MCAFEE FOUNDSTONE FSL UPDATE

Transcription

1 MCAFEE FOUNDSTONE FSL UPDATE 2014-JUL-16 To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS S Software CoDeSys Gateway Server Denial of Service Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) A vulnerability in some versions of 3S Software CoDeSys Gateway Server could lead to a denial of service. A vulnerability in some versions of 3S Software CoDeSys Gateway Server could lead to a denial of service. The flaw is due to an unspecified defect. Successful exploitation by a remote attacker could result in a denial of service condition IBM AIX Multiple Java Vulnerabilities (April 2014) Category: SSH Module -> NonIntrusive -> AIX Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE Multiple vulnerabilities are present in some versions of IBM Java. IBM Java is used to run java application. Multiple vulnerabilities are present in some versions of IBM Java. The flaws lie in multiple components. Successful exploitation could allow an attacker to disclose sensitive information, manipulate certain data, cause a denial of service or compromise a vulnerable system (SOL15319) F5 BIG-IP Linux kernel TTY Vulnerability Category: SSH Module -> NonIntrusive -> F5 CVE: CVE A denial of service vulnerability is present in some versions of F5 BIG-IP systems.

2 F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System. A denial of service vulnerability is present in some versions of F5 BIG-IP systems. The flaw lies in drivers/tty/n_tty.c in the Linux kernel. Successful exploitation by a remote attacker could cause a denial of service condition or a privilege escalation Cisco IOS OpenSSL Multiple Vulnerabilities (CSCup22590) Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes CVE: CVE , CVE , CVE Multiple vulnerabilities are present in some versions of Cisco IOS. Cisco IOS is an operating system used in Cisco devices. Multiple vulnerabilities are present in some versions of Cisco IOS. The flaw lies in OpenSSL. Successful exploitation could allow an attacker to cause denial of service, obtain sensitive information and execute arbitrary code (VMSA ) VMware vcenter Operations Manager (vcops) Two Vulnerabilities Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE , CVE DISA IAVA: 2014-B-0090 Multiple vulnerabilities are present in some versions of VMware vcenter Operations Manager. VMware vcenter Operations Manager is a scalable and extensible platform to manage VMware vsphere. Multiple vulnerabilities are present in some versions of VMware vcenter Operations Manager. The flaws lie in the Apache Tomcat component. Successful exploitation could allow an attacker to execute remote code or cause a denial of service condition (SOL15317) F5 BIG-IP Linux Kernel Denial of Service Category: SSH Module -> NonIntrusive -> F5 CVE: CVE A denial of service vulnerability is present in some versions of F5 BIG-IP systems. F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System. A denial of service vulnerability is present in some versions of F5 BIG-IP systems. The flaw lies in net/sctp/sm_statefuns.c in the Linux kernel. Successful exploitation by a remote attacker could cause a denial of service condition.

3 S Software CoDeSys Webserver Stack Buffer Overflow Remote Code Execution Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) A vulnerability in some versions of 3S Software CoDeSys Webserver could lead to remote code execution. A vulnerability in some versions of 3S Software CoDeSys Webserver could lead to remote code execution. The flaw is due to an unspecified defect. Successful exploitation by a remote attacker could result in the execution of arbitrary code or a denial of service (SOL15304) F5 BIG-IP Linux Kernel tcp_rcv_state_process Vulnerability Category: SSH Module -> NonIntrusive -> F5 CVE: CVE A denial of service vulnerability is present in some versions of F5 BIG-IP products. F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System. A denial of service vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in tcp_rcv_state_process function of kernel. Successful exploitation could allow an attacker to cause denial of service (SOL15301) F5 BIG-IP Linux Kernel TCP ISN Vulnerability Category: SSH Module -> NonIntrusive -> F5 CVE: CVE A denial of service vulnerability is present in some versions of F5 BIG-IP products. F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System. A denial of service vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in Linux kernel. Successful exploitation could allow an attacker to cause denial of service or hijack network sessions Oracle Java SE Critical Patch Update July 2014 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE , CVE , CVE , CVE , CVE , CVE , CVE ,

4 CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE Multiple vulnerabilities are present in some versions of Oracle Java SE. Oracle Java SE is used to run Java applications. Multiple vulnerabilities are present in some versions of Oracle Java SE. The flaws lie in multiple components. Successful exploitation could allow an attacker to execute arbitrary code Slackware Linux 14.0, 14.1 SSA: Update Is Not Installed Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: SSA: Slackware 14.1 php Slackware 14.0 php Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE , CVE , CVE The scan detected that the host is missing the following update: MDVSA Mandriva Linux mbs1 lib64xfont1-devel

5 lib64xfont1-static-devel Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: MDVSA Mandriva Linux mbs1 php-cli php-sybase_ct php-dba php-mcrypt php-json php-imap php-wddx php-mysqlnd php-sysvsem php-sockets php-phar php-sqlite php-sysvshm php-xmlreader php-mysql php-gd php-xmlwriter php-session php-opcache php-tokenizer php-ftp php-xsl php-zip php-xml php-ldap php-recode php-hash php-iconv php-odbc php-pgsql php-fileinfo php-filter php-timezonedb php-xmlrpc php-apc php-apc-admin php-mbstring php-exif

6 php-enchant php-tidy php-shmop php-mysqli php-gmp php-pdo php-readline php-bcmath php-bz php-zlib lib64php5_common php-sysvmsg php-gettext php-pdo_mysql php-intl php-cgi php-soap php-curl php-posix php-pdo_sqlite php-ini php-pcntl php-dom php-calendar php-pdo_dblib php-devel php-fpm php-doc php-openssl php-pdo_odbc php-mssql php-snmp php-pdo_pgsql php-ctype Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: MDVSA Mandriva Linux mbs1 lib64avcodec lib64postproc lib64avutil lib64ffmpeg-devel lib64avformat lib64swscaler

7 lib64ffmpeg-static-devel lib64avfilter lib64swresample Red Hat Enterprise Linux RHSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes CVE: CVE , CVE , CVE The scan detected that the host is missing the following update: RHSA RHEL5D flash-plugin el5 i386 flash-plugin el5 RHEL5S flash-plugin el5 i386 flash-plugin el5 RHEL6D flash-plugin el6 i386 flash-plugin el6 RHEL6S flash-plugin el6 i386 flash-plugin el6 RHEL6WS flash-plugin el6 i386 flash-plugin el Red Hat Enterprise Linux RHSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes

8 CVE: CVE The scan detected that the host is missing the following update: RHSA RHEL6S noarch ror40-rubygem-activerecord el6 ror40-rubygem-activerecord-doc el6 RHEL6WS noarch ror40-rubygem-activerecord el6 ror40-rubygem-activerecord-doc el Red Hat Enterprise Linux RHSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: RHSA RHEL6S noarch ruby193-rubygem-activerecord el6 ruby193-rubygem-activerecord-doc el6 RHEL6WS noarch ruby193-rubygem-activerecord el6 ruby193-rubygem-activerecord-doc el Gentoo Linux GLSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes CVE: CVE , CVE , CVE

9 The scan detected that the host is missing the following update: GLSA Affected packages: www-plugins/adobe-flash < Ubuntu Linux 10.04, 12.04, 13.10, USN Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: USN Ubuntu libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.3 php5-cli_5.5.9+dfsg-1ubuntu4.3 php5-fpm_5.5.9+dfsg-1ubuntu4.3 php5-cgi_5.5.9+dfsg-1ubuntu4.3 Ubuntu php5-cli_ ubuntu3.13 php5-cgi_ ubuntu3.13 php5-fpm_ ubuntu3.13 libapache2-mod-php5_ ubuntu3.13 Ubuntu libapache2-mod-php5_5.5.3+dfsg-1ubuntu2.6 php5-cli_5.5.3+dfsg-1ubuntu2.6 php5-fpm_5.5.3+dfsg-1ubuntu2.6 php5-cgi_5.5.3+dfsg-1ubuntu2.6 Ubuntu php5-cli_ ubuntu4.26 php5-cgi_ ubuntu4.26 libapache2-mod-php5_ ubuntu Fedora Linux 19 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes

10 CVE: CVE The scan detected that the host is missing the following update: FEDORA Fedora Core 19 docker-io fc Fedora Linux 20 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes CVE: CVE , CVE , CVE The scan detected that the host is missing the following update: FEDORA Fedora Core 20 libxfont fc Fedora Linux 20 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: FEDORA Fedora Core 20 docker-io fc20

11 (VMSA ) VMware Update Manager Multiple Vulnerabilities Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE , CVE , CVE , CVE DISA IAVA: 2014-B-0091 Multiple vulnerabilities are present in some versions of VMware vsphere Update Manager. VMware vsphere Update Manager automates patch management process of manage VMware vsphere hosts. Multiple vulnerabilities are present in some versions of VMware vsphere Update Manager. The flaws lie in the OpenSSL component. Successful exploitation could allow an attacker to access to private information or cause a denial of service condition (HPSBMU03051) HP System Management Homepage OpenSSL Multiple Vulnerabilities Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE , CVE , CVE , CVE , CVE , CVE , CVE DISA IAVA: 2014-B-0085 Multiple vulnerabilities are present in some versions of HP System Management Homepage. HP System Management Homepage is a web-based interface that consolidates and simplifies the management of individual ProLiant and Integrity servers. Multiple vulnerabilities are present in some versions of HP System Management Homepage. The flaws lie in OpenSSL library. Successful exploitation could allow an attacker to disclose information, execute remote code or cause a denial of service condition (SOL15329) F5 BIG-IP SSL_MODE_RELEASE_BUFFERS Denial Of Service Vulnerability Category: SSH Module -> NonIntrusive -> F5 CVE: CVE A denial of service vulnerability is present in some versions of F5 BIG-IP systems. F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System. A denial of service vulnerability is present in some versions of F5 BIG-IP systems. The flaw lies within the embedded OpenSSL. Successful exploitation could allow an attacker to cause a denial of service condition Cisco Nexus Multiple Products OpenSSL SSL/TLS Handshake and ECDH Ciphersuites

12 Vulnerabilities Category: SSH Module -> NonIntrusive -> SSH Miscellaneous CVE: CVE , CVE Multiple vulnerabilities are present in some versions of Cisco NX-OS. Multiple vulnerabilities are present in some versions of Cisco NX-OS. The flaw lies in OpenSSL. Successful exploitation could allow an attacker to disclose certain sensitive information and denial of service condition D-Link DWC-1000 "thispage" Directory Traversal Vulnerability Category: Wireless Assessment -> NonIntrusive -> Wireless CVE: CVE A directory traversal vulnerability is present in some versions of D-Link DWC-1000 firmware. D-Link DWC-1000 is a wireless router. A directory traversal vulnerability is present in some versions of D-Link DWC-1000 firmware. The flaw lies in platform.cgi. Successful exploitation could allow an attacker to obtain sensitive information (HPSBMU03055) HP Smart Update Manager Multiple Vulnerabilities Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE , CVE , CVE , CVE , CVE , CVE Multiple vulnerabilities are present in some versions of HP Smart Update Manager. HP Smart Update Manager is a installing and updating manager for HP products. Multiple vulnerabilities are present in some versions of HP Smart Update Manager. The flaws lie in the OpenSSL function. Successful exploitation could allow an attacker to unauthorized access, disclose information, execute remote code or cause denial of service (SOL15278) F5 BIG-IP SSL Renegotiation Denial Of Service Vulnerability Category: SSH Module -> NonIntrusive -> F5 CVE: CVE

13 A denial of service vulnerability is present in some versions of F5 BIG-IP systems. F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System. A denial of service vulnerability is present in some versions of F5 BIG-IP systems. The flaw occurs when client-initiated renegotiation is not properly restricted within the SSL and TLS protocols. Successful exploitation could allow an attacker to cause a denial of service condition Debian Linux 7.0 DSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: DSA Debian 7.0 all phpmyadmin_4: deb7u CentOS 6 CESA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes CVE: CVE , CVE , CVE The scan detected that the host is missing the following update: CESA CentOS 6 noarch tomcat6-webapps el6_5 tomcat6-docs-webapp el6_5 tomcat6-el-2.1-api el6_5 tomcat6-servlet-2.5-api el6_5 tomcat el6_5 tomcat6-javadoc el6_5 tomcat6-lib el6_5 tomcat6-jsp-2.1-api el6_5

14 tomcat6-admin-webapps el6_ CentOS 7 CESA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes The scan detected that the host is missing the following update: CESA CentOS 7 samba-pidl el7_0 samba-devel el7_0 samba-vfs-glusterfs el7_0 samba-winbind-modules el7_0 samba-dc el7_0 samba-common el7_0 samba-python el7_0 libsmbclient-devel el7_0 libwbclient-devel el7_0 samba-test-devel el7_0 samba el7_0 samba-winbind el7_0 libsmbclient el7_0 samba-dc-libs el7_0 samba-test el7_0 samba-winbind-krb5-locator el7_0 libwbclient el7_0 samba-winbind-clients el7_0 samba-client el7_0 samba-libs el7_0 i686 libsmbclient-devel el7_0 libwbclient el7_0 samba-devel el7_0 samba-libs el7_0 samba-winbind-modules el7_0 libwbclient-devel el7_0 libsmbclient el7_ CentOS 6, 7 CESA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: CESA

15 CentOS 7 lzo el7_0.2 lzo-devel el7_0.2 lzo-minilzo el7_0.2 i686 lzo el7_0.2 lzo-devel el7_0.2 lzo-minilzo el7_0.2 CentOS 6 lzo el6_5.1 lzo-devel el6_5.1 lzo-minilzo el6_5.1 i686 lzo el6_5.1 lzo-devel el6_5.1 lzo-minilzo el6_ Oracle Enterprise Linux ELSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: ELSA OEL6 lzo el6_5.1 lzo-devel el6_5.1 lzo-minilzo el6_5.1 i386 lzo el6_5.1 lzo-devel el6_5.1 lzo-minilzo el6_ Oracle Enterprise Linux ELSA Update Is Not Installed

16 Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: ELSA OEL6 tomcat6-webapps el6_5 tomcat6-docs-webapp el6_5 tomcat6-el-2.1-api el6_5 tomcat6-servlet-2.5-api el6_5 tomcat el6_5 tomcat6-javadoc el6_5 tomcat6-lib el6_5 tomcat6-jsp-2.1-api el6_5 tomcat6-admin-webapps el6_5 i386 tomcat6-webapps el6_5 tomcat6-docs-webapp el6_5 tomcat6-el-2.1-api el6_5 tomcat6-servlet-2.5-api el6_5 tomcat el6_5 tomcat6-javadoc el6_5 tomcat6-lib el6_5 tomcat6-jsp-2.1-api el6_5 tomcat6-admin-webapps el6_ Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: MDVSA Mandriva Linux mbs1 lib64magic-devel python-magic

17 lib64magic lib64magic-static-devel Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: MDVSA Mandriva Linux mbs1 gnupg Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: MDVSA Mandriva Linux mbs1 iodine-server rc Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: MDVSA

18 Mandriva Linux mbs1 asterisk-devel asterisk-plugins-speex asterisk-plugins-mobile asterisk-plugins-cel asterisk-plugins-minivm asterisk-plugins-sqlite asterisk-plugins-pktccops asterisk-plugins-jabber asterisk-plugins-voic -plain asterisk-plugins-oss asterisk-plugins-curl asterisk-plugins-pgsql lib64asteriskssl asterisk-plugins-snmp asterisk-plugins-unistim asterisk-firmware asterisk-plugins-radius asterisk-plugins-saycountpl asterisk-plugins-festival asterisk-plugins-alsa asterisk-plugins-calendar asterisk-plugins-jack asterisk-plugins-skinny asterisk-plugins-voic -imap asterisk-plugins-mysql asterisk-plugins-mp asterisk-plugins-ooh asterisk-plugins-fax asterisk-plugins-voic asterisk-plugins-ldap asterisk-plugins-lua asterisk-gui asterisk-plugins-osp asterisk-addons asterisk-plugins-corosync asterisk-plugins-ices asterisk-plugins-dahdi asterisk-plugins-tds asterisk-plugins-portaudio Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: MDVSA

19 Mandriva Linux mbs1 lib64gd-devel lib64gd lib64gd-static-devel Oracle Solaris Update Is Not Installed (CVE ) CVE: CVE The scan detected that the host is missing the following update: SRU Oracle Solaris Update Is Not Installed (CVE ) CVE: CVE The scan detected that the host is missing the following update: SRU Oracle Solaris Update Is Not Installed (CVE ) CVE: CVE The scan detected that the host is missing the following update: SRU

20 Red Hat Enterprise Linux RHSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: RHSA RHEL6D noarch tomcat6-webapps el6_5 tomcat6-docs-webapp el6_5 tomcat6-el-2.1-api el6_5 tomcat6-servlet-2.5-api el6_5 tomcat el6_5 tomcat6-javadoc el6_5 tomcat6-lib el6_5 tomcat6-jsp-2.1-api el6_5 tomcat6-admin-webapps el6_5 RHEL6S noarch tomcat6-el-2.1-api el6_5 tomcat el6_5 tomcat6-servlet-2.5-api el6_5 tomcat6-jsp-2.1-api el6_5 tomcat6-lib el6_5 RHEL6WS noarch tomcat6-el-2.1-api el6_5 tomcat el6_5 tomcat6-servlet-2.5-api el6_5 tomcat6-jsp-2.1-api el6_5 tomcat6-lib el6_ Red Hat Enterprise Linux RHSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: RHSA

21 RHEL6D lzo el6_5.1 lzo-debuginfo el6_5.1 i386 lzo el6_5.1 lzo-debuginfo el6_5.1 RHEL6S lzo el6_5.1 lzo-debuginfo el6_5.1 i386 lzo el6_5.1 lzo-debuginfo el6_5.1 RHEL6WS lzo el6_5.1 lzo-debuginfo el6_5.1 i386 lzo el6_5.1 lzo-debuginfo el6_ SuSE SLES 11, 11 SP3, SLED 11, 11 SP3 gpg Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: gpg SuSE SLED 11 SP3 gpg gpg2-lang

22 i586 gpg gpg2-lang SuSE SLES 11 SP3 gpg gpg2-lang i586 gpg gpg2-lang SuSE SLED 11 gpg gpg2-lang i586 gpg gpg2-lang SuSE SLES 11 gpg gpg2-lang i586 gpg gpg2-lang SuSE SLES 10, 10 SP3 quagga-8893 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: quagga SuSE SLES 10 quagga-devel quagga i586

23 quagga-devel quagga SuSE SLES 10 SP3 quagga-debuginfo i586 quagga-debuginfo SuSE SLES 10, 10 SP4 quagga-8894 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: quagga SuSE SLES 10 quagga-devel quagga i586 quagga-devel quagga SuSE SLES 10 SP4 quagga-debuginfo i586 quagga-debuginfo SuSE SLES 11, 11 SP3, SLED 11, 11 SP3 kde4-kdm-9467 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: kde4-kdm-9467

24 SuSE SLED 11 SP3 kdm kdebase4-workspace kde4-kgreeter-plugins kwin kdebase4-workspace-ksysguardd noarch kdebase4-wallpapers i586 kdm kdebase4-workspace kde4-kgreeter-plugins kwin kdebase4-workspace-ksysguardd SuSE SLES 11 SP3 kdm kde4-kgreeter-plugins kwin kdebase4-workspace kdebase4-workspace-ksysguardd noarch kdebase4-wallpapers i586 kdm kde4-kgreeter-plugins kwin kdebase4-workspace kdebase4-workspace-ksysguardd SuSE SLED 11 kdm kdebase4-workspace kde4-kgreeter-plugins kwin kdebase4-workspace-ksysguardd noarch kdebase4-wallpapers

25 i586 kdm kdebase4-workspace kde4-kgreeter-plugins kwin kdebase4-workspace-ksysguardd SuSE SLES 11 kdm kdebase4-workspace kde4-kgreeter-plugins kwin kdebase4-workspace-ksysguardd noarch kdebase4-wallpapers i586 kdm kdebase4-workspace kde4-kgreeter-plugins kwin kdebase4-workspace-ksysguardd SuSE SLED 11 SP3 cabextract-9437 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: cabextract SuSE SLED 11 SP3 cabextract i586 cabextract Scientific Linux Security ERRATA Moderate: lzo on SL6.x i386/srpm/ ( ) Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes CVE: CVE The scan detected that the host is missing the following update: Security ERRATA Moderate: lzo on SL6.x i386/srpm/

26 ( ) SL6 lzo el6_5.1 lzo-devel el6_5.1 lzo-minilzo el6_5.1 lzo-debuginfo el6_5.1 i386 lzo el6_5.1 lzo-devel el6_5.1 lzo-minilzo el6_5.1 lzo-debuginfo el6_5.1 noarch lzo-debuginfo el6_ Scientific Linux Security ERRATA Moderate: tomcat6 on SL6.x i386/srpm/ ( ) Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes CVE: CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: Security ERRATA Moderate: tomcat6 on SL6.x i386/srpm/ ( ) SL6 tomcat6-webapps el6_5 tomcat6-el-2.1-api el6_5 tomcat6-docs-webapp el6_5 tomcat6-servlet-2.5-api el6_5 tomcat el6_5 tomcat6-javadoc el6_5 tomcat6-lib el6_5 tomcat6-jsp-2.1-api el6_5 tomcat6-admin-webapps el6_5 i386 tomcat6-webapps el6_5 tomcat6-el-2.1-api el6_5 tomcat6-docs-webapp el6_5 tomcat6-servlet-2.5-api el6_5

27 tomcat el6_5 tomcat6-javadoc el6_5 tomcat6-lib el6_5 tomcat6-jsp-2.1-api el6_5 tomcat6-admin-webapps el6_5 noarch tomcat6-webapps el6_5 tomcat6-docs-webapp el6_5 tomcat6-el-2.1-api el6_5 tomcat6-servlet-2.5-api el6_5 tomcat el6_5 tomcat6-javadoc el6_5 tomcat6-lib el6_5 tomcat6-jsp-2.1-api el6_5 tomcat6-admin-webapps el6_ FreeBSD postfixadmin SQL Injection Vulnerability (ff98087f-0a8f-11e4-b00b-5453ed2e2b49) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: postfixadmin -- SQL injection vulnerability (ff98087f-0a8f-11e4- b00b-5453ed2e2b49) Affected packages: postfixadmin < Ubuntu Linux 10.04, 12.04, 13.10, USN Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE , CVE , CVE , CVE , CVE , CVE , CVE The scan detected that the host is missing the following update: USN Ubuntu libmagic1_5.14-2ubuntu3.1 file_5.14-2ubuntu3.1

28 Ubuntu file_5.09-2ubuntu0.4 libmagic1_5.09-2ubuntu0.4 Ubuntu file_5.11-2ubuntu4.3 libmagic1_5.11-2ubuntu4.3 Ubuntu libmagic1_5.03-5ubuntu1.3 file_5.03-5ubuntu Fedora Linux 19 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: FEDORA Fedora Core 19 pnp4nagios fc Fedora Linux 20 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: FEDORA Fedora Core 20 openstack-nova fc20

29 Fedora Linux 20 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: FEDORA Fedora Core 20 kernel fc Fedora Linux 20 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: FEDORA Fedora Core 20 pnp4nagios fc (SOL15348) F5 BIG-IP OpenSSL DTLS Denial of Service Vulnerability Category: SSH Module -> NonIntrusive -> F5 CVE: CVE A denial of service vulnerability is present in some versions of F5 BIG-IP systems. F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System. A denial of service vulnerability is present in some versions of F5 BIG-IP systems. The flaw occurs when it receives an out-ofsequence DTLS handshake message. Successful exploitation could allow an attacker to cause a denial of service condition.

30 Oracle Solaris Update Is Not Installed The scan detected that the host is missing the following update: JavaSE 8: update 11 patch (equivalent to JDK 8u11), 64bit SOLARIS_10 SOLARIS_8 SOLARIS_9 SUNWj8man:1.8.0,REV= SUNWj8rt:1.8.0,REV= SUNWj8jmp:1.8.0,REV= SUNWj8cfg:1.8.0,REV= SUNWj8dmo:1.8.0,REV= SUNWj8dev:1.8.0,REV= Oracle Solaris Update Is Not Installed The scan detected that the host is missing the following update: JavaSE 8(x86): update 11 patch (equivalent to JDK 8u11), 64bit SOLARIS_10_x86 SOLARIS_8_x86 SOLARIS_9_x86 SUNWj8jmp:1.8.0,REV= SUNWj8dev:1.8.0,REV= SUNWj8dmo:1.8.0,REV= SUNWj8rt:1.8.0,REV= SUNWj8cfg:1.8.0,REV= SUNWj8man:1.8.0,REV= Top Weekly Malware Env - Trojan-urpxedtk (urpxedtk.exe)

31 Category: Windows Host Assessment -> Top Weekly Malware (CATEGORY REQUIRES CREDENTIALS) The scan detected that the host is infected by the malware: Env - Trojan-urpxedtk (urpxedtk.exe) This malware shows the following behavior: The files and directories below were created: %temp%\\urpxedtk.exe For more information on this malware, visit Debian Linux 7.0 DSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: DSA Debian 7.0 all libavfilter-dev_6: libavformat53_6: libavdevice53_6: libavcodec53_6: ffmpeg-doc_6: libavutil51_6: libavcodec-extra-53_6: libswscale2_6: libav-dbg_6: libav-tools_6: libavdevice-extra-53_6: libavcodec-dev_6: libavfilter2_6: ffmpeg_6: libavfilter-extra-2_6: libavformat-extra-53_6: libswscale-extra-2_6: libswscale-dev_6: libavformat-dev_6: libav-doc_6: libavutil-extra-51_6: libpostproc-extra-52_6: libpostproc-dev_6: libavutil-dev_6:

32 ffmpeg-dbg_6: libpostproc52_6: libav-extra-dbg_6: libavdevice-dev_6: Debian Linux 7.0 DSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: DSA Debian 7.0 all python-libxml2-dbg_2.8.0+dfsg1-7+wheezy1 libxml2-utils-dbg_2.8.0+dfsg1-7+wheezy1 libxml2-dbg_2.8.0+dfsg1-7+wheezy1 libxml2-doc_2.8.0+dfsg1-7+wheezy1 python-libxml2_2.8.0+dfsg1-7+wheezy1 libxml2_2.8.0+dfsg1-7+wheezy1 libxml2-dev_2.8.0+dfsg1-7+wheezy1 libxml2-utils_2.8.0+dfsg1-7+wheezy Debian Linux 7.0 DSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: DSA Debian 7.0 all libc0.1-i686_ deb7u3 libc6-pic_ deb7u3 libc0.1-dev-i386_ deb7u3 libc6-prof_ deb7u3 libnss-files-udeb_ deb7u3 glibc-doc_ deb7u3 libc6-dev-amd64_ deb7u3

33 nscd_ deb7u3 libc6-loongson2f_ deb7u3 libc6.1-udeb_ deb7u3 libc6-dbg_ deb7u3 libc6-dev-i386_ deb7u3 libc6.1_ deb7u3 libc6-dev-mips64_ deb7u3 libc0.1-i386_ deb7u3 libc6_ deb7u3 multiarch-support_ deb7u3 libc0.1-pic_ deb7u3 libc6-dev-mipsn32_ deb7u3 libc6.1-prof_ deb7u3 libc6-mipsn32_ deb7u3 libc6-i386_ deb7u3 libc6-s390x_ deb7u3 libc6-sparc64_ deb7u3 libc6-udeb_ deb7u3 libc6-ppc64_ deb7u3 libc6-dev-s390x_ deb7u3 libc6.1-dbg_ deb7u3 eglibc-source_ deb7u3 libc6.1-pic_ deb7u3 libc6-mips64_ deb7u3 libc6-i686_ deb7u3 libc0.1-dbg_ deb7u3 libc-bin_ deb7u3 libc6-dev-sparc64_ deb7u3 libc0.1_ deb7u3 libc0.1-prof_ deb7u3 libc6.1-dev_ deb7u3 libc6-dev-ppc64_ deb7u3 libc6-amd64_ deb7u3 libc6-dev-s390_ deb7u3 libc-dev-bin_ deb7u3 libc6-s390_ deb7u3 libnss-dns-udeb_ deb7u3 locales-all_ deb7u3 locales_ deb7u3 libc6-xen_ deb7u3 libc6-dev_ deb7u3 libc0.1-udeb_ deb7u3 libc0.1-dev_ deb7u CentOS 5, 6 CESA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: CESA

34 CentOS 5 samba3x-swat el5_10 samba3x-winbind-devel el5_10 samba3x-common el5_10 samba3x-client el5_10 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x-domainjoin-gui el5_10 samba3x el5_10 i386 samba3x-swat el5_10 samba3x-winbind-devel el5_10 samba3x-common el5_10 samba3x-client el5_10 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x-domainjoin-gui el5_10 samba3x el5_10 CentOS 6 samba-common el6_5 samba-swat el6_5 samba el6_5 samba-doc el6_5 samba-winbind-clients el6_5 samba-winbind el6_5 samba-winbind-krb5-locator el6_5 libsmbclient el6_5 samba-client el6_5 samba-winbind-devel el6_5 libsmbclient-devel el6_5 samba-domainjoin-gui el6_5 i686 samba-common el6_5 samba-swat el6_5 samba el6_5 samba-doc el6_5 samba-winbind-clients el6_5 samba-winbind el6_5 samba-winbind-krb5-locator el6_5 libsmbclient el6_5 samba-client el6_5 samba-winbind-devel el6_5 libsmbclient-devel el6_5 samba-domainjoin-gui el6_ Oracle Enterprise Linux ELSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes CVE: CVE , CVE

35 The scan detected that the host is missing the following update: ELSA OEL6 samba-common el6_5 samba-swat el6_5 samba el6_5 samba-doc el6_5 samba-winbind-clients el6_5 samba-winbind el6_5 samba-winbind-krb5-locator el6_5 libsmbclient el6_5 samba-client el6_5 samba-winbind-devel el6_5 libsmbclient-devel el6_5 samba-domainjoin-gui el6_5 i386 samba-common el6_5 samba-swat el6_5 samba el6_5 samba-doc el6_5 samba-winbind-clients el6_5 samba-winbind el6_5 samba-winbind-krb5-locator el6_5 libsmbclient el6_5 samba-client el6_5 samba-winbind-devel el6_5 libsmbclient-devel el6_5 samba-domainjoin-gui el6_5 OEL5 samba3x-swat el5_10 samba3x-winbind-devel el5_10 samba3x-common el5_10 samba3x-client el5_10 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x-domainjoin-gui el5_10 samba3x el5_10 i386 samba3x-swat el5_10 samba3x-winbind-devel el5_10 samba3x-common el5_10 samba3x-client el5_10 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x-domainjoin-gui el5_10 samba3x el5_10

36 Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE , CVE , CVE The scan detected that the host is missing the following update: MDVSA Mandriva Linux mbs1 samba-winbind lib64smbsharemodes samba-server lib64wbclient-devel samba-virusfilter-clamav samba-virusfilter-fsecure lib64smbclient0-devel lib64smbclient samba-common nss_wins samba-domainjoin-gui lib64smbclient0-static-devel lib64netapi-devel samba-swat samba-client lib64smbsharemodes-devel samba-doc lib64wbclient samba-virusfilter-sophos Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: MDVSA Mandriva Linux mbs1 python python-docs

37 lib64python-devel python-simplejson tkinter tkinter-apps Mandriva Linux MBS1 MDVSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: MDVSA Mandriva Linux mbs1 lib64lzo-devel Red Hat Enterprise Linux RHSA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes CVE: CVE , CVE The scan detected that the host is missing the following update: RHSA RHEL5D samba3x-swat el5_10 samba3x-common el5_10 samba3x-debuginfo el5_10 samba3x-client el5_10 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x-domainjoin-gui el5_10 samba3x el5_10 i386 samba3x-swat el5_10 samba3x-common el5_10 samba3x-debuginfo el5_10 samba3x-client el5_10

38 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x-domainjoin-gui el5_10 samba3x el5_10 RHEL5S samba3x-swat el5_10 samba3x-winbind-devel el5_10 samba3x-common el5_10 samba3x-debuginfo el5_10 samba3x-client el5_10 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x-domainjoin-gui el5_10 samba3x el5_10 i386 samba3x-swat el5_10 samba3x-winbind-devel el5_10 samba3x-common el5_10 samba3x-debuginfo el5_10 samba3x-client el5_10 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x-domainjoin-gui el5_10 samba3x el5_10 RHEL6D samba-debuginfo el6_5 samba-winbind el6_5 libsmbclient el6_5 samba-common el6_5 samba-winbind-clients el6_5 samba-client el6_5 i386 samba-debuginfo el6_5 samba-winbind el6_5 libsmbclient el6_5 samba-common el6_5 samba-winbind-clients el6_5 samba-client el6_5 RHEL6S samba el6_5 samba-debuginfo el6_5 samba-winbind el6_5 libsmbclient el6_5 samba-common el6_5 samba-winbind-clients el6_5 samba-client el6_5 i386 samba el6_5 samba-debuginfo el6_5 samba-winbind el6_5 libsmbclient el6_5

39 samba-common el6_5 samba-winbind-clients el6_5 samba-client el6_5 RHEL6WS samba el6_5 samba-debuginfo el6_5 samba-winbind el6_5 libsmbclient el6_5 samba-common el6_5 samba-winbind-clients el6_5 samba-client el6_5 i386 samba el6_5 samba-debuginfo el6_5 samba-winbind el6_5 libsmbclient el6_5 samba-common el6_5 samba-winbind-clients el6_5 samba-client el6_ SuSE SLES 11, 11 SP3, SLED 11, 11 SP3 puppet-9472 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE , CVE , CVE The scan detected that the host is missing the following update: puppet SuSE SLED 11 SP3 puppet i586 puppet SuSE SLES 11 SP3 puppet-server puppet

40 i586 puppet-server puppet SuSE SLED 11 puppet-server puppet i586 puppet-server puppet SuSE SLES 11 puppet-server puppet i586 puppet-server puppet SuSE Linux 12.3, 13.1 opensuse-su-2014: Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE The scan detected that the host is missing the following update: opensuse-su-2014: SuSE Linux 13.1 libpython3_3m1_0-debuginfo-32bit python-doc python3-base-32bit python-doc-pdf python3-doc python3-doc-pdf python3-32bit libpython3_3m1_0-32bit python3-base-debuginfo-32bit python3-debuginfo-32bit python-base-debuginfo-32bit libpython2_7-1_0-debuginfo-32bit python-base-32bit libpython2_7-1_0-32bit python-debuginfo-32bit python-32bit i586 python3-debugsource

41 python3-base python3-curses-debuginfo python-base-debuginfo python3-debuginfo python python-debugsource python3-base-debuginfo python-base libpython2_7-1_0-debuginfo python3-devel python-xml-debuginfo libpython3_3m1_0-debuginfo python-curses python python-curses-debuginfo python3-testsuite libpython3_3m1_ python-gdbm python-tk python-devel python3-tk python3-base-debugsource python-debuginfo python3-curses libpython2_7-1_ python3-tools python3-testsuite-debuginfo python3-tk-debuginfo python-gdbm-debuginfo python-base-debugsource python3-dbm python-idle python3-devel-debuginfo python-demo python3-dbm-debuginfo python-tk-debuginfo python3-idle python-xml SuSE Linux 12.3 python-32bit python3-32bit python-debuginfo-32bit python-doc libpython3_3m1_0-32bit python3-base-32bit python-base-debuginfo-32bit libpython3_3m1_0-debuginfo-32bit libpython2_7-1_0-debuginfo-32bit libpython2_7-1_0-32bit python3-debuginfo-32bit python-doc-pdf python3-base-debuginfo-32bit python3-doc-pdf python-base-32bit python3-doc i586 libpython2_7-1_

42 python3-tools python-curses-debuginfo python3-base-debugsource python-debugsource python3-tk python-gdbm-debuginfo python3-curses-debuginfo python3-testsuite python-idle python-curses libpython3_3m1_ python python3-base libpython3_3m1_0-debuginfo python python3-debugsource python3-dbm python-base python-base-debuginfo python-tk-debuginfo python-xml libpython2_7-1_0-debuginfo python3-base-debuginfo python-tk python3-curses python-devel python3-devel-debuginfo python3-debuginfo python-gdbm python3-testsuite-debuginfo python-xml-debuginfo python-base-debugsource python-demo python3-idle python3-dbm-debuginfo python3-devel python3-tk-debuginfo python-debuginfo Scientific Linux Security ERRATA Moderate: samba and samba3x on SL5.x, SL6.x i386/srpm/ ( ) Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes CVE: CVE , CVE The scan detected that the host is missing the following update: Security ERRATA Moderate: samba and samba3x on SL5.x, SL6.x i386/srpm/ ( ) SL6

43 samba-domainjoin-gui el6_5 samba-common el6_5 samba-swat el6_5 samba-doc el6_5 samba-winbind-clients el6_5 samba-winbind el6_5 samba-winbind-krb5-locator el6_5 libsmbclient el6_5 samba-debuginfo el6_5 samba-client el6_5 samba-winbind-devel el6_5 libsmbclient-devel el6_5 samba el6_5 i386 samba-domainjoin-gui el6_5 samba-common el6_5 samba-swat el6_5 samba-debuginfo el6_5 samba-doc el6_5 samba-winbind-clients el6_5 samba-winbind el6_5 samba-winbind-krb5-locator el6_5 libsmbclient el6_5 samba-client el6_5 samba-winbind-devel el6_5 libsmbclient-devel el6_5 samba el6_5 noarch samba-debuginfo el6_5 SL5 samba3x-domainjoin-gui el5_10 samba3x-winbind-devel el5_10 samba3x-common el5_10 samba3x-debuginfo el5_10 samba3x-swat el5_10 samba3x-client el5_10 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x el5_10 i386 samba3x-swat el5_10 samba3x-winbind-devel el5_10 samba3x-common el5_10 samba3x-debuginfo el5_10 samba3x-client el5_10 samba3x-doc el5_10 samba3x-winbind el5_10 samba3x-domainjoin-gui el5_10 samba3x el5_10 noarch samba3x-debuginfo el5_ Ubuntu Linux 12.04, USN Update Is Not Installed

44 Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes The scan detected that the host is missing the following update: USN Ubuntu libavformat53_ ubuntu libavcodec53_ ubuntu Ubuntu libavformat53_ ubuntu libavcodec53_ ubuntu Fedora Linux 19 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes CVE: CVE , CVE , CVE The scan detected that the host is missing the following update: FEDORA Fedora Core 19 ansible fc Fedora Linux 20 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes The scan detected that the host is missing the following update: FEDORA

45 Fedora Core 20 claws-mail fc20 claws-mail-plugins fc Fedora Linux 20 FEDORA Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes The scan detected that the host is missing the following update: FEDORA Fedora Core 20 ansible fc20 ENHANCED CHECKS The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check McAfee And Web Security Appliance Multiple Unspecified Vulnerabilities Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Recommendation is updated IBM Informix Multiple Vulnerabilities In Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Recommendation is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE

46 Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed

47 CVE: CVE , CVE Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated.

48 Oracle MySQL Multiple Vulnerabilities Prior To Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE , CVE DISA IAVA: 2014-A-0057 CVE is updated Oracle MySQL Multiple Vulnerabilities Prior To Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE , CVE , CVE , CVE , CVE DISA IAVA: 2014-A-0057 CVE is updated Microsoft Windows Two Denial of Service Vulnerabilities Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Recommendation is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE , CVE Name is updated. is updated. is updated. Recommendation is updated. CVE is updated. FASLScript is updated Oracle Solaris Update Is Not Installed

49 CVE: CVE , CVE , CVE Name is updated. is updated. is updated. Recommendation is updated. CVE is updated. FASLScript is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE CVE is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE CVE is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE CVE is updated Oracle Solaris Update Is Not Installed CVE: CVE , CVE CVE is updated.

50 Oracle Solaris Update Is Not Installed CVE: CVE , CVE , CVE , CVE , CVE DISA IAVA: 2014-A-0012,2013-A-0014 CVE is updated Oracle Solaris Update Is Not Installed Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed

51 Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed

52 Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed Name is updated. is updated. is updated. Recommendation is updated. FASLScript is updated Oracle Solaris Update Is Not Installed CVE: CVE CVE is updated Oracle Solaris Update Is Not Installed CVE: CVE CVE is updated Oracle Solaris Update Is Not Installed CVE: CVE CVE is updated.

53 f5.fasl3.inc Category: General Vulnerability Assessment -> NonIntrusive -> Invalid Category Risk Level: Informational FASLScript is updated. DELETED CHECKS Microsoft Windows Unspecified Flaw Kernel Local Privilege Escalation Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) CVE: CVE DISA IAVA: 2014-A Microsoft Internet Explorer Multiple Sandbox Bypass and Use-After-Free Vulnerabilities Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) CVE: CVE , CVE DISA IAVA: 2014-A Microsoft Internet Explorer WeakMap Integer Divide-by-Zero Denial of Service Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) HOW TO UPDATE FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing. FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox. MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on. MCAFEE TECHNICAL SUPPORT ServicePortal: Multi-National Phone Support available here: Non-US customers - Select your country from the list of Worldwide Offices.

54 This may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. Copyright 2012 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates