2019-JAN-04 FSL version 7.6.88 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 24552 - (HPESBHF03906) HPE Intelligent Management Center Multiple Vulnerabilities Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-7114, CVE-2018-7115, CVE-2018-7116 Description Multiple vulnerabilities are present in some versions of HPE Intelligent Management Center. Observation HPE Intelligent Management Center (iMC) is an enterprise-class network management platform. Multiple vulnerabilities are present in some versions of HPE Intelligent Management Center. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a denial of service, cause buffer overflow or execute arbitrary code on the target system. 147517 - SuSE Linux 15.0 openSUSE-SU-2018:4306-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-16873, CVE-2018-16874, CVE-2018-16875, CVE-2018-7187 Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4306-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2018-12/msg00154.html SuSE Linux 15.0 i586 go-1.10.4-lp150.2.7.1 go-doc-1.10.4-lp150.2.7.1 noarch docker-runc-kubic-test-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-kubic-bash-completion-18.06.1_ce-lp150.5.6.1 golang-packaging-15.0.11-lp150.2.3.1 containerd-kubic-test-1.1.2-lp150.4.3.1 containerd-test-1.1.2-lp150.4.3.1 docker-bash-completion-18.06.1_ce-lp150.5.6.1 docker-runc-test-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-zsh-completion-18.06.1_ce-lp150.5.6.1 docker-kubic-zsh-completion-18.06.1_ce-lp150.5.6.1 x86_64 containerd-kubic-ctr-1.1.2-lp150.4.3.1 golang-github-docker-libnetwork-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 go-race-1.10.4-lp150.2.7.1 docker-test-debuginfo-18.06.1_ce-lp150.5.6.1 docker-libnetwork-kubic-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-18.06.1_ce-lp150.5.6.1 docker-kubic-debugsource-18.06.1_ce-lp150.5.6.1 containerd-1.1.2-lp150.4.3.1 docker-libnetwork-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-runc-kubic-debuginfo-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-debugsource-18.06.1_ce-lp150.5.6.1 go-1.10.4-lp150.2.7.1 docker-libnetwork-debuginfo-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-kubic-test-debuginfo-18.06.1_ce-lp150.5.6.1 go1.10-doc-1.10.7-lp150.2.1 docker-debuginfo-18.06.1_ce-lp150.5.6.1 docker-kubic-debuginfo-18.06.1_ce-lp150.5.6.1 docker-libnetwork-kubic-debuginfo-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 docker-kubic-18.06.1_ce-lp150.5.6.1 containerd-ctr-1.1.2-lp150.4.3.1 docker-test-18.06.1_ce-lp150.5.6.1 docker-runc-debuginfo-1.0.0rc5+gitr3562_69663f0bd4b6-lp150.5.3.1 golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2664_3ac297bc7fd0-lp150.3.3.1 docker-kubic-test-18.06.1_ce-lp150.5.6.1 containerd-kubic-1.1.2-lp150.4.3.1 go1.10-1.10.7-lp150.2.1 go-doc-1.10.4-lp150.2.7.1 go1.10-race-1.10.7-lp150.2.1 24570 - Cisco Adaptive Security Appliance Software Privilege Escalation Vulnerability (cisco-sa-20181219-asa-privesc) Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-15465 Description A vulnerability is present in some versions of Cisco ASA devices. Observation Cisco Adaptive Security Appliance is a word-class line of network security devices. A vulnerability is present in some versions of Cisco ASA devices. The flaw is in authorization subsystem of Cisco ASA. Successful exploitation could allow a remote attacker to escalate privileges on the target system. 24540 - IBM DB2 Buffer Overflow Vulnerability (ibm10737295) Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-1897 Description A vulnerability is present in some versions of IBM DB2. Observation IBM DB2 is a popular relational database management server. A vulnerability is present in some versions of IBM DB2. The flaw lies in IBM Db2 db2pdcfg. Successful exploitation could allow a local attacker to escalate privileges and execute arbitrary code on the target system. 24561 - Mozilla Firefox Multiple Vulnerabilities Prior To 64 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-12405, CVE-2018-12406, CVE-2018-12407, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018- 18494, CVE-2018-18495, CVE-2018-18496, CVE-2018-18497, CVE-2018-18498 Description Multiple vulnerabilities are present in some versions of Mozilla Firefox. Observation Mozilla Firefox is a popular web browser. Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system and cause a denial of service condition. 24562 - Mozilla Firefox Multiple Vulnerabilities Prior To 64 Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-12405, CVE-2018-12406, CVE-2018-12407, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018- 18494, CVE-2018-18495, CVE-2018-18496, CVE-2018-18497, CVE-2018-18498 Description Multiple vulnerabilities are present in some versions of Mozilla Firefox. Observation Mozilla Firefox is a popular web browser. Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system and cause a denial of service condition. 24563 - Mozilla Firefox ESR Vulnerabilities Prior To ESR 60.4 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-12405, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18498 Description Multiple Vulnerabilities are present in some versions of Mozilla Firefox ESR. Observation Mozilla Firefox ESR is a popular web browser. Multiple Vulnerabilities are present in some versions of Mozilla Firefox ESR. The flaws lie in multiple components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system and cause a denial of service condition. 24564 - Mozilla Firefox ESR Vulnerabilities Prior To ESR 60.4 Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-12405, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18498 Description Multiple Vulnerabilities are present in some versions of Mozilla Firefox ESR. Observation Mozilla Firefox ESR is a popular web browser. Multiple Vulnerabilities are present in some versions of Mozilla Firefox ESR. The flaws lie in multiple components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system and cause a denial of service condition. 24571 - WordPress Multiple Vulnerabilities Prior To 5.0.1 Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-MAP-NOMATCH Description Multiple vulnerabilities are present in some versions of WordPress. Observation WordPress is a popular blog application. Multiple vulnerabilities are present in some versions of WordPress. The flaws lie in multiple components. Successful exploitation could allow an attacker to lead to a cross-site scripting attacks, obtain sensitive information, or bypass certain security restrictions. 131264 - Debian Linux 9.0 DSA-4359-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2018-12086, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227, CVE-2018-19622, CVE-2018-19623, CVE-2018- 19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628 Description The scan detected that the host is missing the following update: DSA-4359-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2018/dsa-4359 Debian 9.0 all wireshark_2.6.5-1~deb9u1 147506 - SuSE Linux 15.0 openSUSE-SU-2019:1-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-20184, CVE-2018-20189 Description The scan detected that the host is missing the following update: openSUSE-SU-2019:1-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2019-01/msg00000.html SuSE Linux 15.0 x86_64 GraphicsMagick-devel-1.3.29-lp150.3.18.1 libGraphicsMagick3-config-1.3.29-lp150.3.18.1 libGraphicsMagick++-devel-1.3.29-lp150.3.18.1 GraphicsMagick-1.3.29-lp150.3.18.1 libGraphicsMagick-Q16-3-1.3.29-lp150.3.18.1 libGraphicsMagickWand-Q16-2-debuginfo-1.3.29-lp150.3.18.1 libGraphicsMagick++-Q16-12-debuginfo-1.3.29-lp150.3.18.1 libGraphicsMagick++-Q16-12-1.3.29-lp150.3.18.1 libGraphicsMagickWand-Q16-2-1.3.29-lp150.3.18.1 perl-GraphicsMagick-1.3.29-lp150.3.18.1 libGraphicsMagick-Q16-3-debuginfo-1.3.29-lp150.3.18.1 GraphicsMagick-debuginfo-1.3.29-lp150.3.18.1 GraphicsMagick-debugsource-1.3.29-lp150.3.18.1 perl-GraphicsMagick-debuginfo-1.3.29-lp150.3.18.1 147509 - SuSE Linux 42.3 openSUSE-SU-2018:4282-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2018-19788 Description The scan detected that the host is missing the following update: openSUSE-SU-2018:4282-1 Observation Updates often remediate critical security problems that should be quickly addressed.