Mcafee Foundstone Fsl Update

Mcafee Foundstone Fsl Update

2020-AUG-10 FSL version 7.6.169 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 26857 - Google Chrome Multiple Vulnerabilities Prior To 84.0.4147.89 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE- 2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536 Description Multiple vulnerabilities are present in some versions of Google Chrome. Observation Google Chrome is a popular web browser. Multiple vulnerabilities are present in some versions of Google Chrome. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a buffer overflow, or remotely execute arbitrary code on the target system. 26868 - (APSB20-33) Adobe Creative Cloud Desktop Application Multiple Vulnerabilities Prior to 5.2 Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-9669, CVE-2020-9670, CVE-2020-9671, CVE-2020-9682 Description Multiple vulnerabilities are present in some versions of Adobe Creative Cloud Desktop Application. Observation Adobe Creative Cloud Desktop Application is the desktop client used to access Adobe Creative Cloud. Multiple vulnerabilities are present in some versions of Adobe Creative Cloud Desktop Application. The flaws lie in multiple components. Successful exploitation could allow an attacker to gain elevated privileges or execute arbitrary code. 26870 - Security Vulnerabilities Fixed In Thunderbird 78 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-12402, CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020- 12422, CVE-2020-12423, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426, CVE-2020-15648 Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client. Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation by a remote attacker could result in the execution of arbitrary code, disclosure of sensitive information, or cause a denial of service condition. 26867 - (VMSA-2020-0015) VMware Workstation Player Multiple Vulnerabilities Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-3962, CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3966, CVE-2020-3967, CVE-2020-3968, CVE-2020-3969, CVE-2020-3970, CVE- 2020-3971 Description Multiple vulnerabilities are present in some versions of VMware Workstation Player. Observation VMware Workstation is virtualization software. Multiple vulnerabilities are present in some versions of the VMware Workstation Player. The flaws lie in multiple components. Successful exploitation could allow an attacker to execute arbitrary code, disclosure of sensitive information, and cause a denial of service condition in the targeted system. 26869 - Security Vulnerabilities Fixed In Firefox 78.0.2 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-15648 Description A vulnerability is present in some versions of Mozilla Firefox. Observation Mozilla Firefox is a popular web browser. A vulnerability is present in some versions of Mozilla Firefox. The flaw lies in X-Frame-Options header. Successful exploitation could allow an attacker to bypass the X- Frame-Options header and frame other Web sites. 26860 - Oracle MySQL Server Critical Patch Update July 2020 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-14539, CVE-2020-14540, CVE-2020-14547, CVE-2020-14553, CVE-2020-14559, CVE-2020-14567, CVE-2020-14568, CVE-2020-14575, CVE-2020- 14576, CVE-2020-14586, CVE-2020-14591, CVE-2020-14597, CVE-2020-14614, CVE-2020-14619, CVE-2020-14620, CVE-2020-14623, CVE-2020-14624, CVE-2020- 14631, CVE-2020-14632, CVE-2020-14633, CVE-2020-14634, CVE-2020-14641, CVE-2020-14643, CVE-2020-14651, CVE-2020-14654, CVE-2020-14656, CVE-2020- 14663, CVE-2020-14678, CVE-2020-14680, CVE-2020-14697, CVE-2020-14702, CVE-2020-1967 Description Multiple vulnerabilities are present in some versions of Oracle MySQL Server. Observation Oracle MySQL Server is a popular open source database. Multiple vulnerabilities are present in some versions of Oracle MySQL Server. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a denial of service condition or an information disclosure or cause an unspecified impact on the target system. 26866 - WordPress Multiple Vulnerabilities Fixed In 5.4.2 Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-MAP-NOMATCH Description Multiple vulnerabilities are present in some versions of WordPress. Observation WordPress is a popular blog application. Multiple vulnerabilities are present in some versions of WordPress. The flaws lie in multiple components. Successful exploitation could allow an attacker to gain elevated privileges or perform cross-site scripting attacks. 149232 - SuSE Linux 15.2 openSUSE-SU-2020:1108-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-10761, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13800 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1108-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-07/msg00189.html SuSE Linux 15.2 x86_64 qemu-block-iscsi-debuginfo-4.2.1-lp152.9.3.1 qemu-vhost-user-gpu-4.2.1-lp152.9.3.1 qemu-guest-agent-debuginfo-4.2.1-lp152.9.3.1 qemu-tools-debuginfo-4.2.1-lp152.9.3.1 qemu-testsuite-4.2.1-lp152.9.3.1 qemu-block-nfs-debuginfo-4.2.1-lp152.9.3.1 qemu-block-ssh-4.2.1-lp152.9.3.1 qemu-lang-4.2.1-lp152.9.3.1 qemu-audio-alsa-debuginfo-4.2.1-lp152.9.3.1 qemu-extra-4.2.1-lp152.9.3.1 qemu-guest-agent-4.2.1-lp152.9.3.1 qemu-ui-spice-app-debuginfo-4.2.1-lp152.9.3.1 qemu-audio-sdl-debuginfo-4.2.1-lp152.9.3.1 qemu-ui-sdl-4.2.1-lp152.9.3.1 qemu-arm-4.2.1-lp152.9.3.1 qemu-x86-4.2.1-lp152.9.3.1 qemu-block-dmg-4.2.1-lp152.9.3.1 qemu-ui-curses-4.2.1-lp152.9.3.1 qemu-tools-4.2.1-lp152.9.3.1 qemu-block-gluster-4.2.1-lp152.9.3.1 qemu-ui-curses-debuginfo-4.2.1-lp152.9.3.1 qemu-ui-spice-app-4.2.1-lp152.9.3.1 qemu-ui-gtk-debuginfo-4.2.1-lp152.9.3.1 qemu-kvm-4.2.1-lp152.9.3.1 qemu-debugsource-4.2.1-lp152.9.3.1 qemu-audio-pa-debuginfo-4.2.1-lp152.9.3.1 qemu-linux-user-4.2.1-lp152.9.3.1 qemu-ppc-debuginfo-4.2.1-lp152.9.3.1 qemu-4.2.1-lp152.9.3.1 qemu-block-curl-4.2.1-lp152.9.3.1 qemu-debuginfo-4.2.1-lp152.9.3.1 qemu-linux-user-debugsource-4.2.1-lp152.9.3.1 qemu-s390-4.2.1-lp152.9.3.1 qemu-vhost-user-gpu-debuginfo-4.2.1-lp152.9.3.1 qemu-audio-pa-4.2.1-lp152.9.3.1 qemu-linux-user-debuginfo-4.2.1-lp152.9.3.1 qemu-audio-sdl-4.2.1-lp152.9.3.1 qemu-block-iscsi-4.2.1-lp152.9.3.1 qemu-x86-debuginfo-4.2.1-lp152.9.3.1 qemu-ksm-4.2.1-lp152.9.3.1 qemu-block-nfs-4.2.1-lp152.9.3.1 qemu-block-ssh-debuginfo-4.2.1-lp152.9.3.1 qemu-extra-debuginfo-4.2.1-lp152.9.3.1 qemu-ui-gtk-4.2.1-lp152.9.3.1 qemu-block-dmg-debuginfo-4.2.1-lp152.9.3.1 qemu-block-rbd-4.2.1-lp152.9.3.1 qemu-block-rbd-debuginfo-4.2.1-lp152.9.3.1 qemu-arm-debuginfo-4.2.1-lp152.9.3.1 qemu-s390-debuginfo-4.2.1-lp152.9.3.1 qemu-ppc-4.2.1-lp152.9.3.1 qemu-ui-sdl-debuginfo-4.2.1-lp152.9.3.1 qemu-block-gluster-debuginfo-4.2.1-lp152.9.3.1 qemu-block-curl-debuginfo-4.2.1-lp152.9.3.1 qemu-audio-alsa-4.2.1-lp152.9.3.1 noarch qemu-vgabios-1.12.1+-lp152.9.3.1 qemu-ipxe-1.0.0+-lp152.9.3.1 qemu-sgabios-8-lp152.9.3.1 qemu-microvm-4.2.1-lp152.9.3.1 qemu-seabios-1.12.1+-lp152.9.3.1 149233 - SuSE Linux 15.2 openSUSE-SU-2020:1111-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-13934, CVE-2020-13935 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1111-1 Observation Updates often remediate critical security problems that should be quickly addressed.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    30 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us