2016-OCT-13 FSL version 7.5.857 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 191256 - Fedora Linux 25 FEDORA-2016-81e5a36d8c Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-7116, CVE-2016-7161, CVE-2016-7777 Description The scan detected that the host is missing the following update: FEDORA-2016-81e5a36d8c Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2016/10/?count=200&page=3 Fedora Core 25 xen-4.7.0-6.fc25 130604 - Debian Linux 8.0 DSA-3688-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2015-4000, CVE-2015-7181, CVE-2015-7182, CVE-2015-7575, CVE-2016-1938, CVE-2016-1950, CVE-2016-1978, CVE- 2016-1979, CVE-2016-2834 Description The scan detected that the host is missing the following update: DSA-3688-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3688 Debian 8.0 all libnss3-tools_2:3.26-1+debu8u1 libnss3-1d_2:3.26-1+debu8u1 libnss3_2:3.26-1+debu8u1 libnss3-dbg_2:3.26-1+debu8u1 libnss3-dev_2:3.26-1+debu8u1 144916 - SuSE Linux 13.2 openSUSE-SU-2016:2496-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1669, CVE-2016-2178, CVE-2016-2183, CVE-2016-5325, CVE-2016-6304, CVE-2016-6306, CVE-2016-7052, CVE- 2016-7099 Description The scan detected that the host is missing the following update: openSUSE-SU-2016:2496-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-10/msg00032.html SuSE Linux 13.2 i586 nodejs-devel-4.6.0-24.2 nodejs-debugsource-4.6.0-24.2 nodejs-debuginfo-4.6.0-24.2 nodejs-4.6.0-24.2 noarch nodejs-doc-4.6.0-24.2 x86_64 nodejs-devel-4.6.0-24.2 nodejs-debugsource-4.6.0-24.2 nodejs-debuginfo-4.6.0-24.2 nodejs-4.6.0-24.2 178220 - Gentoo Linux GLSA-201610-05 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2014-0032, CVE-2014-3504, CVE-2014-3522, CVE-2014-3528, CVE-2015-0202, CVE-2015-0248, CVE-2015-0251, CVE- 2015-3184, CVE-2015-3187, CVE-2015-5259, CVE-2016-2167, CVE-2016-2168 Description The scan detected that the host is missing the following update: GLSA-201610-05 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201610-05 Affected packages: dev-vcs/subversion < 1.9.4 net-libs/serf < 1.3.7 20473 - Navis WebAccess SQL Injection Vulnerability Category: General Vulnerability Assessment -> NonIntrusive -> SCADA Risk Level: High CVE: CVE-2016-5817 Description A SQL injection vulnerability is present in some versions of Navis WebAccess. Observation Navis WebAccess is a web-based application that provides the operator and its constituents with real-time, online access to operational logistics information. A SQL injection vulnerability is present in some versions of Navis WebAccess. The flaw lies in showNotice.do. Successful exploitation could allow an attacker to execute arbitrary code. 20615 - Mozilla Firefox Multiple Vulnerabilities Prior To 49 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-2827, CVE-2016-5256, CVE-2016-5257, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE- 2016-5274, CVE-2016-5275, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284 Description Multiple vulnerabilities are present in some versions of Mozilla Firefox. Observation Mozilla Firefox is a popular web browser. Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition, conduct spoofing attacks, retrieve sensitive data, remotely execute arbitrary code or have other unspecified impact on the target system. 20616 - Mozilla Firefox Multiple Vulnerabilities Prior To 49 Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-2827, CVE-2016-5256, CVE-2016-5257, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE- 2016-5274, CVE-2016-5275, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284 Description Multiple vulnerabilities are present in some versions of Mozilla Firefox. Observation Mozilla Firefox is a popular web browser. Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition, conduct spoofing attacks, retrieve sensitive data, remotely execute arbitrary code or have other unspecified impact on the target system. 20694 - Moxa Active OPC Server Unquoted Service Path Escalation Vulnerability Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-5793 Description A vulnerability is present in some versions of Moxa Active OPC Server. Observation Moxa Active OPC Server is a software interface that interacts with SCADA or HMI systems. A vulnerability is present in some versions of Moxa Active OPC Server. The flaw lies in how the product handles the user-provided input in search path fields. Successful exploitation could allow an attacker to escalate privileges. Exploitation requires local access to the vulnerable system. 130603 - Debian Linux 8.0 DSA-3689-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE- 2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418 Description The scan detected that the host is missing the following update: DSA-3689-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3689 Debian 8.0 all php5_5.6.26+dfsg-0+deb8u1 130605 - Debian Linux 8.0 DSA-3687-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-1951 Description The scan detected that the host is missing the following update: DSA-3687-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3687 Debian 8.0 all libnspr4-dev_2:4.12-1+debu8u1 libnspr4_2:4.12-1+debu8u1 libnspr4-dbg_2:4.12-1+debu8u1 libnspr4-0d_2:4.12-1+debu8u1 130606 - Debian Linux 8.0 DSA-3690-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-5257 Description The scan detected that the host is missing the following update: DSA-3690-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.debian.org/security/2016/dsa-3690 Debian 8.0 all icedove_1:45.4.0-1~deb8u1 132284 - Oracle VM OVMSA-2016-0139 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829 Description The scan detected that the host is missing the following update: OVMSA-2016-0139 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/oraclevm-errata/2016-October/000557.html OVM3.3 x86_64 kernel-uek-firmware-3.8.13-118.13.2.el6uek kernel-uek-3.8.13-118.13.2.el6uek 132285 - Oracle VM OVMSA-2016-0138 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: High CVE: CVE-2016-3134, CVE-2016-5829 Description The scan detected that the host is missing the following update: OVMSA-2016-0138 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/oraclevm-errata/2016-October/000556.html OVM3.4 x86_64 kernel-uek-firmware-4.1.12-61.1.13.el6uek kernel-uek-4.1.12-61.1.13.el6uek 141298 - Red Hat Enterprise Linux RHSA-2016-2047 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-7039 Description The scan detected that the host is missing the following update: RHSA-2016-2047 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://rhn.redhat.com/errata/RHSA-2016-2047.html RHEL7D x86_64 kernel-debug-devel-3.10.0-327.36.2.el7 perf-debuginfo-3.10.0-327.36.2.el7 python-perf-debuginfo-3.10.0-327.36.2.el7 kernel-tools-debuginfo-3.10.0-327.36.2.el7 kernel-debug-3.10.0-327.36.2.el7 kernel-tools-3.10.0-327.36.2.el7