.5-6.4.1 noarch policycoreutils-lang-2.5-6.4.1
163581 - Oracle Enterprise Linux ELSA-2018-0913 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1063
Description The scan detected that the host is missing the following update: ELSA-2018-0913
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007615.html
OEL7 x86_64 policycoreutils-gui-2.5-22.el7 policycoreutils-2.5-22.el7 policycoreutils-restorecond-2.5-22.el7 policycoreutils-devel-2.5-22.el7 policycoreutils-newrole-2.5-22.el7 policycoreutils-python-2.5-22.el7 policycoreutils-sandbox-2.5-22.el7
182670 - FreeBSD jenkins Multiple Vulnerabilities (aaba17aa-782e-4843-8a79-7756cfa2bf89)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: jenkins -- multiple vulnerabilities (aaba17aa-782e-4843-8a79-7756cfa2bf89)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/aaba17aa-782e-4843-8a79-7756cfa2bf89.html
Affected packages: jenkins <= 2.115 jenkins-lts <= 2.107.1
182671 - FreeBSD OpenSSL Cache Timing Vulnerability (8f353420-4197-11e8-8777-b499baebfeaf)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-0737
Description The scan detected that the host is missing the following update: OpenSSL -- Cache timing vulnerability (8f353420-4197-11e8-8777-b499baebfeaf)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/8f353420-4197-11e8-8777-b499baebfeaf.html
Affected packages: openssl < 1.0.2o_2,1 openssl-devel < 1.1.0h_1
182673 - FreeBSD roundcube IMAP Command Injection Vulnerability (48894ca9-3e6f-11e8-92f0-f0def167eeea)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-9846
Description The scan detected that the host is missing the following update: roundcube -- IMAP command injection vulnerability (48894ca9-3e6f-11e8-92f0-f0def167eeea)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/48894ca9-3e6f-11e8-92f0-f0def167eeea.html
Affected packages: roundcube <= 1.3.5,1
182675 - FreeBSD drupal Drupal Core - Multiple Vulnerabilities (a9e466e8-4144-11e8-a292-00e04c1ea73d)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-7600
Description The scan detected that the host is missing the following update: drupal -- Drupal Core - Multiple Vulnerabilities (a9e466e8-4144-11e8-a292-00e04c1ea73d)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/a9e466e8-4144-11e8-a292-00e04c1ea73d.html
Affected packages: drupal7 < 7.57
182676 - FreeBSD nghttp2 Denial Of Service Due To NULL Pointer Dereference (1fccb25e-8451-438c-a2b9-6a021e4d7a31)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1000168
Description The scan detected that the host is missing the following update: nghttp2 -- Denial of service due to NULL pointer dereference (1fccb25e-8451-438c-a2b9-6a021e4d7a31)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/1fccb25e-8451-438c-a2b9-6a021e4d7a31.html
Affected packages: 1.10.0 <= libnghttp2 < 1.31.1 1.10.0 <= nghttp2 < 1.31.1
182677 - FreeBSD perl Multiple Vulnerabilities (41c96ffd-29a6-4dcc-9a88-65f5038fa6eb)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-6797, CVE-2018-6798, CVE-2018-6913
Description The scan detected that the host is missing the following update: perl -- multiple vulnerabilities (41c96ffd-29a6-4dcc-9a88-65f5038fa6eb)
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/41c96ffd-29a6-4dcc-9a88-65f5038fa6eb.html
Affected packages: 5.24.0 <= perl5 < 5.24.4 5.26.0 <= perl5 < 5.26.2
193562 - Fedora Linux 28 FEDORA-2018-54aa882a3f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-54aa882a3f
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=2
Fedora Core 28 firefox-59.0.2-1.fc28
193563 - Fedora Linux 28 FEDORA-2018-dd8162c004 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2017-17742, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
Description The scan detected that the host is missing the following update: FEDORA-2018-dd8162c004
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=3
Fedora Core 28 ruby-2.5.1-92.fc28
193564 - Fedora Linux 27 FEDORA-2018-d48955723f Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-d48955723f
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=3
Fedora Core 27 wordpress-4.9.5-1.fc27
193566 - Fedora Linux 28 FEDORA-2018-50039f6b61 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-50039f6b61
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=1
Fedora Core 28 anki-2.0.50-1.fc28
193568 - Fedora Linux 28 FEDORA-2018-bdefa5e5bb Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1000168
Description The scan detected that the host is missing the following update: FEDORA-2018-bdefa5e5bb
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=1 Fedora Core 28 nghttp2-1.31.1-1.fc28
193570 - Fedora Linux 28 FEDORA-2018-bbfb0f5bc9 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1079, CVE-2018-1086
Description The scan detected that the host is missing the following update: FEDORA-2018-bbfb0f5bc9
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=3
Fedora Core 28 pcs-0.9.164-1.fc28
193571 - Fedora Linux 26 FEDORA-2018-42a426b17e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-9234
Description The scan detected that the host is missing the following update: FEDORA-2018-42a426b17e
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=1
Fedora Core 26 gnupg2-2.2.6-1.fc26
193574 - Fedora Linux 26 FEDORA-2018-97ad7e69c1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-97ad7e69c1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=3
Fedora Core 26 wordpress-4.9.5-1.fc26
193576 - Fedora Linux 28 FEDORA-2018-12da088117 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1084
Description The scan detected that the host is missing the following update: FEDORA-2018-12da088117
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=2
Fedora Core 28 corosync-2.4.4-1.fc28
193577 - Fedora Linux 26 FEDORA-2018-81d3af3f36 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1002150
Description The scan detected that the host is missing the following update: FEDORA-2018-81d3af3f36
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=4
Fedora Core 26 koji-1.15.1-1.fc26
193578 - Fedora Linux 28 FEDORA-2018-62268d69c9 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-62268d69c9
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=3
Fedora Core 28 freexl-1.0.5-1.fc28
193579 - Fedora Linux 28 FEDORA-2018-da6a17e6a3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-9234
Description The scan detected that the host is missing the following update: FEDORA-2018-da6a17e6a3
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=3
Fedora Core 28 gnupg2-2.2.6-1.fc28
193582 - Fedora Linux 27 FEDORA-2018-3fc05e009d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-9234
Description The scan detected that the host is missing the following update: FEDORA-2018-3fc05e009d
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=2
Fedora Core 27 gnupg2-2.2.6-1.fc27 193583 - Fedora Linux 28 FEDORA-2018-49ab80333f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Description The scan detected that the host is missing the following update: FEDORA-2018-49ab80333f
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=3
Fedora Core 28 star-1.5.3-12.fc28
163577 - Oracle Enterprise Linux ELSA-2018-0849 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Low CVE: CVE-2017-11671
Description The scan detected that the host is missing the following update: ELSA-2018-0849
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007613.html
OEL7 x86_64 gcc-go-4.8.5-28.el7 libgo-devel-4.8.5-28.el7 gcc-objc-4.8.5-28.el7 libatomic-static-4.8.5-28.el7 libgcc-4.8.5-28.el7 libgo-static-4.8.5-28.el7 libquadmath-static-4.8.5-28.el7 libgfortran-4.8.5-28.el7 libstdc++-devel-4.8.5-28.el7 libmudflap-devel-4.8.5-28.el7 libgfortran-static-4.8.5-28.el7 libobjc-4.8.5-28.el7 libtsan-static-4.8.5-28.el7 libgnat-devel-4.8.5-28.el7 libmudflap-4.8.5-28.el7 gcc-4.8.5-28.el7 gcc-plugin-devel-4.8.5-28.el7 libstdc++-static-4.8.5-28.el7 cpp-4.8.5-28.el7 gcc-gnat-4.8.5-28.el7 gcc-gfortran-4.8.5-28.el7 libgnat-4.8.5-28.el7 libstdc++-docs-4.8.5-28.el7 libasan-static-4.8.5-28.el7 libatomic-4.8.5-28.el7 libgomp-4.8.5-28.el7 libstdc++-4.8.5-28.el7 libitm-devel-4.8.5-28.el7 libitm-4.8.5-28.el7 libquadmath-4.8.5-28.el7 libquadmath-devel-4.8.5-28.el7 libgo-4.8.5-28.el7 libgnat-static-4.8.5-28.el7 gcc-objc++-4.8.5-28.el7 libmudflap-static-4.8.5-28.el7 libtsan-4.8.5-28.el7 libasan-4.8.5-28.el7 gcc-c++-4.8.5-28.el7 libitm-static-4.8.5-28.el7
193572 - Fedora Linux 28 FEDORA-2018-a5e9a619f6 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1071, CVE-2018-1083, CVE-2018-1100
Description The scan detected that the host is missing the following update: FEDORA-2018-a5e9a619f6
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/4/?count=200&page=2
Fedora Core 28 zsh-5.5-1.fc28
135197 - Oracle Solaris 11.3.27.4.0 Update Is Not Installed (CVE-2018-2563)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2563
Description The scan detected that the host is missing the following update: SRU 11.3.27.4.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494
135198 - Oracle Solaris 11.3.28.4.0 Update Is Not Installed (CVE-2018-2718)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2718
Description The scan detected that the host is missing the following update: SRU 11.3.28.4.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494
135199 - Oracle Solaris 11.3.29.5.0 Update Is Not Installed (CVE-2018-2753)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2753
Description The scan detected that the host is missing the following update: SRU 11.3.29.5.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494
135200 - Oracle Solaris 11.3.29.5.0 Update Is Not Installed (CVE-2018-2754)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2754
Description The scan detected that the host is missing the following update: SRU 11.3.29.5.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494
135201 - Oracle Solaris 11.3.30.5.0 Update Is Not Installed (CVE-2018-2763) Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2763
Description The scan detected that the host is missing the following update: SRU 11.3.30.5.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494
135202 - Oracle Solaris 11.3.30.5.0 Update Is Not Installed (CVE-2018-2764)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2764
Description The scan detected that the host is missing the following update: SRU 11.3.30.5.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494
135203 - Oracle Solaris 11.3.30.5.0 Update Is Not Installed (CVE-2018-2792)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2792
Description The scan detected that the host is missing the following update: SRU 11.3.30.5.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494
135204 - Oracle Solaris 11.3.30.5.0 Update Is Not Installed (CVE-2018-2808)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2018-2808
Description The scan detected that the host is missing the following update: SRU 11.3.30.5.0
Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1&_adf.ctrl-state=xu1c0d54m_4&_afrLoop=329260851778494
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 139072 - Oracle Solaris 11.3.25.3.0 Update Is Not Installed (Third Party Components)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2015-7511, CVE-2016-3492, CVE-2016-5584, CVE-2016-5612, CVE-2016-5624, CVE-2016-5629, CVE-2016-6313, CVE- 2016-6662, CVE-2016-6663, CVE-2016-6664, CVE-2016-7440, CVE-2016-8283, CVE-2016-8318, CVE-2017-1000383, CVE-2017- 12150, CVE-2017-12151, CVE-2017-12163, CVE-2017-13765, CVE-2017-13766, CVE-2017-13767, CVE-2017-14482, CVE-2017- 3238, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3273, CVE-2017-3291, CVE-2017-3312, CVE- 2017-3634, CVE-2017-3635, CVE-2017-3636, CVE-2017-3641, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653, CVE-2017-3732, CVE-2017-7526, CVE-2017-7674, CVE-2017-7675, CVE-2017-7793, CVE-2017- 7805, CVE-2017-7810, CVE-2017-7814, CVE-2017-7818, CVE-2017-7819, CVE-2017-7823, CVE-2017-7824, CVE-2017-7825
Update Details CVE is updated
146576 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0877-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2017-12194
Update Details Risk is updated
146580 - SuSE Linux 42.3 openSUSE-SU-2018:0892-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2017-12194
Update Details Risk is updated
23355 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1029)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-1029 Update Details Observation is updated
33312 - Oracle Solaris 152078-91 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33313 - Oracle Solaris 152076-91 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33314 - Oracle Solaris 152079-91 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33315 - Oracle Solaris 152077-91 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
139089 - Oracle Solaris 11.3.28.4.0 Update Is Not Installed (Third Party Components)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2015-3193, CVE-2015-8213, CVE-2016-0701, CVE-2016-10207, CVE-2017-13721, CVE-2017-13723, CVE-2017-14867, CVE-2017-15298, CVE-2017-17083, CVE-2017-17084, CVE-2017-17085, CVE-2017-3732, CVE-2017-3736, CVE-2017-3737, CVE- 2017-3738, CVE-2017-7843, CVE-2017-9798, CVE-2018-2718
Update Details CVE is updated 139090 - Oracle Solaris 11.3.27.4.0 Update Is Not Installed (Third Party Components)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2015-8870, CVE-2016-10092, CVE-2016-10093, CVE-2016-10094, CVE-2016-10095, CVE-2016-3186, CVE-2016-3619, CVE-2016-3620, CVE-2016-3621, CVE-2016-3622, CVE- 2016-3623, CVE-2016-3624, CVE-2016-3625, CVE-2016-3631, CVE-2016-3632, CVE-2016-3633, CVE-2016-3634, CVE-2016-3658, CVE-2016-3945, CVE-2016-3990, CVE-2016-3991, CVE-2016-5102, CVE-2016-5314, CVE-2016-5315, CVE-2016-5316, CVE-2016- 5317, CVE-2016-5318, CVE-2016-5319, CVE-2016-5321, CVE-2016-5322, CVE-2016-5323, CVE-2016-6223, CVE-2016-9273, CVE- 2016-9297, CVE-2016-9318, CVE-2016-9532, CVE-2016-9533, CVE-2016-9534, CVE-2016-9535, CVE-2016-9536, CVE-2016-9537, CVE-2016-9538, CVE-2016-9539, CVE-2016-9540, CVE-2017-0379, CVE-2017-10155, CVE-2017-10227, CVE-2017-10268, CVE- 2017-10276, CVE-2017-10279, CVE-2017-10283, CVE-2017-10286, CVE-2017-10294, CVE-2017-10314, CVE-2017-10378, CVE- 2017-10379, CVE-2017-10384, CVE-2017-10989, CVE-2017-13089, CVE-2017-13090, CVE-2017-13704, CVE-2017-14491, CVE- 2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, CVE-2017-16548, CVE-2017-3651, CVE- 2017-3652, CVE-2017-3653, CVE-2017-3731, CVE-2017-5225, CVE-2017-5563, CVE-2017-5969, CVE-2017-6508, CVE-2017-7592, CVE-2017-7593, CVE-2017-7594, CVE-2017-7595, CVE-2017-7596, CVE-2017-7597, CVE-2017-7598, CVE-2017-7599, CVE-2017- 7600, CVE-2017-7601, CVE-2017-7602, CVE-2017-7826, CVE-2017-7828, CVE-2017-7830, CVE-2017-9117, CVE-2017-9526, CVE- 2018-2560, CVE-2018-2563, CVE-2018-2577, CVE-2018-2578
Update Details CVE is updated
131044 - Debian Linux 9.0 DSA-4145-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2017-0915, CVE-2017-0916, CVE-2017-0917, CVE-2017-0918, CVE-2017-0925, CVE-2017-0926, CVE-2018-3710
Update Details Risk is updated
132354 - Oracle VM OVMSA-2017-0059 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2017-2628
Update Details Risk is updated
139051 - Oracle Solaris 11.3.26.5.0 Update Is Not Installed (Third Party Components)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-12617, CVE-2017-12893, CVE-2017- 12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017- 12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12989, CVE-2017- 12990, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12995, CVE-2017-12996, CVE-2017- 12997, CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, CVE-2017-13002, CVE-2017-13003, CVE-2017- 13004, CVE-2017-13005, CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009, CVE-2017-13010, CVE-2017- 13011, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014, CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017- 13018, CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, CVE-2017-13023, CVE-2017-13024, CVE-2017- 13025, CVE-2017-13026, CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030, CVE-2017-13031, CVE-2017- 13032, CVE-2017-13033, CVE-2017-13034, CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, CVE-2017- 13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017- 13046, CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050, CVE-2017-13051, CVE-2017-13052, CVE-2017- 13053, CVE-2017-13054, CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, CVE-2017-13690, CVE-2017- 13725, CVE-2017-14989, CVE-2017-15189, CVE-2017-15190, CVE-2017-15191, CVE-2017-15192, CVE-2017-15193, CVE-2017- 15281, CVE-2017-18209, CVE-2017-3735, CVE-2017-7793, CVE-2017-7805, CVE-2017-7810, CVE-2017-7814, CVE-2017-7818, CVE-2017-7819, CVE-2017-7823, CVE-2017-7824, CVE-2017-7825
Update Details CVE is updated
163318 - Oracle Enterprise Linux ELSA-2017-0847 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2017-2628
Update Details Risk is updated
170957 - Amazon Linux AMI ALAS-2018-989 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750
Update Details Risk is updated
182579 - FreeBSD gitlab Remote Code Execution On Project Import (65fab89f-2231-46db-8541-978f4e87f32a)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2017-0915, CVE-2018-3710
Update Details Risk is updated
186135 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3603-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750
Update Details Risk is updated
186138 - Ubuntu Linux 12.04 USN-3603-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750
Update Details Risk is updated
193462 - Fedora Linux 26 FEDORA-2018-c188d3f09a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000134
Update Details Risk is updated
193488 - Fedora Linux 28 FEDORA-2018-8f9d81a3fb Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750
Update Details Risk is updated
193507 - Fedora Linux 27 FEDORA-2018-0a473d6e7b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000134
Update Details Risk is updated
193508 - Fedora Linux 26 FEDORA-2018-c1769746da Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750
Update Details Risk is updated
193511 - Fedora Linux 28 FEDORA-2018-e8635ed222 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1000134
Update Details Risk is updated
193518 - Fedora Linux 27 FEDORA-2018-6db2f7a02e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-7750
Update Details Risk is updated
33145 - Oracle Solaris 150401-61 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2004-0230, CVE-2013-0399, CVE-2013-3799, CVE-2013-5862, CVE-2013-5876, CVE-2014-4215, CVE-2014-6575, CVE- 2015-0375, CVE-2015-0471, CVE-2015-2580, CVE-2015-4869, CVE-2016-3419, CVE-2016-3441, CVE-2016-3453, CVE-2016-5544, CVE-2016-5553, CVE-2017-10004, CVE-2017-10036, CVE-2017-10042, CVE-2017-10122, CVE-2018-2710, CVE-2018-2717, CVE- 2018-2764
Update Details Name is updated Description is updated Observation is updated Recommendation is updated CVE is updated FASLScript is updated
88853 - Slackware Linux 14.0, 14.1, 14.2 SSA:2017-082-02 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
88855 - Slackware Linux 14.0, 14.1, 14.2 SSA:2017-091-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
88924 - Slackware Linux 14.0, 14.1, 14.2 SSA:2018-072-02 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1057
Update Details Risk is updated
130727 - Debian Linux 8.0 DSA-3816-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
131074 - Debian Linux 8.0 DSA-4168-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8741
Update Details Risk is updated
131075 - Debian Linux 8.0, 9.0 DSA-4167-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1000097
Update Details Risk is updated
141579 - Red Hat Enterprise Linux RHSA-2017-1265 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-2125, CVE-2017-2619
Update Details Risk is updated
141724 - Red Hat Enterprise Linux RHSA-2017-2789 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-12150, CVE-2017-12163, CVE-2017-2619
Update Details Risk is updated
145274 - SuSE SLES 11 SP4 SUSE-SU-2017:0841-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
145282 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:0858-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
145283 - SuSE SLES 12 SP1, 12 SP2, SLED 12 SP1, 12 SP2 SUSE-SU-2017:0859-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
145339 - SuSE SLES 11 SP4 SUSE-SU-2017:1216-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
145570 - SuSE Linux 42.2 openSUSE-SU-2017:0944-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
145869 - SuSE Linux 42.1 openSUSE-SU-2017:0935-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
146587 - SuSE Linux 42.3 openSUSE-SU-2018:0917-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-1000132
Update Details Risk is updated
160254 - CentOS 7 CESA-2017-1265 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-2125, CVE-2017-2619
Update Details Risk is updated
163357 - Oracle Enterprise Linux ELSA-2017-1265 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-2125, CVE-2017-2619
Update Details Risk is updated
163464 - Oracle Enterprise Linux ELSA-2017-2789 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-12150, CVE-2017-12163, CVE-2017-2619
Update Details Risk is updated
163571 - Oracle Enterprise Linux ELSA-2018-4061 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-1002101, CVE-2017-1002102
Update Details Risk is updated
175174 - Scientific Linux Security ERRATA Moderate: samba on SL7.x x86_64 (1705-5873)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2016-2125, CVE-2017-2619
Update Details Risk is updated
175265 - Scientific Linux Security ERRATA Moderate: samba on SL6.x i386/x86_64 (1709-3115)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2017-12150, CVE-2017-12163, CVE-2017-2619
Update Details Risk is updated
182316 - FreeBSD samba Symlink Race Allows Access Outside Share Definition (2826317b-10ec-11e7-944e-000c292e4fd8)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
182646 - FreeBSD SquirrelMail Post-authentication Access Privileges (928d5c59-2a5a-11e8-a712-0025908740c2)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8741
Update Details Risk is updated
185641 - Ubuntu Linux 12.04, 14.04, 16.04, 16.10 USN-3242-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
185676 - Ubuntu Linux 17.04 USN-3267-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
191897 - Fedora Linux 25 FEDORA-2017-c22a1dbe8b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
191927 - Fedora Linux 26 FEDORA-2017-fb9ed95cf3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
191954 - Fedora Linux 24 FEDORA-2017-97fb93e1d1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2619
Update Details Risk is updated
22954 - (MSPT-Jan2018) Microsoft .NET Framework Core Denial of Service (CVE-2018-0764)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-0764
Update Details FASLScript is updated
146573 - SuSE Linux 42.3 openSUSE-SU-2018:0899-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-9256, CVE-2018-9259, CVE-2018-9260, CVE-2018-9261, CVE-2018-9262, CVE-2018-9263, CVE-2018-9264, CVE- 2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274
Update Details Risk is updated
23304 - Omron CX-Supervisor Multiple Vulnerabilities
Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2018-7513, CVE-2018-7515, CVE-2018-7517, CVE-2018-7519, CVE-2018-7521, CVE-2018-7523, CVE-2018-7525
Update Details Risk is updated
33162 - Oracle Solaris 150400-61 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2004-0230, CVE-2013-5862, CVE-2013-5876, CVE-2014-0447, CVE-2014-6473, CVE-2014-6575, CVE-2015-0375, CVE- 2015-0471, CVE-2015-2580, CVE-2015-2589, CVE-2015-4869, CVE-2016-3419, CVE-2016-3441, CVE-2016-3453, CVE-2016-5553, CVE-2017-10004, CVE-2017-10036, CVE-2017-10042, CVE-2017-10122, CVE-2018-2710, CVE-2018-2717, CVE-2018-2764 Update Details Name is updated Description is updated Observation is updated Recommendation is updated CVE is updated FASLScript is updated
33291 - Oracle Solaris 150120-05 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-6481
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33294 - Oracle Solaris 150119-05 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-6481
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33326 - Oracle Solaris 152260-04 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0535, CVE-2017-10003, CVE-2018-2718
Update Details Name is updated Description is updated Observation is updated Recommendation is updated CVE is updated FASLScript is updated
33327 - Oracle Solaris 152261-04 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0535, CVE-2017-10003, CVE-2018-2718
Update Details Name is updated Description is updated Observation is updated Recommendation is updated CVE is updated FASLScript is updated
191886 - Fedora Linux 24 FEDORA-2017-7accc8010b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2661
Update Details Risk is updated
191896 - Fedora Linux 25 FEDORA-2017-71e69a691b Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2017-2661
Update Details Risk is updated
193420 - Fedora Linux 27 FEDORA-2018-a2cc71c081 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8050
Update Details Risk is updated
193495 - Fedora Linux 28 FEDORA-2018-50686c8410 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2018-8050
Update Details Risk is updated
33336 - Oracle Solaris 152099-81 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33339 - Oracle Solaris 152097-81 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33340 - Oracle Solaris 152098-81 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated 33341 - Oracle Solaris 152096-81 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33349 - Oracle Solaris 152101-71 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33350 - Oracle Solaris 152100-71 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33360 - Oracle Solaris 152510-07 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33364 - Oracle Solaris 152511-07 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33365 - Oracle Solaris 152644-06 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33366 - Oracle Solaris 152643-06 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
182014 - FreeBSD tiff Buffer Overflow (0ab66088-4aa5-11e6-a7bd-14dae9d210b8)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5314, CVE-2016-5320
Update Details CVE is updated
131041 - Debian Linux 9.0 DSA-4135-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057
Update Details Risk is updated
146521 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0754-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050
Update Details Risk is updated
146531 - SuSE Linux 42.3 openSUSE-SU-2018:0801-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050
Update Details Risk is updated
146550 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2018:0832-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050
Update Details Risk is updated
182639 - FreeBSD samba Multiple Vulnerabilities (fb26f78a-26a9-11e8-a1c2-00505689d4ae)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057
Update Details Risk is updated
186134 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3595-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057
Update Details Risk is updated
193400 - Fedora Linux 26 FEDORA-2018-7d0acd608b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057
Update Details Risk is updated
193405 - Fedora Linux 27 FEDORA-2018-c5c651ac44 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2018-1050, CVE-2018-1057
Update Details Risk is updated
HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.
FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT
ServicePortal: https://mysupport.mcafee.com/ Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Copyright 2018 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates