2020-OCT-20 FSL version 7.6.177 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 149427 - SuSE Linux 15.2 openSUSE-SU-2020:1666-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-26117 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1666-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-10/msg00083.html SuSE Linux 15.2 x86_64 libXvnc1-1.9.0-lp152.7.3.1 tigervnc-debugsource-1.9.0-lp152.7.3.1 libXvnc1-debuginfo-1.9.0-lp152.7.3.1 xorg-x11-Xvnc-module-1.9.0-lp152.7.3.1 tigervnc-1.9.0-lp152.7.3.1 xorg-x11-Xvnc-debuginfo-1.9.0-lp152.7.3.1 libXvnc-devel-1.9.0-lp152.7.3.1 tigervnc-debuginfo-1.9.0-lp152.7.3.1 xorg-x11-Xvnc-1.9.0-lp152.7.3.1 xorg-x11-Xvnc-module-debuginfo-1.9.0-lp152.7.3.1 noarch tigervnc-x11vnc-1.9.0-lp152.7.3.1 xorg-x11-Xvnc-novnc-1.9.0-lp152.7.3.1 xorg-x11-Xvnc-java-1.9.0-lp152.7.3.1 149433 - SuSE Linux 15.1 openSUSE-SU-2020:1593-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-14374, CVE-2020-14375, CVE-2020-14376, CVE-2020-14377, CVE-2020-14378 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1593-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-10/msg00009.html SuSE Linux 15.1 x86_64 dpdk-debugsource-18.11.9-lp151.3.8.1 dpdk-tools-18.11.9-lp151.3.8.1 libdpdk-18_11-18.11.9-lp151.3.8.1 libdpdk-18_11-debuginfo-18.11.9-lp151.3.8.1 dpdk-devel-debuginfo-18.11.9-lp151.3.8.1 dpdk-examples-18.11.9-lp151.3.8.1 dpdk-kmp-default-debuginfo-18.11.9_k4.12.14_lp151.28.67-lp151.3.8.1 dpdk-examples-debuginfo-18.11.9-lp151.3.8.1 dpdk-tools-debuginfo-18.11.9-lp151.3.8.1 dpdk-kmp-default-18.11.9_k4.12.14_lp151.28.67-lp151.3.8.1 dpdk-devel-18.11.9-lp151.3.8.1 dpdk-18.11.9-lp151.3.8.1 dpdk-debuginfo-18.11.9-lp151.3.8.1 noarch dpdk-doc-18.11.9-lp151.3.8.1 149443 - SuSE Linux 15.1 openSUSE-SU-2020:1677-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-8165 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1677-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-10/msg00096.html SuSE Linux 15.1 x86_64 ruby2.5-rubygem-activesupport-doc-5_1-5.1.4-lp151.3.3.1 ruby2.5-rubygem-activesupport-5_1-5.1.4-lp151.3.3.1 149452 - SuSE SLES 12 SP5 SUSE-SU-2020:2881-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-26117 Description The scan detected that the host is missing the following update: SUSE-SU-2020:2881-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-October/007535.html SuSE SLES 12 SP5 x86_64 xorg-x11-Xvnc-debuginfo-1.6.0-22.17.1 tigervnc-1.6.0-22.17.1 xorg-x11-Xvnc-1.6.0-22.17.1 libXvnc1-debuginfo-1.6.0-22.17.1 tigervnc-debugsource-1.6.0-22.17.1 tigervnc-debuginfo-1.6.0-22.17.1 libXvnc1-1.6.0-22.17.1 149455 - SuSE Linux 15.2 openSUSE-SU-2020:1599-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-14374, CVE-2020-14375, CVE-2020-14376, CVE-2020-14377, CVE-2020-14378 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1599-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-10/msg00016.html SuSE Linux 15.2 x86_64 dpdk-kmp-default-19.11.4_k5.3.18_lp152.41-lp152.2.8.1 libdpdk-20_0-debuginfo-19.11.4-lp152.2.8.1 dpdk-devel-debuginfo-19.11.4-lp152.2.8.1 dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_lp152.41-lp152.2.8.1 dpdk-debuginfo-19.11.4-lp152.2.8.1 dpdk-tools-debuginfo-19.11.4-lp152.2.8.1 dpdk-examples-debuginfo-19.11.4-lp152.2.8.1 dpdk-kmp-preempt-19.11.4_k5.3.18_lp152.41-lp152.2.8.1 dpdk-examples-19.11.4-lp152.2.8.1 dpdk-tools-19.11.4-lp152.2.8.1 libdpdk-20_0-19.11.4-lp152.2.8.1 dpdk-19.11.4-lp152.2.8.1 dpdk-kmp-preempt-debuginfo-19.11.4_k5.3.18_lp152.41-lp152.2.8.1 dpdk-debugsource-19.11.4-lp152.2.8.1 dpdk-devel-19.11.4-lp152.2.8.1 noarch dpdk-doc-19.11.4-lp152.2.8.1 149458 - SuSE Linux 15.2 openSUSE-SU-2020:1679-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-8165 Description The scan detected that the host is missing the following update: openSUSE-SU-2020:1679-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2020-10/msg00100.html SuSE Linux 15.2 x86_64 ruby2.5-rubygem-activesupport-doc-5_1-5.1.4-lp152.4.3.1 ruby2.5-rubygem-activesupport-5_1-5.1.4-lp152.4.3.1 149474 - SuSE SLES 12 SP5 SUSE-SU-2020:2768-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2020-14374, CVE-2020-14375, CVE-2020-14376, CVE-2020-14377, CVE-2020-14378 Description The scan detected that the host is missing the following update: SUSE-SU-2020:2768-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2020-September/007490.html SuSE SLES 12 SP5 x86_64 dpdk-tools-debuginfo-18.11.9-3.15.1 dpdk-18.11.9-3.15.1 dpdk-debuginfo-18.11.9-3.15.1 dpdk-debugsource-18.11.9-3.15.1 dpdk-tools-18.11.9-3.15.1 libdpdk-18_11-debuginfo-18.11.9-3.15.1 dpdk-kmp-default-debuginfo-18.11.9_k4.12.14_122.37-3.15.1 dpdk-kmp-default-18.11.9_k4.12.14_122.37-3.15.1 libdpdk-18_11-18.11.9-3.15.1 27206 - (MSPT-Oct2020) Microsoft Windows Improperly Handle Objects in Memory Denial of Service (CVE-2020-1243) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1243 Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service. Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service. The flaw lies in the Improperly Handle Objects in Memory component. Successful exploitation by a remote attacker could result in a denial of service condition.The exploit requires the attacker to have valid credentials to the vulnerable system. 27207 - (MSPT-Oct2020) Microsoft Windows Hyper-V Remote Code Execution (CVE-2020-16891) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-16891 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Hyper-V component. Successful exploitation by a remote attacker could result in the execution of arbitrary code.The exploit requires the attacker to have valid credentials to the vulnerable system. 27210 - (MSPT-Oct2020) Microsoft Windows NAT Remote Code Execution (CVE-2020-16894) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-16894 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the NAT component. Successful exploitation by a remote attacker could result in the execution of arbitrary code.The exploit requires the attacker to have valid credentials to the vulnerable system. 27212 - (MSPT-Oct2020) Microsoft Windows RDP Denial of Service (CVE-2020-16927) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-16927 Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service. Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service.