2016-JUL-14 FSL version 7.5.834 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 20245 - IBM WebSphere Application Server Apache Struts Multiple Vulnerabilities Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-1181, CVE-2016-1182 Description Multiple vulnerabilities are present in some versions of IBM WebSphere Application Server. Observation IBM WebSphere Application Server is a Java application server. Multiple vulnerabilities are present in some versions of IBM WebSphere Application Server. The flaws lie in Apache Struts component. Successful exploitation could allow an attacker to execute arbitrary code. 144735 - SuSE Linux 13.1 openSUSE-SU-2016:1767-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1952, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1960, CVE- 2016-1961, CVE-2016-1964, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016- 2801, CVE-2016-2802, CVE-2016-2806, CVE-2016-2807, CVE-2016-2815, CVE-2016-2818 Description The scan detected that the host is missing the following update: openSUSE-SU-2016:1767-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-07/msg00027.html SuSE Linux 13.1 x86_64 MozillaThunderbird-buildsymbols-45.2-70.83.1 MozillaThunderbird-translations-other-45.2-70.83.1 MozillaThunderbird-debuginfo-45.2-70.83.1 MozillaThunderbird-debugsource-45.2-70.83.1 MozillaThunderbird-45.2-70.83.1 MozillaThunderbird-devel-45.2-70.83.1 MozillaThunderbird-translations-common-45.2-70.83.1 i586 MozillaThunderbird-buildsymbols-45.2-70.83.1 MozillaThunderbird-translations-other-45.2-70.83.1 MozillaThunderbird-debuginfo-45.2-70.83.1 MozillaThunderbird-debugsource-45.2-70.83.1 MozillaThunderbird-45.2-70.83.1 MozillaThunderbird-devel-45.2-70.83.1 MozillaThunderbird-translations-common-45.2-70.83.1 144736 - SuSE SLES 12 SP1 SUSE-SU-2016:1764-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-7566, CVE-2015-8550, CVE-2015-8551, CVE-2015-8552, CVE-2015-8709, CVE-2015-8785, CVE-2015-8812, CVE- 2015-8816, CVE-2016-0723, CVE-2016-2143, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2188, CVE-2016-2384, CVE-2016-2782, CVE-2016-3134, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3139, CVE-2016-3140, CVE-2016- 3156, CVE-2016-3689, CVE-2016-3707, CVE-2016-3951 Description The scan detected that the host is missing the following update: SUSE-SU-2016:1764-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-July/002150.html SuSE SLES 12 SP1 x86_64 kernel-rt-3.12.58-14.1 kernel-rt-debuginfo-3.12.58-14.1 kernel-rt-base-debuginfo-3.12.58-14.1 kernel-compute_debug-debuginfo-3.12.58-14.1 kernel-rt_debug-devel-3.12.58-14.1 kernel-compute-base-3.12.58-14.1 kernel-compute_debug-devel-debuginfo-3.12.58-14.1 kernel-rt-debugsource-3.12.58-14.1 kernel-compute-devel-3.12.58-14.1 kernel-rt-base-3.12.58-14.1 kernel-rt-devel-3.12.58-14.1 kernel-compute-base-debuginfo-3.12.58-14.1 kernel-compute-debuginfo-3.12.58-14.1 kernel-compute-debugsource-3.12.58-14.1 kernel-rt_debug-debugsource-3.12.58-14.1 kernel-compute_debug-debugsource-3.12.58-14.1 kernel-rt_debug-debuginfo-3.12.58-14.1 kernel-compute_debug-devel-3.12.58-14.1 kernel-rt_debug-devel-debuginfo-3.12.58-14.1 kernel-syms-rt-3.12.58-14.1 kernel-compute-3.12.58-14.1 noarch kernel-devel-rt-3.12.58-14.1 kernel-source-rt-3.12.58-14.1 144738 - SuSE SLES 11 SP4 SUSE-SU-2016:1785-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2014-3615, CVE-2014-3689, CVE-2014-9718, CVE-2015-3214, CVE-2015-5239, CVE-2015-5278, CVE-2015-5279, CVE- 2015-5745, CVE-2015-6855, CVE-2015-7295, CVE-2015-7549, CVE-2015-8504, CVE-2015-8558, CVE-2015-8613, CVE-2015-8619, CVE-2015-8743, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922, CVE-2016-1981, CVE-2016-2198, CVE-2016-2538, CVE-2016- 2841, CVE-2016-2857, CVE-2016-2858, CVE-2016-3710, CVE-2016-3712, CVE-2016-4001, CVE-2016-4002, CVE-2016-4020, CVE- 2016-4037, CVE-2016-4439, CVE-2016-4441 Description The scan detected that the host is missing the following update: SUSE-SU-2016:1785-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.suse.com/pipermail/sle-security-updates/2016-July/002154.html SuSE SLES 11 SP4 i586 kvm-1.4.2-44.1 x86_64 kvm-1.4.2-44.1 144741 - SuSE Linux 13.2 openSUSE-SU-2016:1778-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1952, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1960, CVE- 2016-1961, CVE-2016-1964, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016- 2801, CVE-2016-2802, CVE-2016-2806, CVE-2016-2807, CVE-2016-2815, CVE-2016-2818 Description The scan detected that the host is missing the following update: openSUSE-SU-2016:1778-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.opensuse.org/opensuse-updates/2016-07/msg00038.html SuSE Linux 13.2 x86_64 MozillaThunderbird-translations-other-45.2-43.1 MozillaThunderbird-debuginfo-45.2-43.1 MozillaThunderbird-45.2-43.1 MozillaThunderbird-translations-common-45.2-43.1 MozillaThunderbird-debugsource-45.2-43.1 MozillaThunderbird-buildsymbols-45.2-43.1 MozillaThunderbird-devel-45.2-43.1 i586 MozillaThunderbird-translations-other-45.2-43.1 MozillaThunderbird-debuginfo-45.2-43.1 MozillaThunderbird-45.2-43.1 MozillaThunderbird-translations-common-45.2-43.1 MozillaThunderbird-debugsource-45.2-43.1 MozillaThunderbird-buildsymbols-45.2-43.1 MozillaThunderbird-devel-45.2-43.1 20317 - (SYM16-010) Symantec Endpoint Protection Multiple Vulnerabilities Category: Windows Host Assessment -> Anti-Virus Software (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-2207, CVE-2016-2209, CVE-2016-2210, CVE-2016-2211, CVE-2016-3644, CVE-2016-3645, CVE-2016-3646 Description Multiple vulnerabilities are present in some versions of Symantec Endpoint Protection. Observation Symantec Endpoint Protection is an all-in-one antivirus software. Multiple vulnerabilities are present in some versions of Symantec Endpoint Protection. The flaws lie in the Symantec Decomposer Engine. Successful exploitation could allow an attacker to cause a denial of service or perform remote code execution. 20327 - (HPSBGN03569) HPE OneView for VMware vCenter Information Disclosure Vulnerability Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2014-3566, CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842 Description Multiple vulnerabilities are present in some versions of HPE OneView for VMware vCenter. Observation HPE OneView for VMware vCenter manage HPE infrastructure using VMware solutions. Multiple vulnerabilities are present in some versions of HPE OneView for VMware vCenter. The flaws lie in OpenSSL. Successful exploitation could allow an attacker to retrieve sensitive data or cause a denial of service condition. 178200 - Gentoo Linux GLSA-201607-02 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: High CVE: CVE-2014-8964, CVE-2015-5073, CVE-2015-8380, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE- 2015-8386, CVE-2015-8387, CVE-2015-8388, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8392, CVE-2015-8393, CVE-2015-8394, CVE-2015-8395, CVE-2016-1283 Description The scan detected that the host is missing the following update: GLSA-201607-02 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://security.gentoo.org/glsa/201607-02 Affected packages: dev-libs/libpcre < 8.38-r1 185351 - Ubuntu Linux 12.04, 14.04, 15.10, 16.04 USN-3029-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2016-2834 Description The scan detected that the host is missing the following update: USN-3029-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-July/003496.html Ubuntu 12.04 libnss3_3.23-0ubuntu0.12.04.1 Ubuntu 16.04 libnss3_3.23-0ubuntu0.16.04.1 Ubuntu 15.10 libnss3_3.23-0ubuntu0.15.10.1 Ubuntu 14.04 libnss3_3.23-0ubuntu0.14.04.1 141220 - Red Hat Enterprise Linux RHSA-2016-1406 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-4565 Description The scan detected that the host is missing the following update: RHSA-2016-1406 Observation Updates often remediate critical security problems that should be quickly addressed.