MCAFEE FOUNDSTONE FSL UPDATE



Similar documents
MCAFEE FOUNDSTONE FSL UPDATE

MCAFEE FOUNDSTONE FSL UPDATE

MCAFEE FOUNDSTONE FSL UPDATE

Web Application Report

============================================================= =============================================================

Running a Default Vulnerability Scan SAINTcorporation.com

McAfee Vulnerability Manager 7.0.2

Measurably reducing risk through collaboration, consensus & practical security management CIS Security Benchmarks 1

External Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION

VERSION 9.02 INSTALLATION GUIDE.

Sample Report. Security Test Plan. Prepared by Security Innovation

Patch Assessment Content Update Release Notes for CCS Version: Update

OnCommand Performance Manager 1.1

Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet

Payment Card Industry (PCI) Data Security Standard

DenyAll Detect. Technical documentation 07/27/2015

FINAL DoIT v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

Integrigy Corporate Overview

Complete Patch Management

Measurably reducing risk through collaboration, consensus & practical security management CIS Security Benchmarks 1

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

Security Vulnerabilities in Open Source Java Libraries. Patrycja Wegrzynowicz CTO, Yonita, Inc.

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

Web Application Vulnerability Testing with Nessus

How To Test A Control System With A Network Security Tool Like Nesus

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com

RSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

Thick Client Application Security

FREQUENTLY ASKED QUESTIONS

Running a Default Vulnerability Scan

Comodo Hacker Guardian

IBM Protocol Analysis Module

April 11, (Revision 2)

EAS-SEC Project: Securing Enterprise Business Applications

Access the GV-IP Camera through a broadband modem

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

HP Application Lifecycle Management

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Secrets of Vulnerability Scanning: Nessus, Nmap and More. Ron Bowes - Researcher, Tenable Network Security

Understanding Security Testing

1. Introduction. 2. Web Application. 3. Components. 4. Common Vulnerabilities. 5. Improving security in Web applications

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and More

VMware Player Release Notes

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security

Penetration Testing with Kali Linux

Adobe Systems Incorporated

Verax Service Desk Installation Guide for UNIX and Windows

How to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering

24x7 Scheduler Multi-platform Edition 5.2

Nessus scanning on Windows Domain

Secure Web Application Coding Team Introductory Meeting December 1, :00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda

Achieving PCI Compliance: How Red Hat Can Help. Akash Chandrashekar, RHCE. Red Hat Daniel Kinon, RHCE. Choice Hotels Intl.

Lotus Domino Security

MCAFEE FOUNDSTONE FSL UPDATE

McAfee Cloud Identity Manager

Release Notes for McAfee(R) VirusScan(R) Enterprise for Linux Version Copyright (C) 2014 McAfee, Inc. All Rights Reserved.

Product Documentation. Preliminary Evaluation of the OpenSSL Security Advisory (0.9.8 and 1.0.1)

3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management

Virtualization System Security

EXTENSIVE FEATURE DESCRIPTION SECUNIA CORPORATE SOFTWARE INSPECTOR. Non-intrusive, authenticated scanning for OT & IT environments. secunia.

Windows Remote Access

Attack and Penetration Testing 101

Last update: February 23, 2004

What s New in Centrify Server Suite 2013 Update 2

Nessus Agents. October 2015

Certified Ethical Hacker Exam Version Comparison. Version Comparison

McAfee Vulnerability Manager 7.5.1

Installation Guide. Help Desk Manager. Version v12.1.0

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and more. Security Review

Cyber Threats, Trends, and Security Configurations. June 2, Shevaun Culmer-Reid, Program Manager

Connection Broker Managing User Connections to Workstations, Blades, VDI, and more. Security Review

Vulnerability Assessment and Penetration Testing

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

DOCUMENTATION MICROSOFT SQL BACKUP & RESTORE OPERATIONS

McAfee Public Cloud Server Security Suite

Chapter 1 Web Application (In)security 1

SnapServer NAS GuardianOS 5.2 Compatibility Guide October 2009

Web Application Security Assessment and Vulnerability Mitigation Tests

VMware vcenter Support Assistant 5.1.1

QuickStart Guide for Managing Computers. Version 9.2

Using Nessus In Web Application Vulnerability Assessments

Evaluation of Penetration Testing Software. Research

CloudPassage Halo Technical Overview

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Prerequisites and Configuration Guide

Transcription:

2015-SEP-03 FSL version 7.5.737 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 91892 - Oracle Enterprise Linux ELSA-2015-1693 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes CVE: CVE-2015-4497, CVE-2015-4498 ELSA-2015-1693 http://oss.oracle.com/pipermail/el-errata/2015-august/005367.html http://oss.oracle.com/pipermail/el-errata/2015-august/005365.html http://oss.oracle.com/pipermail/el-errata/2015-august/005366.html OEL6 firefox-38.2.1-1.0.1.el6_7 i386 firefox-38.2.1-1.0.1.el6_7 OEL5 firefox-38.2.1-1.0.1.el5_11 i386 firefox-38.2.1-1.0.1.el5_11 OEL7 firefox-38.2.1-1.0.1.el7_1 130263 - Debian Linux 7.0, 8.0 DSA-3345-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes CVE: CVE-2015-4497, CVE-2015-4498

DSA-3345-1 http://www.debian.org/security/2015/dsa-3345 Debian 8.0 all iceweasel_38.2.1esr-1~deb8u1 Debian 7.0 all iceweasel_38.2.1esr-1~deb7u1 140930 - Red Hat Enterprise Linux RHSA-2015-1693 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes CVE: CVE-2015-4497, CVE-2015-4498 RHSA-2015-1693 https://rhn.redhat.com/errata/rhsa-2015-1693.html RHEL5S firefox-debuginfo-38.2.1-1.el5_11 firefox-38.2.1-1.el5_11 i386 firefox-debuginfo-38.2.1-1.el5_11 firefox-38.2.1-1.el5_11 RHEL5D firefox-debuginfo-38.2.1-1.el5_11 firefox-38.2.1-1.el5_11 i386 firefox-debuginfo-38.2.1-1.el5_11 firefox-38.2.1-1.el5_11 RHEL6S firefox-debuginfo-38.2.1-1.el6_7 firefox-38.2.1-1.el6_7 i386 firefox-debuginfo-38.2.1-1.el6_7

firefox-38.2.1-1.el6_7 RHEL7D firefox-38.2.1-1.el7_1 firefox-debuginfo-38.2.1-1.el7_1 RHEL6D firefox-debuginfo-38.2.1-1.el6_7 firefox-38.2.1-1.el6_7 i386 firefox-debuginfo-38.2.1-1.el6_7 firefox-38.2.1-1.el6_7 RHEL7S firefox-38.2.1-1.el7_1 firefox-debuginfo-38.2.1-1.el7_1 RHEL6WS firefox-debuginfo-38.2.1-1.el6_7 firefox-38.2.1-1.el6_7 i386 firefox-debuginfo-38.2.1-1.el6_7 firefox-38.2.1-1.el6_7 RHEL7WS firefox-38.2.1-1.el7_1 firefox-debuginfo-38.2.1-1.el7_1 143932 - SuSE Linux 13.1 opensuse-su-2015:1454-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE-2015-4473, CVE-2015-4475, CVE-2015-4478, CVE-2015-4479, CVE-2015-4480, CVE-2015-4481, CVE-2015-4482, CVE- 2015-4484, CVE-2015-4485, CVE-2015-4486, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489, CVE-2015-4491, CVE-2015-4492, CVE-2015-4493 opensuse-su-2015:1454-1 http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html SuSE Linux 13.1 MozillaThunderbird-debugsource-38.2.0-70.60.2 MozillaThunderbird-translations-other-38.2.0-70.60.2 MozillaThunderbird-devel-38.2.0-70.60.2

MozillaThunderbird-buildsymbols-38.2.0-70.60.2 MozillaThunderbird-38.2.0-70.60.2 MozillaThunderbird-translations-common-38.2.0-70.60.2 MozillaThunderbird-debuginfo-38.2.0-70.60.2 i586 MozillaThunderbird-debugsource-38.2.0-70.60.2 MozillaThunderbird-translations-other-38.2.0-70.60.2 MozillaThunderbird-devel-38.2.0-70.60.2 MozillaThunderbird-buildsymbols-38.2.0-70.60.2 MozillaThunderbird-38.2.0-70.60.2 MozillaThunderbird-translations-common-38.2.0-70.60.2 MozillaThunderbird-debuginfo-38.2.0-70.60.2 143934 - SuSE Linux 13.2 opensuse-su-2015:1453-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE-2015-4473, CVE-2015-4475, CVE-2015-4478, CVE-2015-4479, CVE-2015-4480, CVE-2015-4481, CVE-2015-4482, CVE- 2015-4484, CVE-2015-4485, CVE-2015-4486, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489, CVE-2015-4491, CVE-2015-4492, CVE-2015-4493 opensuse-su-2015:1453-1 http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html SuSE Linux 13.2 MozillaThunderbird-devel-38.2.0-25.2 MozillaThunderbird-buildsymbols-38.2.0-25.2 MozillaThunderbird-debugsource-38.2.0-25.2 MozillaThunderbird-translations-common-38.2.0-25.2 MozillaThunderbird-38.2.0-25.2 MozillaThunderbird-translations-other-38.2.0-25.2 MozillaThunderbird-debuginfo-38.2.0-25.2 i586 MozillaThunderbird-devel-38.2.0-25.2 MozillaThunderbird-buildsymbols-38.2.0-25.2 MozillaThunderbird-debugsource-38.2.0-25.2 MozillaThunderbird-translations-common-38.2.0-25.2 MozillaThunderbird-38.2.0-25.2 MozillaThunderbird-translations-other-38.2.0-25.2 MozillaThunderbird-debuginfo-38.2.0-25.2 181582 - FreeBSD mozilla Multiple Vulnerabilities (237a201c-888b-487f-84d3-7d92266381d6) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes CVE: CVE-2015-4497, CVE-2015-4498

mozilla -- multiple vulnerabilities (237a201c-888b-487f-84d3-7d92266381d6) http://www.vuxml.org/freebsd/237a201c-888b-487f-84d3-7d92266381d6.html Affected packages: firefox < 40.0.3,1 linux-firefox < 40.0.3,1 firefox-esr < 38.2.1,1 184958 - Ubuntu Linux 12.04, 14.04, 15.04 USN-2723-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-4497, CVE-2015-4498 USN-2723-1 https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-august/003097.html Ubuntu 14.04 firefox_40.0.3+build1-0ubuntu0.14.04.1 Ubuntu 15.04 firefox_40.0.3+build1-0ubuntu0.15.04.1 Ubuntu 12.04 firefox_40.0.3+build1-0ubuntu0.12.04.1 189694 - Fedora Linux 21 FEDORA-2015-13469 Update Is Not Installed CVE: CVE-2015-5600, CVE-2015-6563, CVE-2015-6564 FEDORA-2015-13469

http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165170.html Fedora Core 21 openssh-6.6.1p1-16.fc21 18888 - (HT205046) Apple QuickTime Multiple Vulnerabilities Prior To 7.7.8 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5779, CVE- 2015-5785, CVE-2015-5786 Multiple vulnerabilities are present in some versions of Apple QuickTime. Apple QuickTime is a media player. Multiple vulnerabilities are present in some versions of Apple QuickTime. The flaws occur due to multiple memory corruption issues. Successful exploitation could allow an attacker to cause application crash or execute arbitrary code. 18889 - (SA-CORE-2015-003) Drupal Core Multiple Vulnerabilities Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE-2015-6658, CVE-2015-6659, CVE-2015-6660, CVE-2015-6661, CVE-2015-6665 Multiple vulnerabilities are present in some versions of Drupal. Drupal is a popular open source content management system. Multiple vulnerabilities are present in some versions of Drupal. The flaws lie in multiple components. Successful exploitation by a remote attacker may bypass security measure or execute remote code. 18903 - VideoLAN VLC Media Player 3GP File Arbitrary Pointer Dereference Vulnerability Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE-2015-5949 An arbitrary pointer dereference vulnerability is present in some versions of VideoLAN VLC Media Player. VideoLAN VLC Media Player is a popular open source media player.

An arbitrary pointer dereference vulnerability is present in some versions of VideoLAN VLC Media Player. The flaw lies in libmp4.c. Successful exploitation could allow an attacker to cause denial of service or execute arbitrary code. 91893 - Oracle Enterprise Linux ELSA-2015-1695 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes CVE: CVE-2015-0254 ELSA-2015-1695 http://oss.oracle.com/pipermail/el-errata/2015-august/005377.html http://oss.oracle.com/pipermail/el-errata/2015-august/005375.html OEL6 jakarta-taglibs-standard-1.1.1-11.7.el6_7 jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7 i386 jakarta-taglibs-standard-1.1.1-11.7.el6_7 jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7 OEL7 jakarta-taglibs-standard-javadoc-1.1.2-14.el7_1 jakarta-taglibs-standard-1.1.2-14.el7_1 130262 - Debian Linux 7.0, 8.0 DSA-3346-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes CVE: CVE-2015-6658, CVE-2015-6659, CVE-2015-6660, CVE-2015-6661, CVE-2015-6665 DSA-3346-1 http://www.debian.org/security/2015/dsa-3346 Debian 8.0 all drupal7_7.32-1+deb8u5 Debian 7.0 all

drupal7_7.14-2+deb7u11 140929 - Red Hat Enterprise Linux RHSA-2015-1695 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes CVE: CVE-2015-0254 RHSA-2015-1695 https://rhn.redhat.com/errata/rhsa-2015-1695.html RHEL7WS noarch jakarta-taglibs-standard-javadoc-1.1.2-14.el7_1 jakarta-taglibs-standard-1.1.2-14.el7_1 RHEL7D noarch jakarta-taglibs-standard-javadoc-1.1.2-14.el7_1 jakarta-taglibs-standard-1.1.2-14.el7_1 RHEL6D noarch jakarta-taglibs-standard-1.1.1-11.7.el6_7 jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7 RHEL6S noarch jakarta-taglibs-standard-1.1.1-11.7.el6_7 jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7 RHEL7S noarch jakarta-taglibs-standard-javadoc-1.1.2-14.el7_1 jakarta-taglibs-standard-1.1.2-14.el7_1 143935 - SuSE SLES 12, SLED 12 SUSE-SU-2015:1445-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE-2014-9645 SUSE-SU-2015:1445-1

http://lists.suse.com/pipermail/sle-security-updates/2015-august/001555.html SuSE SLED 12 busybox-1.21.1-3.3 SuSE SLES 12 busybox-1.21.1-3.3 184962 - Ubuntu Linux 15.04 USN-2725-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-6520 USN-2725-1 https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-august/003096.html Ubuntu 15.04 cups-filters-ippusbxd_1.0.67-0ubuntu2.4 184963 - Ubuntu Linux 12.04, 14.04, 15.04 USN-2724-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2014-9718, CVE-2015-5165, CVE-2015-5166, CVE-2015-5225, CVE-2015-5745 USN-2724-1 https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-august/003095.html Ubuntu 14.04 qemu-system-misc_2.0.0+dfsg-2ubuntu1.17 qemu-system-aarch64_2.0.0+dfsg-2ubuntu1.17 qemu-system-sparc_2.0.0+dfsg-2ubuntu1.17 qemu-system-arm_2.0.0+dfsg-2ubuntu1.17 qemu-system_2.0.0+dfsg-2ubuntu1.17 qemu-system-mips_2.0.0+dfsg-2ubuntu1.17 qemu-system-x86_2.0.0+dfsg-2ubuntu1.17

qemu-system-ppc_2.0.0+dfsg-2ubuntu1.17 Ubuntu 15.04 qemu-system-mips_2.2+dfsg-5expubuntu9.4 qemu-system-arm_2.2+dfsg-5expubuntu9.4 qemu-system-x86_2.2+dfsg-5expubuntu9.4 qemu-system-misc_2.2+dfsg-5expubuntu9.4 qemu-system_2.2+dfsg-5expubuntu9.4 qemu-system-aarch64_2.2+dfsg-5expubuntu9.4 qemu-system-ppc_2.2+dfsg-5expubuntu9.4 qemu-system-sparc_2.2+dfsg-5expubuntu9.4 Ubuntu 12.04 qemu-kvm_1.0+noroms-0ubuntu14.24 189677 - Fedora Linux 23 FEDORA-2015-13920 Update Is Not Installed CVE: CVE-2013-7444, CVE-2015-6727, CVE-2015-6728, CVE-2015-6729, CVE-2015-6730, CVE-2015-6731, CVE-2015-6732, CVE- 2015-6733, CVE-2015-6734, CVE-2015-6735, CVE-2015-6736, CVE-2015-6737 FEDORA-2015-13920 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165193.html Fedora Core 23 mediawiki-1.25.2-2.fc23 189678 - Fedora Linux 23 FEDORA-2015-14361 Update Is Not Installed CVE: CVE-2015-5165, CVE-2015-5166 FEDORA-2015-14361 http://lists.fedoraproject.org/pipermail/package-announce/2015-september/165373.html Fedora Core 23

xen-4.5.1-6.fc23 189685 - Fedora Linux 21 FEDORA-2015-13404 Update Is Not Installed CVE: CVE-2015-3209, CVE-2015-3214, CVE-2015-5154, CVE-2015-5165, CVE-2015-5745 FEDORA-2015-13404 http://lists.fedoraproject.org/pipermail/package-announce/2015-september/165305.html Fedora Core 21 qemu-2.1.3-9.fc21 189691 - Fedora Linux 23 FEDORA-2015-13915 Update Is Not Installed CVE: CVE-2015-6658, CVE-2015-6659, CVE-2015-6660, CVE-2015-6661, CVE-2015-6665 FEDORA-2015-13915 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165061.html Fedora Core 23 drupal7-7.39-1.fc23 88707 - Slackware Linux 13.37, 14.0, 14.1 SSA:2015-244-01 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes CVE: CVE-2015-4491 SSA:2015-244-01

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.435174 Slackware 14.1 gdk-pixbuf2-2.28.2--2 Slackware 13.37 gdk-pixbuf2-2.23.3--2 Slackware 14.0 gdk-pixbuf2-2.26.1--3 91891 - Oracle Enterprise Linux ELSA-2015-1694 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes CVE: CVE-2015-4491 ELSA-2015-1694 http://oss.oracle.com/pipermail/el-errata/2015-august/005376.html http://oss.oracle.com/pipermail/el-errata/2015-august/005374.html OEL6 gdk-pixbuf2-2.24.1-6.el6_7 gdk-pixbuf2-devel-2.24.1-6.el6_7 i386 gdk-pixbuf2-2.24.1-6.el6_7 gdk-pixbuf2-devel-2.24.1-6.el6_7 OEL7 gdk-pixbuf2-2.28.2-5.el7_1 gdk-pixbuf2-devel-2.28.2-5.el7_1 140932 - Red Hat Enterprise Linux RHSA-2015-1694 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes CVE: CVE-2015-4491

RHSA-2015-1694 https://rhn.redhat.com/errata/rhsa-2015-1694.html RHEL7WS gdk-pixbuf2-debuginfo-2.28.2-5.el7_1 gdk-pixbuf2-2.28.2-5.el7_1 gdk-pixbuf2-devel-2.28.2-5.el7_1 RHEL7D gdk-pixbuf2-debuginfo-2.28.2-5.el7_1 gdk-pixbuf2-2.28.2-5.el7_1 gdk-pixbuf2-devel-2.28.2-5.el7_1 RHEL6D gdk-pixbuf2-debuginfo-2.24.1-6.el6_7 gdk-pixbuf2-2.24.1-6.el6_7 gdk-pixbuf2-devel-2.24.1-6.el6_7 i386 gdk-pixbuf2-debuginfo-2.24.1-6.el6_7 gdk-pixbuf2-2.24.1-6.el6_7 gdk-pixbuf2-devel-2.24.1-6.el6_7 RHEL6S gdk-pixbuf2-debuginfo-2.24.1-6.el6_7 gdk-pixbuf2-2.24.1-6.el6_7 gdk-pixbuf2-devel-2.24.1-6.el6_7 i386 gdk-pixbuf2-debuginfo-2.24.1-6.el6_7 gdk-pixbuf2-2.24.1-6.el6_7 gdk-pixbuf2-devel-2.24.1-6.el6_7 RHEL7S gdk-pixbuf2-debuginfo-2.28.2-5.el7_1 gdk-pixbuf2-2.28.2-5.el7_1 gdk-pixbuf2-devel-2.28.2-5.el7_1 RHEL6WS gdk-pixbuf2-debuginfo-2.24.1-6.el6_7 gdk-pixbuf2-2.24.1-6.el6_7 gdk-pixbuf2-devel-2.24.1-6.el6_7 i386 gdk-pixbuf2-debuginfo-2.24.1-6.el6_7 gdk-pixbuf2-2.24.1-6.el6_7 gdk-pixbuf2-devel-2.24.1-6.el6_7

181579 - FreeBSD ffmpeg Use After Free (da434a78-e342-4d9a-87e2-7497e5f117ba) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes CVE: CVE-2015-3417 ffmpeg -- use after free (da434a78-e342-4d9a-87e2-7497e5f117ba) http://www.vuxml.org/freebsd/da434a78-e342-4d9a-87e2-7497e5f117ba.html Affected packages: 11.0 <= libav < 11.4 libav < 10.7 gstreamer1-libav < 1.5.0 2.2.0,1 <= ffmpeg < 2.2.12,1 2.1.0,1 <= ffmpeg < 2.1.7,1 ffmpeg < 2.0.7,1 ffmpeg25 < 2.5.2 ffmpeg24 < 2.4.5 ffmpeg23 < 2.3.6 ffmpeg1 < 1.2.11 181581 - FreeBSD ffmpeg Out-of-bounds Array Access (80c66af0-d1c5-449e-bd31-63b12525ff88) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes CVE: CVE-2015-3395 ffmpeg -- out-of-bounds array access (80c66af0-d1c5-449e-bd31-63b12525ff88) http://www.vuxml.org/freebsd/80c66af0-d1c5-449e-bd31-63b12525ff88.html Affected packages: 11.0 <= libav < 11.4 libav < 10.7 gstreamer1-libav < 1.5.1 2.2.0,1 <= ffmpeg < 2.2.15,1 ffmpeg < 2.0.7,1 ffmpeg26 < 2.6.2 ffmpeg25 < 2.5.6 ffmpeg24 < 2.4.8 kodi < 15.1 mplayer < 1.1.r20150403 mencoder < 1.1.r20150403

181583 - FreeBSD ghostscript Denial Of Service (crash) via crafted Postscript files (fc1f6658-4f53-11e5-934b- 002590263bf5) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes CVE: CVE-2015-3228 ghostscript -- denial of service (crash) via crafted Postscript files (fc1f6658-4f53-11e5-934b-002590263bf5) http://www.vuxml.org/freebsd/fc1f6658-4f53-11e5-934b-002590263bf5.html Affected packages: ghostscript7 < 7.07_32 ghostscript7-nox11 < 7.07_32 ghostscript7-base < 7.07_32 ghostscript7-x11 < 7.07_32 ghostscript8 < 8.71_19 ghostscript8-nox11 < 8.71_19 ghostscript8-base < 8.71_19 ghostscript8-x11 < 8.71_19 ghostscript9 < 9.06_11 ghostscript9-nox11 < 9.06_11 ghostscript9-base < 9.06_11 ghostscript9-x11 < 9.06_11 ghostscript9-agpl < 9.15_2 ghostscript9-agpl-nox11 < 9.15_2 ghostscript9-agpl-base < 9.16_2 ghostscript9-agpl-x11 < 9.16_2 184960 - Ubuntu Linux 12.04, 14.04, 15.04 USN-2726-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-1283 USN-2726-1 https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-august/003098.html Ubuntu 14.04 libexpat1_2.1.0-4ubuntu1.1 lib64expat1_2.1.0-4ubuntu1.1

Ubuntu 15.04 lib64expat1_2.1.0-6ubuntu1.1 libexpat1_2.1.0-6ubuntu1.1 Ubuntu 12.04 libexpat1_2.0.1-7.2ubuntu1.2 lib64expat1_2.0.1-7.2ubuntu1.2 184961 - Ubuntu Linux 12.04, 14.04, 15.04 USN-2722-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-4491 USN-2722-1 https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-august/003094.html Ubuntu 14.04 libgdk-pixbuf2.0-0_2.30.7-0ubuntu1.1 Ubuntu 15.04 libgdk-pixbuf2.0-0_2.31.3-1ubuntu0.1 Ubuntu 12.04 libgdk-pixbuf2.0-0_2.26.1-1ubuntu1.2 189684 - Fedora Linux 21 FEDORA-2015-13488 Update Is Not Installed CVE: CVE-2015-5161 FEDORA-2015-13488 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165174.html http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165173.html Fedora Core 21

php-guzzle-guzzle-3.9.3-5.fc21 php-zendframework2-2.4.7-1.fc21 189695 - Fedora Linux 22 FEDORA-2015-13529 Update Is Not Installed CVE: CVE-2015-5161 FEDORA-2015-13529 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165147.html http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165146.html Fedora Core 22 php-zendframework2-2.4.7-1.fc22 php-guzzle-guzzle-3.9.3-5.fc22 18902 - (APSB15-21) Vulnerability In ColdFusion Category: Windows Host Assessment -> Adobe Patches Only (CATEGORY REQUIRES CREDENTIALS) CVE: CVE-2015-3269 A vulnerability is present in some versions of Adobe ColdFusion. Adobe ColdFusion is a web application development platform. A vulnerability is present in some versions of Adobe ColdFusion. The flaw lies in BlazeDS. Successful exploitation could allow an attacker to access sensitive information. The update provided by Adobe bulletin APSB15-21 resolves this issue. The target system appears to be missing this update. 18905 - IBM WebSphere Application Server Java Portlet Specification JSR 286 Information Disclosure Vulnerability Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE-2015-1926 An information disclosure vulnerability is present in some versions of IBM WebSphere Application Server.

IBM WebSphere Application Server is a Java application server. An information disclosure vulnerability is present in some versions of IBM WebSphere Application Server. The flaw lies in Java Portlet Specification JSR 286 API. Successful exploitation could allow an attacker to obtain obtain configuration data and other sensitive information. 33310 - Oracle Solaris 151597-05 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes CVE: CVE-2013-4286, CVE-2013-4322, CVE-2013-4590, CVE-2014-0033, CVE-2014-0050 151597-05 https://getupdates.oracle.com/readme/151597-05 SunOS 5.10: Oracle Snap Management Utility for Oracle Databases patch SOLARIS_10 ORCLsmu:1.2.0,REV=2014.06.14.00.07.13 33311 - Oracle Solaris 151598-05 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes CVE: CVE-2013-4286, CVE-2013-4322, CVE-2013-4590, CVE-2014-0033, CVE-2014-0050 151598-05 https://getupdates.oracle.com/readme/151598-05 SunOS 5.10(x86): Oracle Snap Management Utility for Oracle Databases patch SOLARIS_10_x86 ORCLsmu:1.2.0,REV=2014.06.14.00.07.13 143933 - SuSE SLES 12, SLED 12 SUSE-SU-2015:1439-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes

CVE: CVE-2015-3451 SUSE-SU-2015:1439-1 http://lists.suse.com/pipermail/sle-security-updates/2015-august/001553.html SuSE SLED 12 perl-xml-libxml-debuginfo-2.0019-5.3 perl-xml-libxml-2.0019-5.3 perl-xml-libxml-debugsource-2.0019-5.3 SuSE SLES 12 perl-xml-libxml-debuginfo-2.0019-5.3 perl-xml-libxml-2.0019-5.3 perl-xml-libxml-debugsource-2.0019-5.3 184959 - Ubuntu Linux 15.04 USN-2727-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-3308, CVE-2015-6251 USN-2727-1 https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-september/003099.html Ubuntu 15.04 libgnutls-deb0-28_3.3.8-3ubuntu3.1 189680 - Fedora Linux 23 FEDORA-2015-13287 Update Is Not Installed CVE: CVE-2015-6251 FEDORA-2015-13287

http://lists.fedoraproject.org/pipermail/package-announce/2015-september/165286.html Fedora Core 23 gnutls-3.4.4-1.fc23 189681 - Fedora Linux 21 FEDORA-2015-12979 Update Is Not Installed CVE: CVE-2015-3225 FEDORA-2015-12979 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165180.html Fedora Core 21 rubygem-rack-1.5.2-5.fc21 18890 - SolarWinds N-Able N-Central Administrator Account Password Disclosure Vulnerability Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE-2015-5610 An information disclosure vulnerability is present in some versions of SolarWinds N-Able N-Central. SolarWinds N-Able N-Central is a popular enterprise and management support solution. An information disclosure vulnerability is present in some versions of SolarWinds N-Able N-Central. The flaw is due to the encrypted password is accessible by any authenticated local or remote user from within from the RSM web page source. Successful exploitation could allow an attacker to decrypt and obtain the domain administrator password used by the software. 91890 - Oracle Enterprise Linux ELSA-2015-1699 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes CVE: CVE-2015-2730

ELSA-2015-1699 http://oss.oracle.com/pipermail/el-errata/2015-september/005379.html http://oss.oracle.com/pipermail/el-errata/2015-september/005378.html OEL6 nss-softokn-freebl-devel-3.14.3-23.el6_7 nss-softokn-freebl-3.14.3-23.el6_7 nss-softokn-devel-3.14.3-23.el6_7 nss-softokn-3.14.3-23.el6_7 i386 nss-softokn-freebl-devel-3.14.3-23.el6_7 nss-softokn-freebl-3.14.3-23.el6_7 nss-softokn-devel-3.14.3-23.el6_7 nss-softokn-3.14.3-23.el6_7 OEL7 nss-softokn-freebl-3.16.2.3-13.el7_1 nss-softokn-freebl-devel-3.16.2.3-13.el7_1 nss-softokn-3.16.2.3-13.el7_1 nss-softokn-devel-3.16.2.3-13.el7_1 132188 - Oracle VM OVMSA-2015-0118 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes CVE: CVE-2015-2730 OVMSA-2015-0118 http://oss.oracle.com/pipermail/oraclevm-errata/2015-september/000366.html OVM3.3 nss-softokn-freebl-3.14.3-23.el6_7 nss-softokn-3.14.3-23.el6_7 140931 - Red Hat Enterprise Linux RHSA-2015-1699 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes CVE: CVE-2015-2730

RHSA-2015-1699 https://rhn.redhat.com/errata/rhsa-2015-1699.html RHEL7WS nss-softokn-freebl-devel-3.16.2.3-13.el7_1 nss-softokn-freebl-3.16.2.3-13.el7_1 nss-softokn-debuginfo-3.16.2.3-13.el7_1 nss-softokn-3.16.2.3-13.el7_1 nss-softokn-devel-3.16.2.3-13.el7_1 RHEL7D nss-softokn-freebl-devel-3.16.2.3-13.el7_1 nss-softokn-freebl-3.16.2.3-13.el7_1 nss-softokn-debuginfo-3.16.2.3-13.el7_1 nss-softokn-3.16.2.3-13.el7_1 nss-softokn-devel-3.16.2.3-13.el7_1 RHEL6D nss-softokn-devel-3.14.3-23.el6_7 nss-softokn-freebl-devel-3.14.3-23.el6_7 nss-softokn-freebl-3.14.3-23.el6_7 nss-softokn-debuginfo-3.14.3-23.el6_7 nss-softokn-3.14.3-23.el6_7 i386 nss-softokn-devel-3.14.3-23.el6_7 nss-softokn-freebl-devel-3.14.3-23.el6_7 nss-softokn-freebl-3.14.3-23.el6_7 nss-softokn-debuginfo-3.14.3-23.el6_7 nss-softokn-3.14.3-23.el6_7 RHEL6S nss-softokn-devel-3.14.3-23.el6_7 nss-softokn-freebl-devel-3.14.3-23.el6_7 nss-softokn-freebl-3.14.3-23.el6_7 nss-softokn-debuginfo-3.14.3-23.el6_7 nss-softokn-3.14.3-23.el6_7 i386 nss-softokn-devel-3.14.3-23.el6_7 nss-softokn-freebl-devel-3.14.3-23.el6_7 nss-softokn-freebl-3.14.3-23.el6_7 nss-softokn-debuginfo-3.14.3-23.el6_7 nss-softokn-3.14.3-23.el6_7 RHEL7S nss-softokn-freebl-devel-3.16.2.3-13.el7_1

nss-softokn-freebl-3.16.2.3-13.el7_1 nss-softokn-debuginfo-3.16.2.3-13.el7_1 nss-softokn-3.16.2.3-13.el7_1 nss-softokn-devel-3.16.2.3-13.el7_1 RHEL6WS nss-softokn-devel-3.14.3-23.el6_7 nss-softokn-freebl-devel-3.14.3-23.el6_7 nss-softokn-freebl-3.14.3-23.el6_7 nss-softokn-debuginfo-3.14.3-23.el6_7 nss-softokn-3.14.3-23.el6_7 i386 nss-softokn-devel-3.14.3-23.el6_7 nss-softokn-freebl-devel-3.14.3-23.el6_7 nss-softokn-freebl-3.14.3-23.el6_7 nss-softokn-debuginfo-3.14.3-23.el6_7 nss-softokn-3.14.3-23.el6_7 143931 - SuSE Linux 13.2 opensuse-su-2015:1452-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes CVE: CVE-2015-3908 opensuse-su-2015:1452-1 http://lists.opensuse.org/opensuse-updates/2015-08/msg00029.html SuSE Linux 13.2 noarch ansible-1.7.1-2.8.1 189689 - Fedora Linux 22 FEDORA-2015-13718 Update Is Not Installed CVE: CVE-2015-5475, CVE-2015-6506 FEDORA-2015-13718 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165124.html

Fedora Core 22 rt-4.2.12-1.fc22 189690 - Fedora Linux 21 FEDORA-2015-13664 Update Is Not Installed CVE: CVE-2015-5475, CVE-2015-6506 FEDORA-2015-13664 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165163.html Fedora Core 21 rt-4.2.12-1.fc21 88708 - Slackware Linux 14.1 SSA:2015-241-01 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Low SSA:2015-241-01 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.356225 Slackware 14.1 mozilla-firefox-38.2.1esr--1 130264 - Debian Linux 8.0 DSA-3343-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low DSA-3343-1

http://www.debian.org/security/2015/dsa-3343 Debian 8.0 all php-twig-doc_1.16.2-1+deb8u1 php-twig_1.16.2-1+deb8u1 php5-twig_1.16.2-1+deb8u1 130265 - Debian Linux 7.0, 8.0 DSA-3344-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2015-4598, CVE-2015-4643, CVE-2015-4644, CVE-2015-5589, CVE-2015-5590 DSA-3344-1 http://www.debian.org/security/2015/dsa-3344 Debian 8.0 all php5_5.6.12+dfsg-0+deb8u1 Debian 7.0 all php5_5.4.44-0+deb7u1 181580 - FreeBSD graphviz Format String Vulnerability (5300711b-4e61-11e5-9ad8-14dae9d210b8) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low graphviz -- format string vulnerability (5300711b-4e61-11e5-9ad8-14dae9d210b8) http://www.vuxml.org/freebsd/5300711b-4e61-11e5-9ad8-14dae9d210b8.html Affected packages: graphviz < 2.38.0_7

189679 - Fedora Linux 23 FEDORA-2015-14229 Update Is Not Installed Risk Level: Low FEDORA-2015-14229 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165023.html Fedora Core 23 pcre-8.37-4.fc23 189682 - Fedora Linux 22 FEDORA-2015-13433 Update Is Not Installed Risk Level: Low FEDORA-2015-13433 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165151.html Fedora Core 22 php-twig-1.20.0-1.fc22 189683 - Fedora Linux 21 FEDORA-2015-13482 Update Is Not Installed Risk Level: Low FEDORA-2015-13482

http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165002.html Fedora Core 21 mariadb-10.0.21-1.fc21 189686 - Fedora Linux 21 FEDORA-2015-14033 Update Is Not Installed Risk Level: Low FEDORA-2015-14033 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165161.html Fedora Core 21 maradns-2.0.12-1.fc21 189687 - Fedora Linux 22 FEDORA-2015-14032 Update Is Not Installed Risk Level: Low FEDORA-2015-14032 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165109.html Fedora Core 22 maradns-2.0.12-1.fc22 189688 - Fedora Linux 23 FEDORA-2015-14034 Update Is Not Installed Risk Level: Low

FEDORA-2015-14034 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165036.html Fedora Core 23 maradns-2.0.12-1.fc23 189692 - Fedora Linux 23 FEDORA-2015-13463 Update Is Not Installed Risk Level: Low FEDORA-2015-13463 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165134.html Fedora Core 23 php-twig-1.20.0-1.fc23 189693 - Fedora Linux 23 FEDORA-2015-13721 Update Is Not Installed Risk Level: Low FEDORA-2015-13721 http://lists.fedoraproject.org/pipermail/package-announce/2015-august/165108.html Fedora Core 23 drupal6-views_bulk_operations-1.17-1.fc23 18904 - Endress+Hauser HART Device DTM Vulnerability Category: Windows Host Assessment -> SCADA

(CATEGORY REQUIRES CREDENTIALS) Risk Level: Low CVE: CVE-2014-9191 A denial of service vulnerability is present in some versions of Endress+Hauser HART DTM Library. Endress+Hauser HART DTM Library is used in Endress+Hauser HART Device DTM. A denial of service vulnerability is present in some versions of Endress+Hauser HART DTM Library. The flaw occurs due to a buffer overflow issue. Successful exploitation could allow an attacker to crash the Field Device Tool (FDT) Frame Application. 18908 - (SOL17189) F5 BIG-IP Apache HTTP Server Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: Low CVE: CVE-2008-0456 A vulnerability is present in some versions of F5 BIG-IP products. F5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System. A vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in the mod_negotiation module in the Apache HTTP Server. Successful exploitation could allow an attacker to affect integrity of other users. ENHANCED CHECKS The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check. 10672 - GIGABYTE Dldrv2 ActiveX Control Multiple Vulnerabilities Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE-2010-1517, CVE-2010-1518 181396 - FreeBSD mozilla Multiple Vulnerabilities (d9b43004-f5fd-4807-b1d7-dbf66455b244) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes CVE: CVE-2011-3079, CVE-2015-0797, CVE-2015-0833, CVE-2015-2708, CVE-2015-2709, CVE-2015-2710, CVE-2015-2711, CVE- 2015-2712, CVE-2015-2713, CVE-2015-2714, CVE-2015-2715, CVE-2015-2716, CVE-2015-2717, CVE-2015-2718, CVE-2015-2720, CVE-2015-4496 CVE is updated

662 - Finger Backdoor Category: General Vulnerability Assessment -> NonIntrusive -> UNIX CVE: CVE-2000-0128 Documentation is updated 663 - Finger Command Execution Category: General Vulnerability Assessment -> NonIntrusive -> UNIX CVE: CVE-2000-0128 Documentation is updated 5899 - Creative Software AutoUpdate Engine ActiveX Control Stack Overflow Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE-2008-0955 9743 - FutureSoft TFTP Server 2000 Remote Denial Of Service Vulnerability Category: General Vulnerability Assessment -> Instrusive -> Miscellaneous 15780 - EATON VURemote Denial of Service Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) 15905 - FirebirdSQL Firebird Null Pointer Denial of Service I Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)

16258 - Eaton Network Shutdown Module Pi3Web WebServer Denial of Service Category: General Vulnerability Assessment -> NonIntrusive -> SCADA 16445 - Delta Electronics WPLSoft DVPSimulator.exe Buffer Overflow Remote Code Execution Category: General Vulnerability Assessment -> Instrusive -> SCADA 16628 - FrameFlow Server Monitor Unspecified Defect Denial Of Service Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) 17353 - Emerson ROCLINK 800 arpro2.dll ActiveX Control Remote Code Execution Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) 18063 - Cogent DataHub Web Server Gamma Injection Remote Code Execution Category: General Vulnerability Assessment -> Instrusive -> SCADA

18064 - Cogent DataHub Web Server Gamma Injection Remote Code Execution Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) 18210 - Oracle Database Server Critical Patch Update April 2015 Category: SSH Module -> NonIntrusive -> SSH Miscellaneous CVE: CVE-2015-0455, CVE-2015-0457, CVE-2015-0479, CVE-2015-0483 FASLScript is updated 18689 - Oracle Database Server Critical Patch Update July 2015 Category: SSH Module -> NonIntrusive -> SSH Miscellaneous CVE: CVE-2015-0468, CVE-2015-2595, CVE-2015-2599, CVE-2015-2629, CVE-2015-4740, CVE-2015-4753, CVE-2015-4755 FASLScript is updated 18846 - (MS15-093) Microsoft Internet Explorer Memory Corruption Remote Code Execution (3088903) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) CVE: CVE-2015-2502 Name is updated 934 - csmailto.cgi Command Execution Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE-2002-0749 2548 - RSYNC heap overflow and remote code execution Category: General Vulnerability Assessment -> NonIntrusive -> Miscellaneous

CVE: CVE-2003-0962 is updated FASLScript is updated 4319 - GAMSoft TelSrv Long Username Denial of Service Category: General Vulnerability Assessment -> Instrusive -> UNIX CVE: CVE-1999-0230, CVE-2000-0166, CVE-2000-0480, CVE-2000-0665, CVE-2001-0348 9916 - Sendmail SSLV2 Disable Option Not Allowed Category: General Vulnerability Assessment -> NonIntrusive -> UNIX CVE: CVE-2006-7175 FASLScript is updated 14154 - EMC AutoStart Remote Code Execution Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) 14158 - EMC AlphaStor Remote Code Execution Category: General Vulnerability Assessment -> NonIntrusive -> Miscellaneous 14260 - CYME Power Engineering ChartFX Client Server ActiveX Control Array Indexing Remote Code Execution Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)

17670 - Oracle Database Server Critical Patch Update January 2015 Category: SSH Module -> NonIntrusive -> SSH Miscellaneous CVE: CVE-2014-3566, CVE-2014-6514, CVE-2014-6541, CVE-2014-6567, CVE-2014-6577, CVE-2014-6578, CVE-2015-0370, CVE- 2015-0371, CVE-2015-0373 FASLScript is updated 956 - Compaq Web-Based Management default page Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE-2001-0374 4984 - FactoSystem Weblog Multiple SQL Injection Vulnerabilities Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE-2002-1499 9945 - glftpd Default Credentials Unauthorized Access Vulnerability Category: General Vulnerability Assessment -> Instrusive -> UNIX CVE: CVE-1999-0502 13182 - CoCSoft Stream Down Response Buffer Overflow Remote Code Execution Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) CVE: CVE-2011-5052 15423 - DotNetNuke DNNArticle Module "categoryid" SQL Injection Vulnerability Category: General Vulnerability Assessment -> Instrusive -> Web Server

CVE: CVE-2013-5117 91824 - Oracle Enterprise Linux ELSA-2015-1210 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes CVE: CVE-2015-1869, CVE-2015-1870, CVE-2015-3142, CVE-2015-3147, CVE-2015-3159, CVE-2015-3315, CVE-2015-5364 181457 - FreeBSD chicken Buffer Overrun In Substring-index[-ci] (e7b7f2b5-177a-11e5-ad33-f8d111029e6a) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes CVE: CVE-2014-9651 184910 - Ubuntu Linux 14.04 USN-2690-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157 184914 - Ubuntu Linux 14.04 USN-2689-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157 184919 - Ubuntu Linux 12.04 USN-2687-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157

184921 - Ubuntu Linux 14.04 USN-2688-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157 184924 - Ubuntu Linux 15.04 USN-2691-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-1333, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157 184931 - Ubuntu Linux 14.04 USN-2700-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-3290, CVE-2015-3291, CVE-2015-5157 184934 - Ubuntu Linux 12.04 USN-2701-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-3290, CVE-2015-3291, CVE-2015-5157 184944 - Ubuntu Linux 12.04 USN-2713-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-3212, CVE-2015-5364, CVE-2015-5366 184954 - Ubuntu Linux 12.04 USN-2714-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-3212, CVE-2015-5364, CVE-2015-5366

189159 - Fedora Linux 22 FEDORA-2015-5131 Update Is Not Installed CVE: CVE-2015-3308 859 - Compaq Survey Utility Anonymous Login Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE-1999-0771 935 - FormMail.pl Detected Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE-2001-0357 710 - FTP Brute Force Category: General Vulnerability Assessment -> Instrusive -> BruteForce CVE: CVE-1999-0501 Documentation is updated 1958 - Efficient Networks 5861 Router NMap Denial-of-Service Category: General Vulnerability Assessment -> NonIntrusive -> Network CVE: CVE-2003-1250 8317 - Cisco TFTP Server Denial of Service Vulnerability Category: Windows Host Assessment -> Miscellaneous

(CATEGORY REQUIRES CREDENTIALS) 9948 - glftpd ZIP Plugins Multiple Directory Traversal Vulnerabilities Category: General Vulnerability Assessment -> NonIntrusive -> UNIX CVE: CVE-2005-0483 11722 - Citrix MetaFrame Client Specified Published Applications Enumeration Information Disclosure Vulnerability Category: General Vulnerability Assessment -> NonIntrusive -> Miscellaneous 15134 - D-Link DIR-635 "data" Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities Category: Wireless Assessment -> NonIntrusive -> Wireless 15230 - Cisco Video Surveillance Operations Manager Help Page Redirection Vulnerability Category: General Vulnerability Assessment -> NonIntrusive -> Web Server CVE: CVE-2013-3376 16933 - DotNetNuke Multiple Modules Arbitrary File Disclosure Vulnerability Category: General Vulnerability Assessment -> NonIntrusive -> Web Server

17415 - FESTO Robotino View Unspecified Defect Remote Denial of Service Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) 18489 - Google Android Bluetooth Forced Pairing Vulnerability Category: Wireless Assessment -> NonIntrusive -> Android CVE: CVE-2014-7914 Documentation is updated 184945 - Ubuntu Linux 14.04 USN-2718-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-3212 184946 - Ubuntu Linux 14.04 USN-2717-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-3212 184947 - Ubuntu Linux 14.04 USN-2716-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-3212 184950 - Ubuntu Linux 15.04 USN-2719-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes

CVE: CVE-2015-3212 184953 - Ubuntu Linux 12.04 USN-2715-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes CVE: CVE-2015-3212 571 - FTP Anonymous User Account ftp Accessible Category: General Vulnerability Assessment -> NonIntrusive -> Miscellaneous Risk Level: Low CVE: CVE-1999-0497 Documentation is updated 181572 - FreeBSD libpgf Use After Free (9a71953a-474a-11e5-adde-14dae9d210b8) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-6673 CVE is updated 91871 - Oracle Enterprise Linux ELSA-2015-3066 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Low CVE: CVE-2015-5697 132183 - Oracle VM OVMSA-2015-0113 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle VM Patches and Hotfixes Risk Level: Low CVE: CVE-2015-5697 189436 - Fedora Linux 22 FEDORA-2015-9601 Update Is Not Installed

Risk Level: Low CVE: CVE-2015-4037 189460 - Fedora Linux 21 FEDORA-2015-9599 Update Is Not Installed Risk Level: Low CVE: CVE-2015-4037 HOW TO UPDATE FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing. FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox. MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on. MCAFEE TECHNICAL SUPPORT ServicePortal: https://mysupport.mcafee.com Multi-National Phone Support available here: http://www.mcafee.com/us/about/contact/index.html Non-US customers - Select your country from the list of Worldwide Offices. This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. Copyright 2015 McAfee, Inc. McAfee is a registered trademark of McAfee, Inc. and/or its affiliates

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information