mcafee foundstone fsl update 2016-aug-31 · pdf file2016-aug-31 fsl version 7.5.843 mcafee...

2016-AUG-31FSL version 7.5.843

MCAFEE FOUNDSTONE FSL UPDATE

To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.

NEW CHECKS

144825 - SuSE SLES 12 SP1, SLED 12 SP1 SUSE-SU-2016:2154-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-2099, CVE-2016-4463

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:2154-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2016-August/002228.html

SuSE SLES 12 SP1x86_64libxerces-c-3_1-32bit-3.1.1-12.3libxerces-c-3_1-debuginfo-32bit-3.1.1-12.3xerces-c-debugsource-3.1.1-12.3xerces-c-debuginfo-3.1.1-12.3libxerces-c-3_1-debuginfo-3.1.1-12.3libxerces-c-3_1-3.1.1-12.3

SuSE SLED 12 SP1x86_64libxerces-c-3_1-32bit-3.1.1-12.3libxerces-c-3_1-debuginfo-32bit-3.1.1-12.3xerces-c-debugsource-3.1.1-12.3xerces-c-debuginfo-3.1.1-12.3libxerces-c-3_1-debuginfo-3.1.1-12.3libxerces-c-3_1-3.1.1-12.3

144827 - SuSE Linux 13.2 openSUSE-SU-2016:2144-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2012-6701, CVE-2013-7446, CVE-2014-9904, CVE-2015-3288, CVE-2015-6526, CVE-2015-7566, CVE-2015-8709, CVE-2015-8785, CVE-2015-8812, CVE-2015-8816, CVE-2015-8830, CVE-2016-0758, CVE-2016-1583, CVE-2016-2053, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2187, CVE-2016-2188, CVE-2016-2384, CVE-2016-2543, CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548, CVE-2016-2549, CVE-2016-2782, CVE-2016-2847, CVE-2016-3134, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3139, CVE-2016-3140, CVE-2016-3156, CVE-2016-3672, CVE-2016-3689, CVE-2016-3951, CVE-2016-4470, CVE-2016-4482, CVE-2016-4485, CVE-2016-4486, CVE-2016-4565, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4581, CVE-2016-4805, CVE-2016-4913, CVE-2016-4997, CVE-2016-5244, CVE-2016-5829

DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:2144-1


http://lists.opensuse.org/opensuse-updates/2016-08/msg00099.html

SuSE Linux 13.2i586xtables-addons-debugsource-2.6-22.3hdjmod-kmp-xen-1.28_k3.16.7_42-18.21.3bbswitch-0.8-3.20.3ipset-kmp-xen-6.23_k3.16.7_42-20.3xtables-addons-debuginfo-2.6-22.3kernel-obs-build-3.16.7-42.2ipset-kmp-default-debuginfo-6.23_k3.16.7_42-20.3crash-devel-7.0.8-20.3virtualbox-websrv-5.0.20-48.5pcfclock-kmp-pae-0.44_k3.16.7_42-260.20.2bbswitch-kmp-default-0.8_k3.16.7_42-3.20.3virtualbox-guest-kmp-desktop-5.0.20_k3.16.7_42-48.5xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_42-22.3bbswitch-kmp-pae-0.8_k3.16.7_42-3.20.3hdjmod-kmp-desktop-1.28_k3.16.7_42-18.21.3bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_42-3.20.3pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_42-260.20.2pcfclock-kmp-desktop-0.44_k3.16.7_42-260.20.2virtualbox-qt-debuginfo-5.0.20-48.5bbswitch-debugsource-0.8-3.20.3ipset-debugsource-6.23-20.3cloop-debuginfo-2.639-14.20.3crash-kmp-xen-debuginfo-7.0.8_k3.16.7_42-20.3virtualbox-guest-x11-5.0.20-48.5crash-eppic-7.0.8-20.3cloop-debugsource-2.639-14.20.3pcfclock-kmp-default-debuginfo-0.44_k3.16.7_42-260.20.2virtualbox-debugsource-5.0.20-48.5kernel-obs-qa-xen-3.16.7-42.1pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_42-260.20.2ipset-devel-6.23-20.3vhba-kmp-xen-20140629_k3.16.7_42-2.20.2kernel-syms-3.16.7-42.1virtualbox-guest-tools-debuginfo-5.0.20-48.5virtualbox-guest-kmp-pae-debuginfo-5.0.20_k3.16.7_42-48.5python-virtualbox-debuginfo-5.0.20-48.5cloop-kmp-xen-debuginfo-2.639_k3.16.7_42-14.20.3bbswitch-kmp-xen-0.8_k3.16.7_42-3.20.3virtualbox-devel-5.0.20-48.5xen-tools-domU-debuginfo-4.4.4_02-46.2virtualbox-guest-kmp-default-5.0.20_k3.16.7_42-48.5kernel-ec2-devel-3.16.7-42.1cloop-kmp-default-debuginfo-2.639_k3.16.7_42-14.20.3crash-debuginfo-7.0.8-20.3crash-eppic-debuginfo-7.0.8-20.3cloop-kmp-xen-2.639_k3.16.7_42-14.20.3kernel-default-devel-3.16.7-42.1

kernel-ec2-base-3.16.7-42.1bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_42-3.20.3kernel-default-debugsource-3.16.7-42.1kernel-default-3.16.7-42.1kernel-default-debuginfo-3.16.7-42.1xen-libs-4.4.4_02-46.2vhba-kmp-desktop-20140629_k3.16.7_42-2.20.2kernel-obs-qa-3.16.7-42.1cloop-kmp-default-2.639_k3.16.7_42-14.20.3cloop-kmp-desktop-2.639_k3.16.7_42-14.20.3crash-kmp-pae-debuginfo-7.0.8_k3.16.7_42-20.3crash-7.0.8-20.3python-virtualbox-5.0.20-48.5kernel-ec2-3.16.7-42.1ipset-debuginfo-6.23-20.3vhba-kmp-default-debuginfo-20140629_k3.16.7_42-2.20.2crash-gcore-7.0.8-20.3hdjmod-kmp-default-debuginfo-1.28_k3.16.7_42-18.21.3xen-tools-domU-4.4.4_02-46.2crash-kmp-default-debuginfo-7.0.8_k3.16.7_42-20.3crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_42-20.3crash-gcore-debuginfo-7.0.8-20.3virtualbox-guest-x11-debuginfo-5.0.20-48.5virtualbox-host-kmp-default-5.0.20_k3.16.7_42-48.5cloop-kmp-desktop-debuginfo-2.639_k3.16.7_42-14.20.3cloop-2.639-14.20.3xtables-addons-kmp-xen-2.6_k3.16.7_42-22.3virtualbox-guest-kmp-desktop-debuginfo-5.0.20_k3.16.7_42-48.5xtables-addons-kmp-desktop-2.6_k3.16.7_42-22.3pcfclock-debuginfo-0.44-260.20.2ipset-kmp-pae-debuginfo-6.23_k3.16.7_42-20.3xen-libs-debuginfo-4.4.4_02-46.2libipset3-6.23-20.3bbswitch-kmp-desktop-0.8_k3.16.7_42-3.20.3virtualbox-qt-5.0.20-48.5hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_42-18.21.3cloop-kmp-pae-debuginfo-2.639_k3.16.7_42-14.20.3crash-kmp-default-7.0.8_k3.16.7_42-20.3xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_42-22.3vhba-kmp-pae-20140629_k3.16.7_42-2.20.2cloop-kmp-pae-2.639_k3.16.7_42-14.20.3virtualbox-host-kmp-pae-debuginfo-5.0.20_k3.16.7_42-48.5bbswitch-kmp-default-debuginfo-0.8_k3.16.7_42-3.20.3ipset-kmp-desktop-6.23_k3.16.7_42-20.3xen-devel-4.4.4_02-46.2ipset-kmp-xen-debuginfo-6.23_k3.16.7_42-20.3hdjmod-kmp-pae-1.28_k3.16.7_42-18.21.3bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_42-3.20.3virtualbox-guest-kmp-default-debuginfo-5.0.20_k3.16.7_42-48.5kernel-default-base-debuginfo-3.16.7-42.1virtualbox-host-kmp-desktop-debuginfo-5.0.20_k3.16.7_42-48.5ipset-kmp-pae-6.23_k3.16.7_42-20.3hdjmod-kmp-default-1.28_k3.16.7_42-18.21.3hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_42-18.21.3crash-kmp-pae-7.0.8_k3.16.7_42-20.3crash-doc-7.0.8-20.3pcfclock-0.44-260.20.2xtables-addons-kmp-default-2.6_k3.16.7_42-22.3crash-kmp-xen-7.0.8_k3.16.7_42-20.3virtualbox-5.0.20-48.5

crash-debugsource-7.0.8-20.3vhba-kmp-pae-debuginfo-20140629_k3.16.7_42-2.20.2libipset3-debuginfo-6.23-20.3virtualbox-host-kmp-desktop-5.0.20_k3.16.7_42-48.5vhba-kmp-default-20140629_k3.16.7_42-2.20.2kernel-default-base-3.16.7-42.1hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_42-18.21.3virtualbox-websrv-debuginfo-5.0.20-48.5virtualbox-guest-tools-5.0.20-48.5xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_42-22.3xtables-addons-2.6-22.3xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_42-22.3xtables-addons-kmp-pae-2.6_k3.16.7_42-22.3crash-kmp-desktop-7.0.8_k3.16.7_42-20.3virtualbox-host-kmp-pae-5.0.20_k3.16.7_42-48.5hdjmod-debugsource-1.28-18.21.3vhba-kmp-xen-debuginfo-20140629_k3.16.7_42-2.20.2kernel-obs-build-debugsource-3.16.7-42.2vhba-kmp-debugsource-20140629-2.20.2virtualbox-guest-kmp-pae-5.0.20_k3.16.7_42-48.5virtualbox-debuginfo-5.0.20-48.5vhba-kmp-desktop-debuginfo-20140629_k3.16.7_42-2.20.2pcfclock-kmp-default-0.44_k3.16.7_42-260.20.2ipset-6.23-20.3ipset-kmp-desktop-debuginfo-6.23_k3.16.7_42-20.3virtualbox-host-kmp-default-debuginfo-5.0.20_k3.16.7_42-48.5ipset-kmp-default-6.23_k3.16.7_42-20.3pcfclock-debugsource-0.44-260.20.2xen-debugsource-4.4.4_02-46.2

i686kernel-desktop-debuginfo-3.16.7-42.1kernel-desktop-debugsource-3.16.7-42.1kernel-pae-debuginfo-3.16.7-42.1kernel-debug-debuginfo-3.16.7-42.1kernel-vanilla-debuginfo-3.16.7-42.1kernel-ec2-debuginfo-3.16.7-42.1kernel-vanilla-devel-3.16.7-42.1kernel-debug-3.16.7-42.1kernel-desktop-3.16.7-42.1kernel-xen-base-debuginfo-3.16.7-42.1kernel-xen-debuginfo-3.16.7-42.1kernel-pae-devel-3.16.7-42.1kernel-pae-base-3.16.7-42.1kernel-debug-base-3.16.7-42.1kernel-pae-debugsource-3.16.7-42.1kernel-pae-base-debuginfo-3.16.7-42.1kernel-debug-base-debuginfo-3.16.7-42.1kernel-vanilla-debugsource-3.16.7-42.1kernel-debug-devel-debuginfo-3.16.7-42.1kernel-vanilla-3.16.7-42.1kernel-ec2-debugsource-3.16.7-42.1kernel-desktop-base-debuginfo-3.16.7-42.1kernel-debug-devel-3.16.7-42.1kernel-debug-debugsource-3.16.7-42.1kernel-desktop-devel-3.16.7-42.1kernel-xen-debugsource-3.16.7-42.1kernel-ec2-base-debuginfo-3.16.7-42.1kernel-desktop-base-3.16.7-42.1kernel-xen-3.16.7-42.1

kernel-xen-base-3.16.7-42.1kernel-pae-3.16.7-42.1kernel-xen-devel-3.16.7-42.1

noarchkernel-source-vanilla-3.16.7-42.1kernel-docs-3.16.7-42.2virtualbox-guest-desktop-icons-5.0.20-48.5kernel-devel-3.16.7-42.1kernel-source-3.16.7-42.1kernel-macros-3.16.7-42.1virtualbox-host-source-5.0.20-48.5

x86_64kernel-vanilla-debuginfo-3.16.7-42.1bbswitch-debugsource-0.8-3.20.3cloop-debugsource-2.639-14.20.3xen-kmp-default-4.4.4_02_k3.16.7_42-46.2

163146 - Oracle Enterprise Linux ELSA-2016-3596 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2013-4312, CVE-2015-7513, CVE-2015-7799, CVE-2015-7837, CVE-2015-8767, CVE-2015-8785, CVE-2015-8787, CVE-2015-8816, CVE-2016-0723, CVE-2016-0758, CVE-2016-2069, CVE-2016-2085, CVE-2016-2117, CVE-2016-2847, CVE-2016-3136, CVE-2016-3137, CVE-2016-3156, CVE-2016-3157, CVE-2016-4470, CVE-2016-4565, CVE-2016-4581, CVE-2016-4805, CVE-2016-4913, CVE-2016-4951, CVE-2016-6197, CVE-2016-6198

DescriptionThe scan detected that the host is missing the following update:ELSA-2016-3596


http://oss.oracle.com/pipermail/el-errata/2016-August/006312.htmlhttp://oss.oracle.com/pipermail/el-errata/2016-August/006313.html

OEL7x86_64kernel-uek-debug-devel-4.1.12-61.1.6.el7uekkernel-uek-doc-4.1.12-61.1.6.el7uekkernel-uek-firmware-4.1.12-61.1.6.el7uekkernel-uek-4.1.12-61.1.6.el7uekkernel-uek-devel-4.1.12-61.1.6.el7uekdtrace-modules-4.1.12-61.1.6.el7uek-0.5.3-2.el7kernel-uek-debug-4.1.12-61.1.6.el7uek

OEL6x86_64kernel-uek-devel-4.1.12-61.1.6.el6uekkernel-uek-firmware-4.1.12-61.1.6.el6uekkernel-uek-debug-4.1.12-61.1.6.el6uekkernel-uek-debug-devel-4.1.12-61.1.6.el6uekkernel-uek-doc-4.1.12-61.1.6.el6uekkernel-uek-4.1.12-61.1.6.el6uekdtrace-modules-4.1.12-61.1.6.el6uek-0.5.3-2.el6

182104 - FreeBSD libxml2 Multiple Vulnabilities (e195679d-045b-4953-bb33-be0073ba2ac6)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483

DescriptionThe scan detected that the host is missing the following update:libxml2 -- multiple vulnabilities (e195679d-045b-4953-bb33-be0073ba2ac6)


http://www.vuxml.org/freebsd/e195679d-045b-4953-bb33-be0073ba2ac6.html

Affected packages: libxml2 < 2.9.4

20458 - D-link Routers Buffer Overflow Vulnerability

Category: Wireless Assessment -> NonIntrusive -> Wireless Risk Level: High CVE: CVE-2016-5681

DescriptionA buffer overflow vulnerability is present in some versions of D-Link DIR-model.

ObservationD-Link DIR is a wireless router.

A buffer overflow vulnerability is present in some versions of D-Link DIR-model. The flaw lies in cgibin interface on port 8181. Successful exploitation could allow an attacker to remotely execute arbitrary code.

141269 - Red Hat Enterprise Linux RHSA-2016-1776 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3606

DescriptionThe scan detected that the host is missing the following update:RHSA-2016-1776


https://rhn.redhat.com/errata/RHSA-2016-1776.html

RHEL5Sx86_64

java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-src-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.4.el5_11

i386java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-src-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.4.el5_11

RHEL7Sx86_64java-1.6.0-openjdk-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-src-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.5.el7_2

RHEL6Sx86_64java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-src-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8

i386java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-src-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8

RHEL6WSx86_64java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8

i386java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8

RHEL5Dx86_64java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-src-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.4.el5_11

java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.4.el5_11


RHEL7Dx86_64java-1.6.0-openjdk-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-src-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.5.el7_2

RHEL6Dx86_64java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-src-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8


RHEL7WSx86_64java-1.6.0-openjdk-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-src-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.5.el7_2

160139 - CentOS 5, 6, 7 CESA-2016-1776 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3606

DescriptionThe scan detected that the host is missing the following update:CESA-2016-1776

ObservationUpdates often remediate critical security problems that should be quickly addressed.

For more information see:

http://lists.centos.org/pipermail/centos-announce/2016-August/022055.htmlhttp://lists.centos.org/pipermail/centos-announce/2016-August/022054.htmlhttp://lists.centos.org/pipermail/centos-announce/2016-August/022056.html

CentOS 6x86_64java-1.6.0-openjdk-src-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.6.el6_8

i686java-1.6.0-openjdk-src-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.6.el6_8

CentOS 7x86_64java-1.6.0-openjdk-src-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.5.el7_2

CentOS 5x86_64java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-src-1.6.0.40-1.13.12.4.el5_11

i386java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-src-1.6.0.40-1.13.12.4.el5_11

163145 - Oracle Enterprise Linux ELSA-2016-1776 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3606

DescriptionThe scan detected that the host is missing the following update:ELSA-2016-1776


http://oss.oracle.com/pipermail/el-errata/2016-August/006299.htmlhttp://oss.oracle.com/pipermail/el-errata/2016-August/006298.htmlhttp://oss.oracle.com/pipermail/el-errata/2016-August/006297.html

OEL6x86_64java-1.6.0-openjdk-src-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.6.el6_8

i386java-1.6.0-openjdk-src-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.6.el6_8

OEL5x86_64java-1.6.0-openjdk-src-1.6.0.40-1.13.12.4.0.1.el5_11java-1.6.0-openjdk-1.6.0.40-1.13.12.4.0.1.el5_11java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.4.0.1.el5_11java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.4.0.1.el5_11java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.4.0.1.el5_11

i386java-1.6.0-openjdk-src-1.6.0.40-1.13.12.4.0.1.el5_11java-1.6.0-openjdk-1.6.0.40-1.13.12.4.0.1.el5_11java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.4.0.1.el5_11java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.4.0.1.el5_11java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.4.0.1.el5_11

OEL7x86_64java-1.6.0-openjdk-src-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.5.el7_2

175006 - Scientific Linux Security ERRATA Important: java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (1608-14326)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3606

DescriptionThe scan detected that the host is missing the following update:Security ERRATA Important: java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (1608-14326)


https://listserv.fnal.gov/scripts/wa.exe?A2=ind1608&L=scientific-linux-errata&F=&S=&P=14326

SL5x86_64java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-src-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.4.el5_11java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.4.el5_11


SL7x86_64java-1.6.0-openjdk-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-src-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.5.el7_2java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.5.el7_2

SL6x86_64java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-src-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-debuginfo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.6.el6_8java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8


20457 - Oracle Directory Server Enterprise Edition Critical Patch Update July 2016

Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: High CVE: CVE-2015-2721, CVE-2015-4000, CVE-2015-7181, CVE-2015-7182, CVE-2015-7183, CVE-2015-7575

DescriptionMultiple vulnerabilities are present in some versions of Oracle Directory Server Enterprise Edition.

ObservationOracle Directory Server Enterprise Edition provides a core directory service for enterprise environments.

Multiple vulnerabilities are present in some versions of Oracle Directory Server Enterprise Edition. The flaw lies in the Admin Server component. Successful exploitation could allow an attacker to remotely execute arbitrary code or cause a denial of service condition.

20467 - (HPSBGN03630) HP Operations Manager Apache Commons Collections Java Object Deserialization Vulnerability

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-4373

DescriptionA remote code execution vulnerability is present in some versions of HP Operations Manager.

ObservationHP Operations Manager is a package management software.

A remote code execution vulnerability is present in some versions of HP Operations Manager. The flaw lies in the handling of Java object deserialization inside Apache Commons Collections. Successful exploitation could allow attackers to execute arbitrary code.

130568 - Debian Linux 8.0 DSA-3652-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2016-4562, CVE-2016-4563, CVE-2016-4564, CVE-2016-5010, CVE-2016-5687, CVE-2016-5688, CVE-2016-5689, CVE-2016-5690, CVE-2016-5691, CVE-2016-5841, CVE-2016-5842, CVE-2016-6491

DescriptionThe scan detected that the host is missing the following update:DSA-3652-1


http://www.debian.org/security/2016/dsa-3652

Debian 8.0allimagemagick_8:6.8.9.9-5+deb8u4

144821 - SuSE SLES 11 SP4 SUSE-SU-2016:2156-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-1234, CVE-2016-3075, CVE-2016-3706, CVE-2016-4429




SuSE SLES 11 SP4i686

glibc-devel-2.11.3-17.102.1glibc-2.11.3-17.102.1

i586glibc-info-2.11.3-17.102.1glibc-i18ndata-2.11.3-17.102.1glibc-devel-2.11.3-17.102.1glibc-locale-2.11.3-17.102.1glibc-2.11.3-17.102.1glibc-profile-2.11.3-17.102.1glibc-html-2.11.3-17.102.1nscd-2.11.3-17.102.1

x86_64glibc-locale-32bit-2.11.3-17.102.1glibc-info-2.11.3-17.102.1glibc-i18ndata-2.11.3-17.102.1glibc-devel-2.11.3-17.102.1glibc-locale-2.11.3-17.102.1glibc-2.11.3-17.102.1glibc-devel-32bit-2.11.3-17.102.1glibc-32bit-2.11.3-17.102.1glibc-profile-2.11.3-17.102.1glibc-html-2.11.3-17.102.1glibc-profile-32bit-2.11.3-17.102.1nscd-2.11.3-17.102.1


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-6354




SuSE Linux 13.2x86_64mozilla-nss-debugsource-3.24-43.1mozilla-nss-sysinit-debuginfo-3.24-43.1libfreebl3-debuginfo-32bit-3.24-43.1mozilla-nss-sysinit-debuginfo-32bit-3.24-43.1MozillaFirefox-buildsymbols-48.0.1-77.4MozillaFirefox-branding-upstream-48.0.1-77.4mozilla-nss-debuginfo-3.24-43.1libsoftokn3-3.24-43.1mozilla-nss-3.24-43.1MozillaFirefox-debugsource-48.0.1-77.4MozillaFirefox-translations-other-48.0.1-77.4mozilla-nss-32bit-3.24-43.1libsoftokn3-debuginfo-32bit-3.24-43.1

MozillaFirefox-48.0.1-77.4libfreebl3-3.24-43.1mozilla-nss-devel-3.24-43.1mozilla-nss-certs-debuginfo-3.24-43.1mozilla-nss-tools-3.24-43.1mozilla-nss-sysinit-32bit-3.24-43.1mozilla-nss-sysinit-3.24-43.1mozilla-nss-certs-debuginfo-32bit-3.24-43.1libsoftokn3-debuginfo-3.24-43.1mozilla-nss-debuginfo-32bit-3.24-43.1MozillaFirefox-devel-48.0.1-77.4libsoftokn3-32bit-3.24-43.1mozilla-nss-tools-debuginfo-3.24-43.1MozillaFirefox-debuginfo-48.0.1-77.4libfreebl3-debuginfo-3.24-43.1libfreebl3-32bit-3.24-43.1mozilla-nss-certs-3.24-43.1MozillaFirefox-translations-common-48.0.1-77.4mozilla-nss-certs-32bit-3.24-43.1

i586mozilla-nss-sysinit-debuginfo-3.24-43.1MozillaFirefox-devel-48.0.1-77.4mozilla-nss-tools-debuginfo-3.24-43.1libfreebl3-debuginfo-3.24-43.1MozillaFirefox-branding-upstream-48.0.1-77.4libsoftokn3-debuginfo-3.24-43.1libfreebl3-3.24-43.1mozilla-nss-debugsource-3.24-43.1mozilla-nss-3.24-43.1MozillaFirefox-48.0.1-77.4MozillaFirefox-debugsource-48.0.1-77.4MozillaFirefox-translations-other-48.0.1-77.4mozilla-nss-debuginfo-3.24-43.1libsoftokn3-3.24-43.1mozilla-nss-certs-3.24-43.1mozilla-nss-devel-3.24-43.1MozillaFirefox-translations-common-48.0.1-77.4mozilla-nss-sysinit-3.24-43.1MozillaFirefox-debuginfo-48.0.1-77.4mozilla-nss-certs-debuginfo-3.24-43.1MozillaFirefox-buildsymbols-48.0.1-77.4mozilla-nss-tools-3.24-43.1


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-2830, CVE-2016-2835, CVE-2016-2836, CVE-2016-2837, CVE-2016-2838, CVE-2016-2839, CVE-2016-5252, CVE-2016-5254, CVE-2016-5258, CVE-2016-5259, CVE-2016-5262, CVE-2016-5263, CVE-2016-5264, CVE-2016-5265, CVE-2016-6354




SuSE SLES 11 SP4i586MozillaFirefox-translations-45.3.0esr-50.1MozillaFirefox-45.3.0esr-50.1

x86_64MozillaFirefox-translations-45.3.0esr-50.1MozillaFirefox-45.3.0esr-50.1


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2014-9904, CVE-2015-7833, CVE-2015-8551, CVE-2015-8552, CVE-2015-8845, CVE-2016-0758, CVE-2016-1583, CVE-2016-2053, CVE-2016-3672, CVE-2016-4470, CVE-2016-4482, CVE-2016-4486, CVE-2016-4565, CVE-2016-4569, CVE-2016-4578, CVE-2016-4805, CVE-2016-4997, CVE-2016-4998, CVE-2016-5244, CVE-2016-5828, CVE-2016-5829




SuSE Linux 13.1i586openvswitch-1.11.0-0.39.3kernel-default-3.12.62-52.1pcfclock-kmp-default-debuginfo-0.44_k3.12.62_52-258.33.2openvswitch-kmp-desktop-debuginfo-1.11.0_k3.12.62_52-0.39.3crash-kmp-default-7.0.2_k3.12.62_52-2.32.7xtables-addons-debugsource-2.3-2.31.2xen-debugsource-4.3.4_10-65.3xen-kmp-default-4.3.4_10_k3.12.62_52-65.3virtualbox-host-kmp-pae-4.2.36_k3.12.62_52-2.64.4crash-debugsource-7.0.2-2.32.7hdjmod-kmp-pae-debuginfo-1.28_k3.12.62_52-16.32.2virtualbox-guest-x11-4.2.36-2.64.4crash-kmp-desktop-debuginfo-7.0.2_k3.12.62_52-2.32.7virtualbox-debuginfo-4.2.36-2.64.4openvswitch-kmp-default-1.11.0_k3.12.62_52-0.39.3ndiswrapper-kmp-desktop-1.58_k3.12.62_52-33.2xtables-addons-kmp-default-debuginfo-2.3_k3.12.62_52-2.31.2cloop-2.639-11.32.2virtualbox-qt-4.2.36-2.64.4iscsitarget-debugsource-1.4.20.3-13.32.2ipset-kmp-xen-debuginfo-6.21.1_k3.12.62_52-2.36.2cloop-debugsource-2.639-11.32.2xen-kmp-desktop-debuginfo-4.3.4_10_k3.12.62_52-65.3vhba-kmp-default-debuginfo-20130607_k3.12.62_52-2.32.2ipset-kmp-default-debuginfo-6.21.1_k3.12.62_52-2.36.2iscsitarget-debuginfo-1.4.20.3-13.32.2pcfclock-debuginfo-0.44-258.33.2

xen-devel-4.3.4_10-65.3iscsitarget-kmp-desktop-1.4.20.3_k3.12.62_52-13.32.2virtualbox-qt-debuginfo-4.2.36-2.64.4openvswitch-controller-1.11.0-0.39.3crash-kmp-xen-debuginfo-7.0.2_k3.12.62_52-2.32.7iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.12.62_52-13.32.2xtables-addons-kmp-desktop-2.3_k3.12.62_52-2.31.2xtables-addons-kmp-xen-2.3_k3.12.62_52-2.31.2xen-libs-debuginfo-4.3.4_10-65.3libipset3-debuginfo-6.21.1-2.36.2pcfclock-kmp-pae-0.44_k3.12.62_52-258.33.2python-openvswitch-test-1.11.0-0.39.3xtables-addons-kmp-default-2.3_k3.12.62_52-2.31.2xtables-addons-debuginfo-2.3-2.31.2libipset3-6.21.1-2.36.2xtables-addons-2.3-2.31.2iscsitarget-1.4.20.3-13.32.2vhba-kmp-pae-20130607_k3.12.62_52-2.32.2cloop-kmp-default-2.639_k3.12.62_52-11.32.2cloop-kmp-pae-2.639_k3.12.62_52-11.32.2crash-eppic-debuginfo-7.0.2-2.32.7hdjmod-kmp-default-debuginfo-1.28_k3.12.62_52-16.32.2cloop-debuginfo-2.639-11.32.2virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.12.62_52-2.64.4kernel-syms-3.12.62-52.1hdjmod-kmp-desktop-1.28_k3.12.62_52-16.32.2cloop-kmp-xen-debuginfo-2.639_k3.12.62_52-11.32.2crash-gcore-7.0.2-2.32.7virtualbox-host-kmp-default-debuginfo-4.2.36_k3.12.62_52-2.64.4crash-gcore-debuginfo-7.0.2-2.32.7vhba-kmp-default-20130607_k3.12.62_52-2.32.2openvswitch-controller-debuginfo-1.11.0-0.39.3xen-kmp-pae-debuginfo-4.3.4_10_k3.12.62_52-65.3xen-libs-4.3.4_10-65.3vhba-kmp-desktop-20130607_k3.12.62_52-2.32.2ipset-kmp-pae-6.21.1_k3.12.62_52-2.36.2crash-kmp-pae-7.0.2_k3.12.62_52-2.32.7iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.12.62_52-13.32.2xtables-addons-kmp-pae-2.3_k3.12.62_52-2.31.2virtualbox-guest-kmp-default-4.2.36_k3.12.62_52-2.64.4hdjmod-kmp-desktop-debuginfo-1.28_k3.12.62_52-16.32.2openvswitch-kmp-pae-debuginfo-1.11.0_k3.12.62_52-0.39.3virtualbox-websrv-debuginfo-4.2.36-2.64.4hdjmod-kmp-pae-1.28_k3.12.62_52-16.32.2virtualbox-guest-tools-debuginfo-4.2.36-2.64.4ipset-devel-6.21.1-2.36.2ndiswrapper-kmp-pae-1.58_k3.12.62_52-33.2kernel-default-debuginfo-3.12.62-52.1openvswitch-pki-1.11.0-0.39.3virtualbox-host-kmp-desktop-4.2.36_k3.12.62_52-2.64.4openvswitch-debuginfo-1.11.0-0.39.3virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.12.62_52-2.64.4virtualbox-4.2.36-2.64.4virtualbox-websrv-4.2.36-2.64.4ndiswrapper-1.58-33.2ndiswrapper-kmp-pae-debuginfo-1.58_k3.12.62_52-33.2crash-kmp-xen-7.0.2_k3.12.62_52-2.32.7virtualbox-guest-x11-debuginfo-4.2.36-2.64.4pcfclock-debugsource-0.44-258.33.2cloop-kmp-desktop-2.639_k3.12.62_52-11.32.2

virtualbox-guest-tools-4.2.36-2.64.4openvswitch-switch-debuginfo-1.11.0-0.39.3xtables-addons-kmp-pae-debuginfo-2.3_k3.12.62_52-2.31.2cloop-kmp-default-debuginfo-2.639_k3.12.62_52-11.32.2xen-tools-domU-4.3.4_10-65.3iscsitarget-kmp-default-1.4.20.3_k3.12.62_52-13.32.2vhba-kmp-pae-debuginfo-20130607_k3.12.62_52-2.32.2ipset-kmp-xen-6.21.1_k3.12.62_52-2.36.2virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.12.62_52-2.64.4kernel-default-debugsource-3.12.62-52.1openvswitch-switch-1.11.0-0.39.3crash-kmp-desktop-7.0.2_k3.12.62_52-2.32.7crash-7.0.2-2.32.7hdjmod-debugsource-1.28-16.32.2iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.12.62_52-13.32.2crash-doc-7.0.2-2.32.7virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.12.62_52-2.64.4openvswitch-test-1.11.0-0.39.3openvswitch-kmp-xen-debuginfo-1.11.0_k3.12.62_52-0.39.3virtualbox-host-kmp-default-4.2.36_k3.12.62_52-2.64.4vhba-kmp-desktop-debuginfo-20130607_k3.12.62_52-2.32.2crash-kmp-default-debuginfo-7.0.2_k3.12.62_52-2.32.7iscsitarget-kmp-pae-1.4.20.3_k3.12.62_52-13.32.2python-openvswitch-1.11.0-0.39.3iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.12.62_52-13.32.2vhba-kmp-xen-20130607_k3.12.62_52-2.32.2virtualbox-guest-kmp-desktop-4.2.36_k3.12.62_52-2.64.4openvswitch-kmp-xen-1.11.0_k3.12.62_52-0.39.3ipset-debuginfo-6.21.1-2.36.2xen-tools-domU-debuginfo-4.3.4_10-65.3xen-kmp-desktop-4.3.4_10_k3.12.62_52-65.3cloop-kmp-desktop-debuginfo-2.639_k3.12.62_52-11.32.2crash-kmp-pae-debuginfo-7.0.2_k3.12.62_52-2.32.7ipset-debugsource-6.21.1-2.36.2pcfclock-kmp-desktop-0.44_k3.12.62_52-258.33.2virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.12.62_52-2.64.4hdjmod-kmp-xen-1.28_k3.12.62_52-16.32.2cloop-kmp-pae-debuginfo-2.639_k3.12.62_52-11.32.2ipset-kmp-desktop-debuginfo-6.21.1_k3.12.62_52-2.36.2crash-debuginfo-7.0.2-2.32.7ndiswrapper-debuginfo-1.58-33.2iscsitarget-kmp-xen-1.4.20.3_k3.12.62_52-13.32.2virtualbox-devel-4.2.36-2.64.4kernel-default-devel-3.12.62-52.1openvswitch-kmp-pae-1.11.0_k3.12.62_52-0.39.3hdjmod-kmp-default-1.28_k3.12.62_52-16.32.2python-virtualbox-debuginfo-4.2.36-2.64.4ndiswrapper-kmp-default-debuginfo-1.58_k3.12.62_52-33.2openvswitch-kmp-desktop-1.11.0_k3.12.62_52-0.39.3ndiswrapper-kmp-desktop-debuginfo-1.58_k3.12.62_52-33.2cloop-kmp-xen-2.639_k3.12.62_52-11.32.2ipset-kmp-desktop-6.21.1_k3.12.62_52-2.36.2xen-kmp-pae-4.3.4_10_k3.12.62_52-65.3xtables-addons-kmp-xen-debuginfo-2.3_k3.12.62_52-2.31.2kernel-default-base-3.12.62-52.1crash-eppic-7.0.2-2.32.7pcfclock-kmp-pae-debuginfo-0.44_k3.12.62_52-258.33.2kernel-default-base-debuginfo-3.12.62-52.1pcfclock-0.44-258.33.2ndiswrapper-debugsource-1.58-33.2

ipset-kmp-default-6.21.1_k3.12.62_52-2.36.2ipset-6.21.1-2.36.2ipset-kmp-pae-debuginfo-6.21.1_k3.12.62_52-2.36.2virtualbox-guest-kmp-pae-4.2.36_k3.12.62_52-2.64.4vhba-kmp-debugsource-20130607-2.32.2ndiswrapper-kmp-default-1.58_k3.12.62_52-33.2virtualbox-debugsource-4.2.36-2.64.4openvswitch-debugsource-1.11.0-0.39.3crash-devel-7.0.2-2.32.7xtables-addons-kmp-desktop-debuginfo-2.3_k3.12.62_52-2.31.2python-virtualbox-4.2.36-2.64.4pcfclock-kmp-desktop-debuginfo-0.44_k3.12.62_52-258.33.2openvswitch-kmp-default-debuginfo-1.11.0_k3.12.62_52-0.39.3


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-3092, CVE-2016-5388




SuSE SLES 12 SP1noarchtomcat-jsp-2_3-api-8.0.32-8.7tomcat-webapps-8.0.32-8.7tomcat-8.0.32-8.7tomcat-el-3_0-api-8.0.32-8.7tomcat-javadoc-8.0.32-8.7tomcat-docs-webapp-8.0.32-8.7tomcat-lib-8.0.32-8.7tomcat-admin-webapps-8.0.32-8.7tomcat-servlet-3_1-api-8.0.32-8.7






SuSE Linux 13.1x86_64mozilla-nss-certs-32bit-3.24-88.1MozillaFirefox-buildsymbols-48.0.1-122.3libsoftokn3-debuginfo-3.24-88.1mozilla-nss-debugsource-3.24-88.1mozilla-nss-tools-debuginfo-3.24-88.1libsoftokn3-32bit-3.24-88.1libfreebl3-3.24-88.1libsoftokn3-3.24-88.1MozillaFirefox-translations-common-48.0.1-122.3libfreebl3-debuginfo-3.24-88.1mozilla-nss-sysinit-3.24-88.1mozilla-nss-sysinit-debuginfo-3.24-88.1mozilla-nss-devel-3.24-88.1libfreebl3-32bit-3.24-88.1mozilla-nss-debuginfo-3.24-88.1mozilla-nss-tools-3.24-88.1mozilla-nss-32bit-3.24-88.1MozillaFirefox-translations-other-48.0.1-122.3mozilla-nss-certs-debuginfo-3.24-88.1mozilla-nss-sysinit-32bit-3.24-88.1mozilla-nss-certs-3.24-88.1MozillaFirefox-devel-48.0.1-122.3mozilla-nss-certs-debuginfo-32bit-3.24-88.1MozillaFirefox-48.0.1-122.3libfreebl3-debuginfo-32bit-3.24-88.1MozillaFirefox-branding-upstream-48.0.1-122.3mozilla-nss-sysinit-debuginfo-32bit-3.24-88.1mozilla-nss-3.24-88.1MozillaFirefox-debugsource-48.0.1-122.3libsoftokn3-debuginfo-32bit-3.24-88.1mozilla-nss-debuginfo-32bit-3.24-88.1MozillaFirefox-debuginfo-48.0.1-122.3

i586mozilla-nss-3.24-88.1MozillaFirefox-debugsource-48.0.1-122.3MozillaFirefox-translations-common-48.0.1-122.3mozilla-nss-devel-3.24-88.1mozilla-nss-debuginfo-3.24-88.1MozillaFirefox-devel-48.0.1-122.3libsoftokn3-3.24-88.1libfreebl3-debuginfo-3.24-88.1libsoftokn3-debuginfo-3.24-88.1mozilla-nss-debugsource-3.24-88.1libfreebl3-3.24-88.1mozilla-nss-tools-debuginfo-3.24-88.1mozilla-nss-tools-3.24-88.1MozillaFirefox-branding-upstream-48.0.1-122.3MozillaFirefox-buildsymbols-48.0.1-122.3mozilla-nss-certs-3.24-88.1MozillaFirefox-48.0.1-122.3MozillaFirefox-translations-other-48.0.1-122.3mozilla-nss-sysinit-3.24-88.1mozilla-nss-sysinit-debuginfo-3.24-88.1MozillaFirefox-debuginfo-48.0.1-122.3mozilla-nss-certs-debuginfo-3.24-88.1






SuSE SLES 12 SP1x86_64libstorage6-2.25.35.1-3.1libstorage6-debuginfo-2.25.35.1-3.1libstorage-debugsource-2.25.35.1-3.1libstorage-ruby-debuginfo-2.25.35.1-3.1libstorage-ruby-2.25.35.1-3.1

SuSE SLED 12 SP1x86_64libstorage6-2.25.35.1-3.1libstorage6-debuginfo-2.25.35.1-3.1libstorage-debugsource-2.25.35.1-3.1libstorage-ruby-debuginfo-2.25.35.1-3.1libstorage-ruby-2.25.35.1-3.1


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-6606, CVE-2016-6607, CVE-2016-6608, CVE-2016-6609, CVE-2016-6610, CVE-2016-6611, CVE-2016-6612, CVE-2016-6613, CVE-2016-6614, CVE-2016-6615, CVE-2016-6616, CVE-2016-6617, CVE-2016-6618, CVE-2016-6619, CVE-2016-6620, CVE-2016-6621, CVE-2016-6622, CVE-2016-6623, CVE-2016-6624, CVE-2016-6625, CVE-2016-6626, CVE-2016-6627, CVE-2016-6628, CVE-2016-6629, CVE-2016-6630, CVE-2016-6631, CVE-2016-6632, CVE-2016-6633




SuSE Linux 13.2noarchphpMyAdmin-4.4.15.8-39.1


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2016-6606, CVE-2016-6607, CVE-2016-6608, CVE-2016-6609, CVE-2016-6610, CVE-2016-6611, CVE-2016-6612, CVE-2016-6613, CVE-2016-6614, CVE-2016-6615, CVE-2016-6616, CVE-2016-6617, CVE-2016-6618, CVE-2016-6619, CVE-2016-6620, CVE-2016-6621, CVE-2016-6622, CVE-2016-6623, CVE-2016-6624, CVE-2016-6625, CVE-2016-6626, CVE-2016-6627, CVE-2016-6628, CVE-2016-6629, CVE-2016-6630, CVE-2016-6631, CVE-2016-6632, CVE-2016-6633




SuSE Linux 13.1noarchphpMyAdmin-4.4.15.8-63.1

185392 - Ubuntu Linux 16.04 USN-3070-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2016-1237, CVE-2016-5244, CVE-2016-5400, CVE-2016-5696, CVE-2016-5728, CVE-2016-5828, CVE-2016-5829, CVE-2016-6197

DescriptionThe scan detected that the host is missing the following update:USN-3070-1


https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-August/003541.html

Ubuntu 16.04

linux-image-4.4.0-36-generic_4.4.0-36.55linux-image-4.4.0-36-generic-lpae_4.4.0-36.55linux-image-4.4.0-36-powerpc-e500mc_4.4.0-36.55linux-image-4.4.0-36-powerpc-smp_4.4.0-36.55linux-image-4.4.0-36-powerpc64-emb_4.4.0-36.55linux-image-4.4.0-36-powerpc64-smp_4.4.0-36.55linux-image-4.4.0-36-lowlatency_4.4.0-36.55

185393 - Ubuntu Linux 12.04, 14.04, 16.04 USN-3068-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-2059, CVE-2015-8948, CVE-2016-6261, CVE-2016-6262, CVE-2016-6263




Ubuntu 12.04

libidn11_1.23-2ubuntu0.1

Ubuntu 16.04


Ubuntu 14.04



Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2016-5244, CVE-2016-5696, CVE-2016-5829




Ubuntu 12.04

linux-image-3.2.0-109-omap_3.2.0-109.150linux-image-3.2.0-109-powerpc-smp_3.2.0-109.150linux-image-3.2.0-109-virtual_3.2.0-109.150linux-image-3.2.0-109-powerpc64-smp_3.2.0-109.150linux-image-3.2.0-109-generic_3.2.0-109.150linux-image-3.2.0-109-highbank_3.2.0-109.150linux-image-3.2.0-109-generic-pae_3.2.0-109.150


Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2016-5244, CVE-2016-5696, CVE-2016-5829

Description

The scan detected that the host is missing the following update:USN-3072-2



Ubuntu 12.04

linux-image-3.2.0-1487-omap4_3.2.0-1487.114

185396 - Ubuntu Linux 14.04, 16.04 USN-3067-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-8947, CVE-2016-2052




Ubuntu 14.04

libharfbuzz0b_0.9.27-1ubuntu1.1

Ubuntu 16.04

libharfbuzz0b_1.0.1-1ubuntu0.1






Ubuntu 16.04

linux-image-4.4.0-1024-snapdragon_4.4.0-1024.27






Ubuntu 12.04

linux-image-3.13.0-95-generic_3.13.0-95.142~precise1linux-image-3.13.0-95-generic-lpae_3.13.0-95.142~precise1






Ubuntu 16.04

linux-image-4.4.0-1021-raspi2_4.4.0-1021.27






Ubuntu 14.04

linux-image-3.13.0-95-powerpc-e500mc_3.13.0-95.142linux-image-3.13.0-95-generic-lpae_3.13.0-95.142linux-image-3.13.0-95-powerpc-smp_3.13.0-95.142linux-image-3.13.0-95-generic_3.13.0-95.142linux-image-3.13.0-95-lowlatency_3.13.0-95.142linux-image-3.13.0-95-powerpc64-smp_3.13.0-95.142linux-image-3.13.0-95-powerpc64-emb_3.13.0-95.142linux-image-3.13.0-95-powerpc-e500_3.13.0-95.142






Ubuntu 14.04

linux-image-4.4.0-36-powerpc-e500mc_4.4.0-36.55~14.04.1linux-image-4.4.0-36-generic_4.4.0-36.55~14.04.1linux-image-4.4.0-36-powerpc64-smp_4.4.0-36.55~14.04.1linux-image-4.4.0-36-powerpc64-emb_4.4.0-36.55~14.04.1linux-image-4.4.0-36-generic-lpae_4.4.0-36.55~14.04.1linux-image-4.4.0-36-powerpc-smp_4.4.0-36.55~14.04.1linux-image-4.4.0-36-lowlatency_4.4.0-36.55~14.04.1

191027 - Fedora Linux 24 FEDORA-2016-4728dfe3ec Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2016-4590, CVE-2016-4591, CVE-2016-4622, CVE-2016-4624

DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-4728dfe3ec

Observation

Updates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2016/8/?count=200&page=2

Fedora Core 24

webkitgtk4-2.12.4-1.fc24

20455 - (HPSBHF03441) HPE iLO Multiple Vulnerabilities

Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-2016-4375

DescriptionMultiple vulnerabilities are present in some versions of HP Integrated Lights-Out.

ObservationHP Integrated Lights-Out is a Hewlett-Packard proprietary embedded server management technology.

Multiple vulnerabilities are present in some versions of HP Integrated Lights-Out. The flaws lie in an unknown component. Successful exploitation could allow an attacker to execute remote code.

20463 - (VMSA-2016-0013) VMware vRealize Automation Multiple Vulnerabilities

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2016-5335, CVE-2016-5336

DescriptionMultiple vulnerabilities are present in some versions of VMware vRealize Automation.

ObservationVMware vRealize Automation Identity Appliance integrates with VMware vCloud Suite and automates IT tasks.

Multiple vulnerabilities are present in some versions of VMware vRealize Automation. The flaws lie in unknown components of the product. Successful exploitation could allow an attacker to escalate its privileges or compromise a low-privileged account.

20468 - (SB10166) McAfee ePolicy Orchestrator Multiple Java Vulnerabilities

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2016-3485, CVE-2016-3500, CVE-2016-3508

DescriptionMultiple vulnerabilities are present in some versions of McAfee ePolicy Orchestrator.

ObservationMcAfee ePolicy Orchestrator (ePO) is widely acknowledged as the most advanced and scalable security management software.

Multiple vulnerabilities are present in some versions of McAfee ePolicy Orchestrator. The flaws lie in the Java component. Successful

exploitation could allow an attacker to affect integrity and availability.


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-9512




SuSE SLES 12 SP1x86_64rsync-debuginfo-3.1.0-9.3rsync-3.1.0-9.3rsync-debugsource-3.1.0-9.3

SuSE SLED 12 SP1x86_64rsync-debuginfo-3.1.0-9.3rsync-3.1.0-9.3rsync-debugsource-3.1.0-9.3


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-4051, CVE-2016-4554




SuSE SLES 11 SP4i586squid-2.7.STABLE5-2.12.29.1

x86_64squid-2.7.STABLE5-2.12.29.1

20461 - (SB10167) McAfee Web Gateway Linux Kernel Challenge ACK Counter Information Disclosure Vulnerability

Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2016-5696

DescriptionAn information disclosure vulnerability is present in some versions of McAfee Web Gateway.

ObservationMcAfee Web Gateway is a web based security control system designed to prevent web application attacks.

An information disclosure vulnerability is present in some versions of McAfee Web Gateway. The flaw lies in Linux kernel. Successful exploitation could allow an attacker to hijack TCP connection and obtain communication traffic.

20462 - Splunk Enterprise Open Redirect Vulnerability

Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-MAP-NOMATCH

DescriptionAn open redirect vulnerability is present in some versions of Splunk.

ObservationSplunk Enterprise is an operational intelligence solution.

An open redirect vulnerability is present in some versions of Splunk. The flaw lies in Splunk Web. Successful exploitation could allow an attacker to redirect a user to an attacker controlled website.

20465 - SSL/TLS Protocol Triple-DES Information Disclosure Vulnerability

Category: General Vulnerability Assessment -> NonIntrusive -> Miscellaneous Risk Level: Medium CVE: CVE-2016-2183

DescriptionAn information disclosure vulnerability is present in some versions of TLS/SSL implementations.

ObservationTLS/SSL is a secure communications protocol.

An information disclosure vulnerability is present in some versions of TLS/SSL implementations. The flaw lies in 3DES cipher suites. Successful exploitation could allow an attacker to recover encrypted plain texts.


Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-4036, CVE-2016-4049




Debian 8.0allquagga_0.99.23.1-1+deb8u2

160140 - CentOS 6 CESA-2016-1664 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-5696

DescriptionThe scan detected that the host is missing the following update:CESA-2016-1664


http://lists.centos.org/pipermail/centos-announce/2016-August/022053.html

CentOS 6i686python-perf-2.6.32-642.4.2.el6kernel-debug-2.6.32-642.4.2.el6perf-2.6.32-642.4.2.el6kernel-headers-2.6.32-642.4.2.el6kernel-debug-devel-2.6.32-642.4.2.el6kernel-2.6.32-642.4.2.el6kernel-devel-2.6.32-642.4.2.el6

noarchkernel-abi-whitelists-2.6.32-642.4.2.el6kernel-doc-2.6.32-642.4.2.el6kernel-firmware-2.6.32-642.4.2.el6

x86_64python-perf-2.6.32-642.4.2.el6kernel-debug-2.6.32-642.4.2.el6perf-2.6.32-642.4.2.el6kernel-headers-2.6.32-642.4.2.el6kernel-debug-devel-2.6.32-642.4.2.el6kernel-2.6.32-642.4.2.el6kernel-devel-2.6.32-642.4.2.el6

182103 - FreeBSD kdelibs Directory Traversal Vulnerability (4472ab39-6c66-11e6-9ca5-50e549ebab6c)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-6232

DescriptionThe scan detected that the host is missing the following update:kdelibs -- directory traversal vulnerability (4472ab39-6c66-11e6-9ca5-50e549ebab6c)


http://www.vuxml.org/freebsd/4472ab39-6c66-11e6-9ca5-50e549ebab6c.html

Affected packages: kdelibs < 4.14.10_7


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2013-7073, CVE-2014-9508, CVE-2015-2047




SuSE Linux 13.2noarchtypo3-cms-4_5-4.5.40-2.3.1






SuSE SLES 12 SP1x86_64fontconfig-debuginfo-2.11.0-6.1fontconfig-32bit-2.11.0-6.1fontconfig-debugsource-2.11.0-6.1fontconfig-2.11.0-6.1

fontconfig-debuginfo-32bit-2.11.0-6.1

SuSE SLED 12 SP1x86_64fontconfig-debuginfo-2.11.0-6.1fontconfig-32bit-2.11.0-6.1fontconfig-debugsource-2.11.0-6.1fontconfig-2.11.0-6.1fontconfig-debuginfo-32bit-2.11.0-6.1






SuSE SLES 11 SP4i586fontconfig-2.6.0-10.19.1

x86_64fontconfig-2.6.0-10.19.1fontconfig-32bit-2.6.0-10.19.1

88801 - Slackware Linux 14.1 SSA:2016-242-01 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5389

DescriptionThe scan detected that the host is missing the following update:SSA:2016-242-01


http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.650340

Slackware 14.1i686kernel-generic-smp-3.10.103_smp-i686-1kernel-modules-smp-3.10.103_smp-i686-1kernel-huge-smp-3.10.103_smp-i686-1

noarchkernel-source-3.10.103-noarch-1kernel-source-3.10.103_smp-noarch-1

x86_64kernel-generic-3.10.103-x86_64-1kernel-huge-3.10.103-x86_64-1kernel-modules-3.10.103-x86_64-1


Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6354




Debian 8.0allflex_2.5.39-8+deb8u1


Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6265, CVE-2016-6525




Debian 8.0allmupdf_1.5-1+deb8u1


Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6316




Debian 8.0allrails_2:4.1.8-1+deb8u4

182102 - FreeBSD mailman CSRF Protection Enhancements (b11ab01b-6e19-11e6-ab24-080027ef73ec)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6893

DescriptionThe scan detected that the host is missing the following update:mailman -- CSRF protection enhancements (b11ab01b-6e19-11e6-ab24-080027ef73ec)


http://www.vuxml.org/freebsd/b11ab01b-6e19-11e6-ab24-080027ef73ec.html

Affected packages: mailman < 2.1.23

185401 - Ubuntu Linux 12.04, 14.04, 16.04 USN-3069-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6855




Ubuntu 12.04

eog_3.4.2-0ubuntu1.3

Ubuntu 16.04


Ubuntu 14.04


191021 - Fedora Linux 24 FEDORA-2016-b4919ffe56 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6317

DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-b4919ffe56



Fedora Core 24

rubygem-activerecord-4.2.5.2-2.fc24rubygem-actionpack-4.2.5.2-3.fc24

191022 - Fedora Linux 25 FEDORA-2016-2a64a1a329 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH

DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-2a64a1a329



Fedora Core 25

ganglia-3.7.2-10.fc25

191023 - Fedora Linux 25 FEDORA-2016-5760339e76 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-6316, CVE-2016-6317

Description

The scan detected that the host is missing the following update:FEDORA-2016-5760339e76



Fedora Core 25

rubygem-activesupport-5.0.0.1-1.fc25rubygem-rails-5.0.0.1-1.fc25rubygem-activerecord-5.0.0.1-1.fc25rubygem-railties-5.0.0.1-2.fc25rubygem-actionmailer-5.0.0.1-1.fc25rubygem-activejob-5.0.0.1-1.fc25rubygem-actionpack-5.0.0.1-2.fc25rubygem-activemodel-5.0.0.1-1.fc25rubygem-actioncable-5.0.0.1-1.fc25rubygem-actionview-5.0.0.1-2.fc25

191024 - Fedora Linux 23 FEDORA-2016-ab8bf51cf3 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-ab8bf51cf3



Fedora Core 23

rubygem-actionview-4.2.3-6.fc23

191025 - Fedora Linux 24 FEDORA-2016-5abbc35b6a Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-5abbc35b6a



Fedora Core 24

eog-3.20.4-1.fc24

191026 - Fedora Linux 24 FEDORA-2016-92a3655b70 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-92a3655b70



Fedora Core 24

freeipa-4.3.2-2.fc24

191028 - Fedora Linux 25 FEDORA-2016-417ceefc85 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-417ceefc85



Fedora Core 25

uClibc-0.9.33.2-11.fc25

191029 - Fedora Linux 25 FEDORA-2016-57cba655d5 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:

FEDORA-2016-57cba655d5



Fedora Core 25

glibc-2.24-3.fc25

191030 - Fedora Linux 25 FEDORA-2016-663608c5bb Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-663608c5bb



Fedora Core 25

python-2.7.12-3.fc25

191031 - Fedora Linux 24 FEDORA-2016-53cc023dd6 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-53cc023dd6



Fedora Core 24

uClibc-0.9.33.2-10.fc24

191032 - Fedora Linux 23 FEDORA-2016-f734302c3f Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes

Risk Level: Low CVE: CVE-MAP-NOMATCH

DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-f734302c3f



Fedora Core 23

borgbackup-1.0.7-1.fc23

191033 - Fedora Linux 24 FEDORA-2016-7810e24465 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-7810e24465



Fedora Core 24

openvpn-2.3.12-1.fc24

191034 - Fedora Linux 25 FEDORA-2016-81d6e6a9ac Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-81d6e6a9ac



Fedora Core 25

openvpn-2.3.12-1.fc25

191035 - Fedora Linux 23 FEDORA-2016-0f8779baa6 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-0f8779baa6



Fedora Core 23

eog-3.18.3-1.fc23

191036 - Fedora Linux 25 FEDORA-2016-2bb049dda6 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-2bb049dda6



Fedora Core 25

filezilla-3.21.0-1.fc25

191037 - Fedora Linux 25 FEDORA-2016-f56c765d67 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-f56c765d67

Observation



Fedora Core 25


191038 - Fedora Linux 25 FEDORA-2016-bcf95f3847 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-bcf95f3847



Fedora Core 25

java-1.8.0-openjdk-aarch32-1.8.0.102-1.160812.fc25

191039 - Fedora Linux 25 FEDORA-2016-4820585b11 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-4820585b11



Fedora Core 25


191040 - Fedora Linux 25 FEDORA-2016-b66a0aef08 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-b66a0aef08



Fedora Core 25

libgcrypt-1.6.6-1.fc25

191041 - Fedora Linux 24 FEDORA-2016-24c2453d6c Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-24c2453d6c



Fedora Core 24

mingw-lcms2-2.8-2.fc24

191042 - Fedora Linux 25 FEDORA-2016-bc8647110a Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-bc8647110a



Fedora Core 25

lcms2-2.8-2.fc25

191043 - Fedora Linux 23 FEDORA-2016-f58d7ecc8a Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-f58d7ecc8a



Fedora Core 23

rubygem-actionpack-4.2.3-6.fc23rubygem-activerecord-4.2.3-3.fc23

191044 - Fedora Linux 24 FEDORA-2016-0d9890f7b5 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-0d9890f7b5



Fedora Core 24

rubygem-actionview-4.2.5.2-3.fc24

191045 - Fedora Linux 24 FEDORA-2016-c07d18b2a5 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-c07d18b2a5



Fedora Core 24

java-1.8.0-openjdk-aarch32-1.8.0.102-1.160812.fc24

191046 - Fedora Linux 24 FEDORA-2016-9864953aa3 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-9864953aa3



Fedora Core 24

gnupg-1.4.21-1.fc24

191047 - Fedora Linux 25 FEDORA-2016-7f0fb9b38d Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-7f0fb9b38d



Fedora Core 25

knot-2.3.0-2.fc25

191048 - Fedora Linux 25 FEDORA-2016-aab0a156ab Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:

FEDORA-2016-aab0a156ab



Fedora Core 25

gnupg-1.4.21-1.fc25

191049 - Fedora Linux 25 FEDORA-2016-a2b4a9589e Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-a2b4a9589e



Fedora Core 25

canl-c-2.1.7-1.fc25

191050 - Fedora Linux 24 FEDORA-2016-1ebd9e116b Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-1ebd9e116b



Fedora Core 24

lcms2-2.8-2.fc24

191051 - Fedora Linux 23 FEDORA-2016-7898627d08 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes

Risk Level: Low CVE: CVE-2016-5404

DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-7898627d08



Fedora Core 23


191052 - Fedora Linux 25 FEDORA-2016-0f8e794de0 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-0f8e794de0



Fedora Core 25

mingw-lcms2-2.8-2.fc25

191053 - Fedora Linux 25 FEDORA-2016-765bb26915 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2016-5423, CVE-2016-5424

DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-765bb26915



Fedora Core 25

postgresql-9.5.4-1.fc25

191054 - Fedora Linux 24 FEDORA-2016-20014bf2bd Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-20014bf2bd



Fedora Core 24


191055 - Fedora Linux 25 FEDORA-2016-c843c68c77 Update Is Not Installed


DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-c843c68c77



Fedora Core 25

python3-3.5.1-15.fc25


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8872, CVE-2016-4804


Observation



SuSE SLES 11 SP4i586dosfstools-3.0.26-3.1

x86_64dosfstools-3.0.26-3.1


Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8872, CVE-2016-4804




SuSE SLES 12 SP1x86_64dosfstools-debugsource-3.0.26-6.5dosfstools-debuginfo-3.0.26-6.5dosfstools-3.0.26-6.5

SuSE SLED 12 SP1x86_64dosfstools-debugsource-3.0.26-6.5dosfstools-debuginfo-3.0.26-6.5dosfstools-3.0.26-6.5

ENHANCED CHECKS

The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check.

20326 - (APSB16-26) Vulnerabilities In Adobe Reader And Acrobat

Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4209, CVE-2016-4210, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4215, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4255, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, CVE-2016-4270

Update Details

CVE is updated

160138 - CentOS 7 CESA-2016-1633 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2016-5696

Update DetailsCVE is updated

160137 - CentOS 6, 7 CESA-2016-1626 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0772, CVE-2016-1000110, CVE-2016-5699

Update DetailsCVE is updated

70086 - oracle.fasl3.inc

Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH

Update DetailsFASLScript is updated

70087 - hp.fasl3.inc

Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational CVE: CVE-MAP-NOMATCH

Update DetailsFASLScript is updated

HOW TO UPDATE

FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.

FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.

MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.

MCAFEE TECHNICAL SUPPORT

ServicePortal: https://mysupport.mcafee.comMulti-National Phone Support available here:

http://www.mcafee.com/us/about/contact/index.htmlNon-US customers - Select your country from the list of Worldwide Offices.

This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.

Copyright 2016 McAfee, Inc.McAfee is a registered trademark of McAfee, Inc. and/or its affiliates

https://mysupport.mcafee.com/

http://www.mcafee.com/us/about/contact/index.html

mcafee foundstone fsl update 2016-aug-31 · pdf file2016-aug-31 fsl version 7.5.843 mcafee...

Documents