McAfee Foundstone FSL Update · 2016-JAN-20 FSL version 7.5.787 MCAFEE FOUNDSTONE FSL UPDATE To...
Transcript of McAfee Foundstone FSL Update · 2016-JAN-20 FSL version 7.5.787 MCAFEE FOUNDSTONE FSL UPDATE To...
2016-JAN-20FSL version 7.5.787
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release.
NEW CHECKS
144137 - SuSE Linux 13.1, 13.2 openSUSE-SU-2016:0163-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-3406, CVE-2015-3407, CVE-2015-3408, CVE-2015-3409
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0163-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00060.html
SuSE Linux 13.1noarchperl-Module-Signature-0.79-2.4.1
SuSE Linux 13.2noarchperl-Module-Signature-0.79-4.4.1
144147 - SuSE SLES 10 SP4 SUSE-SU-2016:0113-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-4911, CVE-2015-5006
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0113-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001800.html
SuSE SLES 10 SP4i586
java-1_6_0-ibm-plugin-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-devel-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-alsa-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-fonts-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-jdbc-1.6.0_sr16.15-0.16.1
x86_64java-1_6_0-ibm-plugin-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-devel-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-alsa-32bit-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-devel-32bit-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-fonts-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-plugin-32bit-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-jdbc-1.6.0_sr16.15-0.16.1java-1_6_0-ibm-32bit-1.6.0_sr16.15-0.16.1
181780 - FreeBSD libproxy Stack-based Buffer Overflow (3b5c2362-bd07-11e5-b7ef-5453ed2e2b49)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2012-4504
DescriptionThe scan detected that the host is missing the following update:libproxy -- stack-based buffer overflow (3b5c2362-bd07-11e5-b7ef-5453ed2e2b49)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/3b5c2362-bd07-11e5-b7ef-5453ed2e2b49.html
Affected packages: 0.4.0 <= libproxy < 0.4.6_10.4.0 <= libproxy-gnome < 0.4.6_20.4.0 <= libproxy-kde < 0.4.6_60.4.0 <= libproxy-perl < 0.4.6_30.4.0 <= libproxy-webkit < 0.4.6_4
185124 - Ubuntu Linux 12.04, 14.04, 15.04, 15.10 USN-2859-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: High CVE: CVE-2015-7201, CVE-2015-7205, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214
DescriptionThe scan detected that the host is missing the following update:USN-2859-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003260.html
Ubuntu 12.04
thunderbird_38.5.1+build2-0ubuntu0.12.04.1
Ubuntu 15.04
thunderbird_38.5.1+build2-0ubuntu0.15.04.1
Ubuntu 15.10
thunderbird_38.5.1+build2-0ubuntu0.15.10.1
Ubuntu 14.04
thunderbird_38.5.1+build2-0ubuntu0.14.04.1
130365 - Debian Linux 7.0, 8.0 DSA-3445-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: High CVE: CVE-2015-8557
DescriptionThe scan detected that the host is missing the following update:DSA-3445-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3445
Debian 8.0allpython-pygments-doc_2.0.1+dfsg-1.1+deb8u1python3-pygments_2.0.1+dfsg-1.1+deb8u1python-pygments_2.0.1+dfsg-1.1+deb8u1
Debian 7.0allpython-pygments_1.5+dfsg-1+deb7u1python3-pygments_1.5+dfsg-1+deb7u1
19475 - (HPSBUX03529) HP-UX BIND Remote Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> HP-UX Patches and Hotfixes Risk Level: High CVE: CVE-2015-5722, CVE-2015-8000
DescriptionMultiple vulnerabilities are present in some versions of HP-UX.
ObservationHP-UX is an Unix-like operating system.
Multiple vulnerabilities are present in some versions of HP-UX. The flaws lie in the BIND service. Successful exploitation could allow an attacker to cause a denial of service condition.
19564 - IPSwitch WhatsUp Gold Multiple Vulnerabilities Prior To 16.4
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2015-6004, CVE-2015-6005, CVE-2015-8261
DescriptionMultiple vulnerabilities are present in some versions of Ipswitch WhatsUp Gold.
ObservationIpswitch WhatsUp Gold is a network management and monitoring software for Windows environments.
Multiple vulnerabilities are present in some versions of WhatsUp Gold. The flaws lie in how the SOAP request handler "DroneDeleteOldMeasurements" validates serialized data and in how the product fails in the validation of user inputs in some fields. Successful exploitation could allow an attacker to execute arbitrary SQL commands or conduct XSS attacks, leading to the disclosure of sensitive information or to a denial of service condition. Exploitation requires an attacker to send a crafted SOAP request through the "DroneDeleteOldMeasurements" handler; mischievous SQL inputs through the "Find Device" and "UniqueID" GUI fields or to inject arbitrary web script or HTML via several input fields.
19566 - (JSA10721) Juniper Junos SRX Series RTSP Packets Processing Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-1262
DescriptionA denial of service vulnerability is present in some versions of Juniper Junos.
ObservationJuniper Junos is an operating system used in Juniper device.
A denial of service vulnerability is present in some versions of Juniper Junos. The flaw lies in Real Time Streaming Protocol Application Layer Gateway. Successful exploitation could allow an attacker to cause the flowd process to crash.
19493 - (SOL05770600) F5 BIG-IP Linux Libuser Vulnerabilities
Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2015-3245, CVE-2015-3246
DescriptionMultiple vulnerabilities are present in some versions of F5 BIG-IP products.
ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.
Multiple vulnerabilities are present in some versions of F5 BIG-IP products. The flaws lie in the libuser component. Successful exploitation could allow an attacker to cause a denial of service condition or to possibly escalate privileges. The attacker needs to be in the local network in order to trigger these vulnerabilities.
19494 - (SOL76930736) F5 BIG-IP Libpng Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2015-8126
DescriptionMultiple buffer overflow vulnerabilities are present in some versions of F5 BIG-IP products.
ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.
Multiple buffer overflow vulnerabilities are present in some versions of F5 BIG-IP products. The flaws lie in the libpng component. Successful exploitation could allow an attacker to cause a denial of service condition.
19569 - (JSA10718) Juniper Junos ISC BIND Named Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2015-5477
DescriptionA denial of service vulnerability is present in some versions of Juniper Junos.
ObservationJuniper Junos is an operating system used in Juniper devices.
A denial of service vulnerability is present in some versions of Juniper Junos. The flaw is due to improper handling of queries for TKEY records. Successful exploitation could allow an attacker to cause a denial of service condition.
19570 - (JSA10715) Juniper Junos LDP Packets Processing Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-1257
DescriptionA denial of service vulnerability is present in some versions of Juniper Junos.
ObservationJuniper Junos is an operating system used in Juniper devices.
A denial of service vulnerability is present in some versions of Juniper Junos. The flaw is due to improper handling of LDP packets. Successful exploitation could allow an attacker to cause a denial of service condition.
135117 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2016-0403)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2016-0403
Description
The scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135119 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2016-0414)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2016-0414
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135126 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2016-0440)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2016-0440
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
141060 - Red Hat Enterprise Linux RHSA-2016-0045 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2015-5364, CVE-2015-5366
DescriptionThe scan detected that the host is missing the following update:RHSA-2016-0045
ObservationUpdates often remediate critical security problems that should be quickly addressed.
For more information see:
https://rhn.redhat.com/errata/RHSA-2016-0045.html
RHEL5Di386kernel-xen-devel-2.6.18-408.el5kernel-xen-debuginfo-2.6.18-408.el5kernel-debuginfo-common-2.6.18-408.el5kernel-debug-2.6.18-408.el5kernel-devel-2.6.18-408.el5kernel-PAE-debuginfo-2.6.18-408.el5kernel-debug-devel-2.6.18-408.el5kernel-headers-2.6.18-408.el5kernel-xen-2.6.18-408.el5kernel-PAE-2.6.18-408.el5kernel-PAE-devel-2.6.18-408.el5kernel-debug-debuginfo-2.6.18-408.el5kernel-debuginfo-2.6.18-408.el5kernel-2.6.18-408.el5
noarchkernel-doc-2.6.18-408.el5
x86_64kernel-xen-2.6.18-408.el5kernel-debug-debuginfo-2.6.18-408.el5kernel-xen-devel-2.6.18-408.el5kernel-devel-2.6.18-408.el5kernel-debug-devel-2.6.18-408.el5kernel-xen-debuginfo-2.6.18-408.el5kernel-headers-2.6.18-408.el5kernel-2.6.18-408.el5kernel-debug-2.6.18-408.el5kernel-debuginfo-common-2.6.18-408.el5kernel-debuginfo-2.6.18-408.el5
RHEL5Snoarchkernel-doc-2.6.18-408.el5
x86_64kernel-xen-2.6.18-408.el5kernel-debug-debuginfo-2.6.18-408.el5kernel-xen-devel-2.6.18-408.el5kernel-devel-2.6.18-408.el5kernel-debug-devel-2.6.18-408.el5kernel-xen-debuginfo-2.6.18-408.el5kernel-headers-2.6.18-408.el5kernel-2.6.18-408.el5kernel-debug-2.6.18-408.el5kernel-debuginfo-common-2.6.18-408.el5kernel-debuginfo-2.6.18-408.el5
i386kernel-xen-devel-2.6.18-408.el5kernel-xen-debuginfo-2.6.18-408.el5kernel-debuginfo-common-2.6.18-408.el5kernel-debug-2.6.18-408.el5kernel-devel-2.6.18-408.el5
kernel-PAE-debuginfo-2.6.18-408.el5kernel-debug-devel-2.6.18-408.el5kernel-headers-2.6.18-408.el5kernel-xen-2.6.18-408.el5kernel-PAE-2.6.18-408.el5kernel-PAE-devel-2.6.18-408.el5kernel-debug-debuginfo-2.6.18-408.el5kernel-debuginfo-2.6.18-408.el5kernel-2.6.18-408.el5
144136 - SuSE Linux 13.1, 13.2 openSUSE-SU-2016:0138-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-6764, CVE-2015-8027
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0138-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00045.html
SuSE Linux 13.1i586nodejs-devel-4.2.4-9.1nodejs-4.2.4-9.1nodejs-debuginfo-4.2.4-9.1nodejs-debugsource-4.2.4-9.1
noarchnodejs-doc-4.2.4-9.1
x86_64nodejs-devel-4.2.4-9.1nodejs-4.2.4-9.1nodejs-debuginfo-4.2.4-9.1nodejs-debugsource-4.2.4-9.1
SuSE Linux 13.2i586nodejs-devel-4.2.4-9.1nodejs-4.2.4-9.1nodejs-debuginfo-4.2.4-9.1nodejs-debugsource-4.2.4-9.1
noarchnodejs-doc-4.2.4-9.1
x86_64nodejs-devel-4.2.4-9.1nodejs-4.2.4-9.1nodejs-debuginfo-4.2.4-9.1nodejs-debugsource-4.2.4-9.1
144141 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0121-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-4792, CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879, CVE-2015-4895, CVE-2015-4913
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0121-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001806.html
SuSE SLED 12x86_64mariadb-debugsource-10.0.22-20.3.1libmysqlclient18-10.0.22-20.3.1mariadb-errormessages-10.0.22-20.3.1mariadb-10.0.22-20.3.1mariadb-debuginfo-10.0.22-20.3.1libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1libmysqlclient_r18-10.0.22-20.3.1libmysqlclient18-32bit-10.0.22-20.3.1mariadb-client-10.0.22-20.3.1libmysqlclient18-debuginfo-10.0.22-20.3.1mariadb-client-debuginfo-10.0.22-20.3.1libmysqlclient_r18-32bit-10.0.22-20.3.1
SuSE SLES 12x86_64mariadb-debugsource-10.0.22-20.3.1libmysqlclient18-10.0.22-20.3.1mariadb-10.0.22-20.3.1mariadb-debuginfo-10.0.22-20.3.1mariadb-errormessages-10.0.22-20.3.1libmysqlclient18-32bit-10.0.22-20.3.1libmysqlclient18-debuginfo-32bit-10.0.22-20.3.1mariadb-client-10.0.22-20.3.1libmysqlclient18-debuginfo-10.0.22-20.3.1mariadb-client-debuginfo-10.0.22-20.3.1mariadb-tools-10.0.22-20.3.1mariadb-tools-debuginfo-10.0.22-20.3.1
144145 - SuSE Linux 13.1, 13.2 openSUSE-SU-2016:0125-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0125-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00035.html
SuSE Linux 13.1x86_64libebml4-debuginfo-32bit-1.3.3-3.3.1libebml4-32bit-1.3.3-3.3.1libebml4-1.3.3-3.3.1libebml4-debuginfo-1.3.3-3.3.1libmatroska-debugsource-1.4.4-2.3.1libmatroska-devel-1.4.4-2.3.1libebml-devel-1.3.3-3.3.1libmatroska6-1.4.4-2.3.1libmatroska6-debuginfo-1.4.4-2.3.1libmatroska6-debuginfo-32bit-1.4.4-2.3.1libmatroska6-32bit-1.4.4-2.3.1libebml-debugsource-1.3.3-3.3.1
i586libebml4-1.3.3-3.3.1libebml4-debuginfo-1.3.3-3.3.1libmatroska-debugsource-1.4.4-2.3.1libmatroska-devel-1.4.4-2.3.1libebml-devel-1.3.3-3.3.1libmatroska6-1.4.4-2.3.1libmatroska6-debuginfo-1.4.4-2.3.1libebml-debugsource-1.3.3-3.3.1
SuSE Linux 13.2x86_64libmatroska-debugsource-1.4.4-7.3.1libmatroska6-debuginfo-1.4.4-7.3.1libebml4-debuginfo-1.3.3-9.3.1libmatroska6-debuginfo-32bit-1.4.4-7.3.1libebml-devel-1.3.3-9.3.1libebml4-32bit-1.3.3-9.3.1libebml4-debuginfo-32bit-1.3.3-9.3.1libmatroska-devel-1.4.4-7.3.1libebml4-1.3.3-9.3.1libebml-debugsource-1.3.3-9.3.1libmatroska6-32bit-1.4.4-7.3.1libmatroska6-1.4.4-7.3.1
i586libmatroska-debugsource-1.4.4-7.3.1libmatroska6-debuginfo-1.4.4-7.3.1libebml4-debuginfo-1.3.3-9.3.1libebml-devel-1.3.3-9.3.1libmatroska-devel-1.4.4-7.3.1libebml4-1.3.3-9.3.1libebml-debugsource-1.3.3-9.3.1libmatroska6-1.4.4-7.3.1
144146 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0160-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes
Risk Level: High CVE: CVE-2015-7554
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0160-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001808.html
SuSE SLED 12x86_64libtiff5-32bit-4.0.6-19.1libtiff5-debuginfo-32bit-4.0.6-19.1tiff-debugsource-4.0.6-19.1libtiff5-debuginfo-4.0.6-19.1tiff-debuginfo-4.0.6-19.1libtiff5-4.0.6-19.1
SuSE SLES 12x86_64libtiff5-32bit-4.0.6-19.1libtiff5-debuginfo-32bit-4.0.6-19.1tiff-debugsource-4.0.6-19.1libtiff5-debuginfo-4.0.6-19.1tiff-debuginfo-4.0.6-19.1libtiff5-4.0.6-19.1tiff-4.0.6-19.1
144151 - SuSE Linux 13.1 openSUSE-SU-2016:0124-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-5307, CVE-2015-7311, CVE-2015-7504, CVE-2015-7549, CVE-2015-7970, CVE-2015-8104, CVE-2015-8339, CVE-2015-8340, CVE-2015-8341, CVE-2015-8345, CVE-2015-8504, CVE-2015-8550, CVE-2015-8554, CVE-2015-8555, CVE-2015-8558
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0124-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00034.html
SuSE Linux 13.1x86_64xen-4.3.4_10-53.1xen-xend-tools-debuginfo-4.3.4_10-53.1xen-devel-4.3.4_10-53.1xen-kmp-desktop-4.3.4_10_k3.11.10_29-53.1xen-doc-html-4.3.4_10-53.1xen-tools-domU-4.3.4_10-53.1
xen-libs-debuginfo-4.3.4_10-53.1xen-debugsource-4.3.4_10-53.1xen-xend-tools-4.3.4_10-53.1xen-kmp-desktop-debuginfo-4.3.4_10_k3.11.10_29-53.1xen-libs-4.3.4_10-53.1xen-libs-debuginfo-32bit-4.3.4_10-53.1xen-tools-debuginfo-4.3.4_10-53.1xen-kmp-default-debuginfo-4.3.4_10_k3.11.10_29-53.1xen-tools-4.3.4_10-53.1xen-kmp-default-4.3.4_10_k3.11.10_29-53.1xen-libs-32bit-4.3.4_10-53.1xen-tools-domU-debuginfo-4.3.4_10-53.1
i586xen-libs-4.3.4_10-53.1xen-kmp-desktop-4.3.4_10_k3.11.10_29-53.1xen-kmp-default-4.3.4_10_k3.11.10_29-53.1xen-libs-debuginfo-4.3.4_10-53.1xen-kmp-pae-4.3.4_10_k3.11.10_29-53.1xen-kmp-default-debuginfo-4.3.4_10_k3.11.10_29-53.1xen-kmp-pae-debuginfo-4.3.4_10_k3.11.10_29-53.1xen-tools-domU-4.3.4_10-53.1xen-tools-domU-debuginfo-4.3.4_10-53.1xen-kmp-desktop-debuginfo-4.3.4_10_k3.11.10_29-53.1xen-devel-4.3.4_10-53.1xen-debugsource-4.3.4_10-53.1
144153 - SuSE Linux 13.2 openSUSE-SU-2016:0123-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2015-5307, CVE-2015-7504, CVE-2015-7549, CVE-2015-8339, CVE-2015-8340, CVE-2015-8341, CVE-2015-8345, CVE-2015-8504, CVE-2015-8550, CVE-2015-8554, CVE-2015-8555, CVE-2015-8558, CVE-2015-8567, CVE-2015-8568
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0123-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00033.html
SuSE Linux 13.2x86_64xen-doc-html-4.4.3_08-36.1xen-libs-debuginfo-4.4.3_08-36.1xen-libs-32bit-4.4.3_08-36.1xen-kmp-default-debuginfo-4.4.3_08_k3.16.7_29-36.1xen-libs-debuginfo-32bit-4.4.3_08-36.1xen-kmp-desktop-debuginfo-4.4.3_08_k3.16.7_29-36.1xen-tools-domU-4.4.3_08-36.1xen-tools-domU-debuginfo-4.4.3_08-36.1xen-kmp-default-4.4.3_08_k3.16.7_29-36.1xen-tools-debuginfo-4.4.3_08-36.1xen-4.4.3_08-36.1xen-kmp-desktop-4.4.3_08_k3.16.7_29-36.1
xen-tools-4.4.3_08-36.1xen-libs-4.4.3_08-36.1xen-devel-4.4.3_08-36.1xen-debugsource-4.4.3_08-36.1
i586xen-tools-domU-debuginfo-4.4.3_08-36.1xen-debugsource-4.4.3_08-36.1xen-libs-4.4.3_08-36.1xen-tools-domU-4.4.3_08-36.1xen-devel-4.4.3_08-36.1xen-libs-debuginfo-4.4.3_08-36.1
160030 - CentOS 5 CESA-2016-0045 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2015-5364, CVE-2015-5366
DescriptionThe scan detected that the host is missing the following update:CESA-2016-0045
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.centos.org/pipermail/centos-announce/2016-January/021616.html
CentOS 5i386kernel-headers-2.6.18-408.el5
i686kernel-PAE-devel-2.6.18-408.el5kernel-2.6.18-408.el5kernel-debug-devel-2.6.18-408.el5kernel-xen-2.6.18-408.el5kernel-xen-devel-2.6.18-408.el5kernel-devel-2.6.18-408.el5kernel-debug-2.6.18-408.el5kernel-PAE-2.6.18-408.el5
noarchkernel-doc-2.6.18-408.el5
x86_64kernel-2.6.18-408.el5kernel-debug-devel-2.6.18-408.el5kernel-xen-2.6.18-408.el5kernel-xen-devel-2.6.18-408.el5kernel-devel-2.6.18-408.el5kernel-debug-2.6.18-408.el5kernel-headers-2.6.18-408.el5
174887 - Scientific Linux Security ERRATA Important: kernel on SL5.x i386/x86_64 (1601-8916)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes
Risk Level: High CVE: CVE-2015-5364, CVE-2015-5366
DescriptionThe scan detected that the host is missing the following update:Security ERRATA Important: kernel on SL5.x i386/x86_64 (1601-8916)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://listserv.fnal.gov/scripts/wa.exe?A2=ind1601&L=scientific-linux-errata&F=&S=&P=8916
SL5i386kernel-xen-devel-2.6.18-408.el5kernel-xen-debuginfo-2.6.18-408.el5kernel-debuginfo-common-2.6.18-408.el5kernel-debug-2.6.18-408.el5kernel-devel-2.6.18-408.el5kernel-PAE-debuginfo-2.6.18-408.el5kernel-debug-devel-2.6.18-408.el5kernel-headers-2.6.18-408.el5kernel-xen-2.6.18-408.el5kernel-PAE-2.6.18-408.el5kernel-PAE-devel-2.6.18-408.el5kernel-debug-debuginfo-2.6.18-408.el5kernel-debuginfo-2.6.18-408.el5kernel-2.6.18-408.el5
noarchkernel-doc-2.6.18-408.el5
x86_64kernel-xen-2.6.18-408.el5kernel-debug-debuginfo-2.6.18-408.el5kernel-xen-devel-2.6.18-408.el5kernel-devel-2.6.18-408.el5kernel-debug-devel-2.6.18-408.el5kernel-xen-debuginfo-2.6.18-408.el5kernel-headers-2.6.18-408.el5kernel-2.6.18-408.el5kernel-debug-2.6.18-408.el5kernel-debuginfo-common-2.6.18-408.el5kernel-debuginfo-2.6.18-408.el5
19521 - (HT205638) Apple QuickTime Multiple Vulnerabilities Prior To 7.7.9
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, CVE-2015-7117
DescriptionMultiple vulnerabilities are present in some versions of Apple QuickTime.
ObservationApple QuickTime is a media player.
Multiple vulnerabilities are present in some versions of Apple QuickTime. The flaws occur when handling a crafted movie file. Successful exploitation could allow an attacker to cause denial of service or to execute arbitrary code.
19522 - (VMSA-2016-0001) VMware Workstation Guest Privilege Escalation Vulnerability
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2015-6933
DescriptionA kernel memory corruption vulnerability is present in some versions of VMware Workstation.
ObservationVMware Workstation is a virtualization software.
A kernel memory corruption vulnerability is present in some versions of VMware Workstation. The flaw lies in VMware Tools "Shared Folders" (HGFS) feature. Successful exploitation could allow an escalation of privilege in the guest operating system.
19547 - WordPress Cross-Site Scripting Vulnerability Priro To 4.4.1
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium CVE: CVE-MAP-NOMATCH
DescriptionA vulnerability is present in some versions of WordPress.
ObservationWordPress is a popular blogging tool.
A vulnerability is present in some versions of WordPress. Successful exploitation could allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.
19552 - IBM DB2 Multiple Vulnerabilities Prior To 10.5 Fix Pack 7
Category: General Vulnerability Assessment -> NonIntrusive -> Miscellaneous Risk Level: Medium CVE: CVE-2015-0204, CVE-2015-1788, CVE-2015-1947, CVE-2015-2808, CVE-2015-4000
DescriptionMultiple vulnerabilities are present in some versions of IBM DB2.
ObservationIBM DB2 is a database software.
Multiple vulnerabilities are present in some versions of IBM DB2. The flaws lie in multiple components. Successful exploitation could allow an attacker to cause a denial of service, conduct plaintext-recovery or downgrade attacks, or obtain root privileges.
19558 - (SOL17518) F5 BIG-IP NTP Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2015-7871
DescriptionA denial of service vulnerability is present in NTP server in some versions of F5 BIG-IP systems.
ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.
A denial of service vulnerability is present in NTP server in some versions of F5 BIG-IP systems. The vulnerability allows unauthenticated remote attacker to bypass the symmetric association authentication, sending malicious crypto-NAK packets to the vulnerable NTP server. Successful exploitation can cause a denial of service condition or modification of the time being advertised by the NTP server.
19561 - (VMSA-2016-0001) VMware Fusion Guest Privilege Escalation Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2015-6933
DescriptionA privilege escalation vulnerability is present in some versions of VMware Fusion.
ObservationVMware Fusion is a popular virtualization platform.
A privilege escalation vulnerability is present in some versions of VMware Fusion. The flaw lies in the VMware Tools HGFS feature (aka "Shared Folders" feature) running on Windows-based guests. Successful exploitation could allow an attacker to escalate privileges or to cause a denial of service condition in the virtual machines of this product running Microsoft Windows OS.
19574 - Advantech WebAccess Multiple Vulnerabilities Prior To 8.1
Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS) Risk Level: Medium CVE: CVE-2015-3943, CVE-2015-3946, CVE-2015-3947, CVE-2015-3948, CVE-2015-6467, CVE-2016-0851, CVE-2016-0852, CVE-2016-0853, CVE-2016-0854, CVE-2016-0855, CVE-2016-0856, CVE-2016-0857, CVE-2016-0858, CVE-2016-0859, CVE-2016-0860
DescriptionMultiple vulnerabilities are present in some versions of Advantech WebAccess.
ObservationAdvantech WebAccess is a web-based HMI software application used in energy, manufacturing, and building automation systems.
Multiple vulnerabilities are present in some versions of Advantech WebAccess. The flaws exist in multiple components. Successful exploitation could allow a remote attacker to execute arbitrary code, disclose information, deny access to valid users and bypass security measures.
135116 - Oracle Solaris 11.3.4.5.0 Update Is Not Installed (CVE-2015-8370)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes
Risk Level: Medium CVE: CVE-2015-8370
DescriptionThe scan detected that the host is missing the following update:SRU 11.3.4.5.0
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135121 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2016-0418)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0418
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
144148 - SuSE SLES 12 SUSE-SU-2016:0114-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-2296
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0114-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001801.html
SuSE SLES 12noarchpython-requests-2.8.1-6.9.1
144149 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0173-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium
CVE: CVE-2014-8242, CVE-2014-9512
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0173-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001811.html
SuSE SLED 12x86_64rsync-debuginfo-3.1.0-6.1rsync-3.1.0-6.1rsync-debugsource-3.1.0-6.1
SuSE SLES 12x86_64rsync-debuginfo-3.1.0-6.1rsync-3.1.0-6.1rsync-debugsource-3.1.0-6.1
144152 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0168-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7550, CVE-2015-8539, CVE-2015-8543, CVE-2015-8550, CVE-2015-8551, CVE-2015-8552, CVE-2015-8569, CVE-2015-8575
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0168-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001810.html
SuSE SLED 12x86_64kernel-default-extra-3.12.51-52.34.1kernel-syms-3.12.51-52.34.1kernel-xen-devel-3.12.51-52.34.1kernel-default-devel-3.12.51-52.34.1kernel-default-extra-debuginfo-3.12.51-52.34.1kernel-xen-debugsource-3.12.51-52.34.1kernel-default-debugsource-3.12.51-52.34.1kernel-xen-3.12.51-52.34.1kernel-xen-debuginfo-3.12.51-52.34.1kernel-default-3.12.51-52.34.1kernel-default-debuginfo-3.12.51-52.34.1
noarchkernel-source-3.12.51-52.34.1
kernel-macros-3.12.51-52.34.1kernel-devel-3.12.51-52.34.1
SuSE SLES 12noarchkernel-source-3.12.51-52.34.1kernel-macros-3.12.51-52.34.1kernel-devel-3.12.51-52.34.1
x86_64kernel-xen-debugsource-3.12.51-52.34.1kernel-default-base-3.12.51-52.34.1kernel-default-devel-3.12.51-52.34.1kernel-xen-debuginfo-3.12.51-52.34.1kernel-default-3.12.51-52.34.1kernel-default-debuginfo-3.12.51-52.34.1kernel-xen-3.12.51-52.34.1kernel-default-debugsource-3.12.51-52.34.1kernel-syms-3.12.51-52.34.1kernel-xen-base-debuginfo-3.12.51-52.34.1kernel-default-base-debuginfo-3.12.51-52.34.1kernel-xen-devel-3.12.51-52.34.1kernel-xen-base-3.12.51-52.34.1
170614 - Amazon Linux AMI ALAS-2016-635 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5292
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-635
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-635.html
Amazon Linux AMIi686sssd-libwbclient-devel-1.13.0-40.6.amzn1sssd-ldap-1.13.0-40.6.amzn1sssd-dbus-1.13.0-40.6.amzn1python27-sss-1.13.0-40.6.amzn1libsss_nss_idmap-1.13.0-40.6.amzn1sssd-common-1.13.0-40.6.amzn1sssd-ad-1.13.0-40.6.amzn1sssd-proxy-1.13.0-40.6.amzn1python27-libipa_hbac-1.13.0-40.6.amzn1libsss_simpleifp-1.13.0-40.6.amzn1sssd-debuginfo-1.13.0-40.6.amzn1sssd-krb5-common-1.13.0-40.6.amzn1python27-sss-murmur-1.13.0-40.6.amzn1python27-libsss_nss_idmap-1.13.0-40.6.amzn1libsss_nss_idmap-devel-1.13.0-40.6.amzn1sssd-tools-1.13.0-40.6.amzn1
sssd-common-pac-1.13.0-40.6.amzn1libsss_idmap-devel-1.13.0-40.6.amzn1sssd-libwbclient-1.13.0-40.6.amzn1libipa_hbac-1.13.0-40.6.amzn1sssd-1.13.0-40.6.amzn1libipa_hbac-devel-1.13.0-40.6.amzn1libsss_idmap-1.13.0-40.6.amzn1sssd-ipa-1.13.0-40.6.amzn1libsss_simpleifp-devel-1.13.0-40.6.amzn1sssd-krb5-1.13.0-40.6.amzn1sssd-client-1.13.0-40.6.amzn1
noarchpython27-sssdconfig-1.13.0-40.6.amzn1
x86_64sssd-libwbclient-devel-1.13.0-40.6.amzn1sssd-ldap-1.13.0-40.6.amzn1sssd-dbus-1.13.0-40.6.amzn1python27-sss-1.13.0-40.6.amzn1sssd-common-1.13.0-40.6.amzn1sssd-ad-1.13.0-40.6.amzn1sssd-proxy-1.13.0-40.6.amzn1python27-libipa_hbac-1.13.0-40.6.amzn1libsss_simpleifp-1.13.0-40.6.amzn1sssd-debuginfo-1.13.0-40.6.amzn1sssd-krb5-common-1.13.0-40.6.amzn1libsss_nss_idmap-1.13.0-40.6.amzn1python27-libsss_nss_idmap-1.13.0-40.6.amzn1libsss_nss_idmap-devel-1.13.0-40.6.amzn1sssd-tools-1.13.0-40.6.amzn1sssd-common-pac-1.13.0-40.6.amzn1libsss_idmap-devel-1.13.0-40.6.amzn1sssd-libwbclient-1.13.0-40.6.amzn1libipa_hbac-1.13.0-40.6.amzn1sssd-1.13.0-40.6.amzn1libipa_hbac-devel-1.13.0-40.6.amzn1libsss_idmap-1.13.0-40.6.amzn1sssd-ipa-1.13.0-40.6.amzn1libsss_simpleifp-devel-1.13.0-40.6.amzn1sssd-krb5-1.13.0-40.6.amzn1sssd-client-1.13.0-40.6.amzn1python27-sss-murmur-1.13.0-40.6.amzn1
181774 - FreeBSD libarchive Multiple Vulnerabilities (7c63775e-be31-11e5-b5fe-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2013-0211, CVE-2015-2304
DescriptionThe scan detected that the host is missing the following update:libarchive -- multiple vulnerabilities (7c63775e-be31-11e5-b5fe-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/7c63775e-be31-11e5-b5fe-002590263bf5.html
Affected packages: libarchive < 3.1.2_5,1
19456 - (SOL86772626) F5 BIG-IP OpenSSL Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2015-3194
DescriptionA vulnerability is present in some versions of F5 BIG-IP products.
ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.
A vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in the OpenSSL component. Successful exploitation could allow an attacker to cause a denial of service condition.
19503 - (ESA-2015-179) EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2015-6852
DescriptionAn information disclosure vulnerability is present in some versions of EMC Secure Remote Services Virtual Edition.
ObservationEMC Secure Remote Services (ESRS) Virtual Edition is based on Linux OS for distributed remote service support solution.
An information disclosure vulnerability is present in some versions of EMC Secure Remote Services Virtual Edition. The flaw lies in the EMC SRS Virtual Edition API. Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information. Exploitation requires the malicious user to execute a directory traversal attack against the affected target.
19504 - (HPSBGN03526) HPE Helion Eucalyptus Unauthorized Modification Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2014-5040
DescriptionA vulnerability is present in some versions of HPE Helion Eucalyptus.
ObservationHPE Helion Eucalyptus is an open source tool designed to configure clouds compatible with Amazon Web Services API.
A vulnerability is present in some versions of HPE Helion Eucalyptus. The flaw is related with how this product handles user permissions. Successful exploitation could allow an attacker to bypass security access restrictions and to do unauthorized modifications in the affected system.
19520 - (HPSBUX03435) HP-UX Web Server Suite Apache Remote Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> HP-UX Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-2808, CVE-2015-3183, CVE-2015-4000
DescriptionMultiple vulnerabilities are present in some versions of HP-UX.
ObservationHP-UX is a Unix-like operating system.
Multiple vulnerabilities are present in some versions of HP-UX. The flaws lie in the Web Server component. Successful exploitation could allow an attacker to obtain sensitive information or cause denial of service.
19567 - (JSA10720) Juniper Junos J-web Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2016-1258
DescriptionA denial of service vulnerability is present in some versions of Juniper Junos.
ObservationJuniper Junos is an operating system used in Juniper devices.
A denial of service vulnerability is present in some versions of Juniper Junos. The flaw lies in J-Web component. Successful exploitation could allow an attacker to cause J-Web service crash.
19568 - (JSA10714) Juniper Junos IGMPv3 Multicast Denial of Service Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Medium CVE: CVE-2016-1256
DescriptionA denial of service vulnerability is present in some versions of Juniper Junos.
ObservationJuniper Junos is an operating system used in Juniper devices.
A denial of service vulnerability is present in some versions of Juniper Junos. The flaw occurs due to an improper IGMPv3 protocol message handling. Successful exploitation could allow an attacker to cause denial of service.
130360 - Debian Linux 7.0, 8.0 DSA-3447-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2014-7810
DescriptionThe scan detected that the host is missing the following update:DSA-3447-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3447
Debian 8.0alltomcat7_7.0.56-3+deb8u1
Debian 7.0alltomcat7_7.0.28-4+deb7u3
135120 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2016-0416)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0416
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
144142 - SuSE Linux 13.1, 13.2 openSUSE-SU-2016:0108-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-1494
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0108-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00032.html
SuSE Linux 13.1noarchpython-rsa-3.1.4-5.3.1
SuSE Linux 13.2noarchpython-rsa-3.1.4-2.3.1
170610 - Amazon Linux AMI ALAS-2016-641 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8704
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-641
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-641.html
Amazon Linux AMIx86_64bind-sdb-9.8.2-0.37.rc1.43.amzn1bind-chroot-9.8.2-0.37.rc1.43.amzn1bind-9.8.2-0.37.rc1.43.amzn1bind-devel-9.8.2-0.37.rc1.43.amzn1bind-debuginfo-9.8.2-0.37.rc1.43.amzn1bind-libs-9.8.2-0.37.rc1.43.amzn1bind-utils-9.8.2-0.37.rc1.43.amzn1
i686bind-debuginfo-9.8.2-0.37.rc1.43.amzn1bind-chroot-9.8.2-0.37.rc1.43.amzn1bind-9.8.2-0.37.rc1.43.amzn1bind-devel-9.8.2-0.37.rc1.43.amzn1bind-sdb-9.8.2-0.37.rc1.43.amzn1bind-libs-9.8.2-0.37.rc1.43.amzn1bind-utils-9.8.2-0.37.rc1.43.amzn1
170611 - Amazon Linux AMI ALAS-2016-642 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-642
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-642.html
Amazon Linux AMIi686kernel-debuginfo-common-i686-4.1.13-19.31.amzn1kernel-tools-4.1.13-19.31.amzn1kernel-debuginfo-4.1.13-19.31.amzn1
kernel-tools-debuginfo-4.1.13-19.31.amzn1perf-debuginfo-4.1.13-19.31.amzn1kernel-headers-4.1.13-19.31.amzn1kernel-devel-4.1.13-19.31.amzn1kernel-4.1.13-19.31.amzn1perf-4.1.13-19.31.amzn1kernel-tools-devel-4.1.13-19.31.amzn1
noarchkernel-doc-4.1.13-19.31.amzn1
x86_64kernel-devel-4.1.13-19.31.amzn1kernel-tools-4.1.13-19.31.amzn1kernel-debuginfo-4.1.13-19.31.amzn1kernel-tools-debuginfo-4.1.13-19.31.amzn1kernel-debuginfo-common-x86_64-4.1.13-19.31.amzn1perf-debuginfo-4.1.13-19.31.amzn1kernel-tools-devel-4.1.13-19.31.amzn1kernel-4.1.13-19.31.amzn1perf-4.1.13-19.31.amzn1kernel-headers-4.1.13-19.31.amzn1
170615 - Amazon Linux AMI ALAS-2016-637 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8605
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-637
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-637.html
Amazon Linux AMIx86_64dhcp-4.1.1-43.P1.22.amzn1dhcp-common-4.1.1-43.P1.22.amzn1dhcp-devel-4.1.1-43.P1.22.amzn1dhcp-debuginfo-4.1.1-43.P1.22.amzn1dhclient-4.1.1-43.P1.22.amzn1
i686dhcp-common-4.1.1-43.P1.22.amzn1dhcp-debuginfo-4.1.1-43.P1.22.amzn1dhcp-devel-4.1.1-43.P1.22.amzn1dhcp-4.1.1-43.P1.22.amzn1dhclient-4.1.1-43.P1.22.amzn1
170616 - Amazon Linux AMI ALAS-2016-636 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes
Risk Level: Medium CVE: CVE-2015-2704
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-636
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-636.html
Amazon Linux AMIi686realmd-0.16.1-5.5.amzn1realmd-debuginfo-0.16.1-5.5.amzn1
noarchrealmd-devel-docs-0.16.1-5.5.amzn1
x86_64realmd-0.16.1-5.5.amzn1realmd-debuginfo-0.16.1-5.5.amzn1
170617 - Amazon Linux AMI ALAS-2016-640 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-1903
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-640
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-640.html
Amazon Linux AMIx86_64php55-devel-5.5.31-1.111.amzn1php56-cli-5.6.17-1.120.amzn1php56-recode-5.6.17-1.120.amzn1php56-dbg-5.6.17-1.120.amzn1php56-mcrypt-5.6.17-1.120.amzn1php55-mysqlnd-5.5.31-1.111.amzn1php56-bcmath-5.6.17-1.120.amzn1php55-bcmath-5.5.31-1.111.amzn1php55-common-5.5.31-1.111.amzn1php56-ldap-5.6.17-1.120.amzn1php56-enchant-5.6.17-1.120.amzn1php56-opcache-5.6.17-1.120.amzn1php56-imap-5.6.17-1.120.amzn1php55-mcrypt-5.5.31-1.111.amzn1
php55-mssql-5.5.31-1.111.amzn1php56-devel-5.6.17-1.120.amzn1php55-enchant-5.5.31-1.111.amzn1php56-xml-5.6.17-1.120.amzn1php55-cli-5.5.31-1.111.amzn1php55-embedded-5.5.31-1.111.amzn1php55-gmp-5.5.31-1.111.amzn1php55-ldap-5.5.31-1.111.amzn1php56-snmp-5.6.17-1.120.amzn1php56-pspell-5.6.17-1.120.amzn1php56-gd-5.6.17-1.120.amzn1php56-soap-5.6.17-1.120.amzn1php55-xmlrpc-5.5.31-1.111.amzn1php56-pdo-5.6.17-1.120.amzn1php56-mbstring-5.6.17-1.120.amzn1php56-dba-5.6.17-1.120.amzn1php56-mysqlnd-5.6.17-1.120.amzn1php55-soap-5.5.31-1.111.amzn1php56-common-5.6.17-1.120.amzn1php56-gmp-5.6.17-1.120.amzn1php55-intl-5.5.31-1.111.amzn1php56-odbc-5.6.17-1.120.amzn1php55-dba-5.5.31-1.111.amzn1php55-pdo-5.5.31-1.111.amzn1php56-tidy-5.6.17-1.120.amzn1php55-imap-5.5.31-1.111.amzn1php55-opcache-5.5.31-1.111.amzn1php56-intl-5.6.17-1.120.amzn1php55-tidy-5.5.31-1.111.amzn1php56-fpm-5.6.17-1.120.amzn1php56-debuginfo-5.6.17-1.120.amzn1php55-5.5.31-1.111.amzn1php55-recode-5.5.31-1.111.amzn1php56-pgsql-5.6.17-1.120.amzn1php56-5.6.17-1.120.amzn1php55-fpm-5.5.31-1.111.amzn1php55-process-5.5.31-1.111.amzn1php55-odbc-5.5.31-1.111.amzn1php56-mssql-5.6.17-1.120.amzn1php55-snmp-5.5.31-1.111.amzn1php56-embedded-5.6.17-1.120.amzn1php56-process-5.6.17-1.120.amzn1php55-gd-5.5.31-1.111.amzn1php55-mbstring-5.5.31-1.111.amzn1php56-xmlrpc-5.6.17-1.120.amzn1php55-xml-5.5.31-1.111.amzn1php55-pgsql-5.5.31-1.111.amzn1php55-pspell-5.5.31-1.111.amzn1php55-debuginfo-5.5.31-1.111.amzn1
i686php55-mysqlnd-5.5.31-1.111.amzn1php55-devel-5.5.31-1.111.amzn1php56-cli-5.6.17-1.120.amzn1php56-recode-5.6.17-1.120.amzn1php55-recode-5.5.31-1.111.amzn1php56-dbg-5.6.17-1.120.amzn1php56-mcrypt-5.6.17-1.120.amzn1php56-snmp-5.6.17-1.120.amzn1php55-embedded-5.5.31-1.111.amzn1
php55-common-5.5.31-1.111.amzn1php56-ldap-5.6.17-1.120.amzn1php56-enchant-5.6.17-1.120.amzn1php55-tidy-5.5.31-1.111.amzn1php56-imap-5.6.17-1.120.amzn1php55-mcrypt-5.5.31-1.111.amzn1php55-mssql-5.5.31-1.111.amzn1php56-devel-5.6.17-1.120.amzn1php55-enchant-5.5.31-1.111.amzn1php56-xml-5.6.17-1.120.amzn1php55-cli-5.5.31-1.111.amzn1php56-gmp-5.6.17-1.120.amzn1php55-soap-5.5.31-1.111.amzn1php55-ldap-5.5.31-1.111.amzn1php55-gd-5.5.31-1.111.amzn1php55-intl-5.5.31-1.111.amzn1php56-pspell-5.6.17-1.120.amzn1php56-gd-5.6.17-1.120.amzn1php56-mbstring-5.6.17-1.120.amzn1php55-bcmath-5.5.31-1.111.amzn1php55-xmlrpc-5.5.31-1.111.amzn1php56-pdo-5.6.17-1.120.amzn1php55-mbstring-5.5.31-1.111.amzn1php56-dba-5.6.17-1.120.amzn1php56-mysqlnd-5.6.17-1.120.amzn1php55-imap-5.5.31-1.111.amzn1php56-common-5.6.17-1.120.amzn1php56-debuginfo-5.6.17-1.120.amzn1php55-fpm-5.5.31-1.111.amzn1php55-gmp-5.5.31-1.111.amzn1php55-dba-5.5.31-1.111.amzn1php55-pdo-5.5.31-1.111.amzn1php56-tidy-5.6.17-1.120.amzn1php56-bcmath-5.6.17-1.120.amzn1php55-opcache-5.5.31-1.111.amzn1php56-fpm-5.6.17-1.120.amzn1php55-5.5.31-1.111.amzn1php56-opcache-5.6.17-1.120.amzn1php56-pgsql-5.6.17-1.120.amzn1php56-soap-5.6.17-1.120.amzn1php56-5.6.17-1.120.amzn1php55-process-5.5.31-1.111.amzn1php55-odbc-5.5.31-1.111.amzn1php56-mssql-5.6.17-1.120.amzn1php55-snmp-5.5.31-1.111.amzn1php56-embedded-5.6.17-1.120.amzn1php56-process-5.6.17-1.120.amzn1php56-odbc-5.6.17-1.120.amzn1php56-intl-5.6.17-1.120.amzn1php56-xmlrpc-5.6.17-1.120.amzn1php55-xml-5.5.31-1.111.amzn1php55-pgsql-5.5.31-1.111.amzn1php55-pspell-5.5.31-1.111.amzn1php55-debuginfo-5.5.31-1.111.amzn1
170618 - Amazon Linux AMI ALAS-2016-634 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium
CVE: CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-634
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-634.html
Amazon Linux AMIi686samba-devel-4.2.3-11.28.amzn1libwbclient-4.2.3-11.28.amzn1samba-test-4.2.3-11.28.amzn1samba-4.2.3-11.28.amzn1ctdb-devel-4.2.3-11.28.amzn1libsmbclient-4.2.3-11.28.amzn1samba-test-libs-4.2.3-11.28.amzn1ctdb-tests-4.2.3-11.28.amzn1samba-common-tools-4.2.3-11.28.amzn1samba-common-libs-4.2.3-11.28.amzn1samba-test-devel-4.2.3-11.28.amzn1samba-winbind-modules-4.2.3-11.28.amzn1samba-winbind-clients-4.2.3-11.28.amzn1samba-winbind-krb5-locator-4.2.3-11.28.amzn1samba-libs-4.2.3-11.28.amzn1samba-client-4.2.3-11.28.amzn1ctdb-4.2.3-11.28.amzn1libsmbclient-devel-4.2.3-11.28.amzn1samba-python-4.2.3-11.28.amzn1samba-winbind-4.2.3-11.28.amzn1samba-client-libs-4.2.3-11.28.amzn1libwbclient-devel-4.2.3-11.28.amzn1samba-debuginfo-4.2.3-11.28.amzn1
noarchsamba-common-4.2.3-11.28.amzn1samba-pidl-4.2.3-11.28.amzn1
x86_64samba-devel-4.2.3-11.28.amzn1libwbclient-4.2.3-11.28.amzn1libsmbclient-devel-4.2.3-11.28.amzn1samba-4.2.3-11.28.amzn1samba-test-4.2.3-11.28.amzn1libsmbclient-4.2.3-11.28.amzn1samba-test-libs-4.2.3-11.28.amzn1ctdb-tests-4.2.3-11.28.amzn1samba-common-tools-4.2.3-11.28.amzn1samba-common-libs-4.2.3-11.28.amzn1samba-test-devel-4.2.3-11.28.amzn1samba-winbind-modules-4.2.3-11.28.amzn1samba-winbind-clients-4.2.3-11.28.amzn1samba-libs-4.2.3-11.28.amzn1samba-client-4.2.3-11.28.amzn1ctdb-4.2.3-11.28.amzn1
samba-winbind-krb5-locator-4.2.3-11.28.amzn1samba-python-4.2.3-11.28.amzn1libwbclient-devel-4.2.3-11.28.amzn1ctdb-devel-4.2.3-11.28.amzn1samba-client-libs-4.2.3-11.28.amzn1samba-winbind-4.2.3-11.28.amzn1samba-debuginfo-4.2.3-11.28.amzn1
170619 - Amazon Linux AMI ALAS-2016-633 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-3223, CVE-2015-5330
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-633
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-633.html
Amazon Linux AMIx86_64pyldb-1.1.20-1.7.amzn1pyldb-devel-1.1.20-1.7.amzn1libldb-devel-1.1.20-1.7.amzn1libldb-debuginfo-1.1.20-1.7.amzn1libldb-1.1.20-1.7.amzn1ldb-tools-1.1.20-1.7.amzn1
i686pyldb-1.1.20-1.7.amzn1pyldb-devel-1.1.20-1.7.amzn1libldb-devel-1.1.20-1.7.amzn1ldb-tools-1.1.20-1.7.amzn1libldb-1.1.20-1.7.amzn1libldb-debuginfo-1.1.20-1.7.amzn1
185133 - Ubuntu Linux 12.04, 14.04, 15.04, 15.10 USN-2875-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7499, CVE-2015-8710
DescriptionThe scan detected that the host is missing the following update:USN-2875-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003272.html
Ubuntu 12.04
libxml2_2.7.8.dfsg-5.1ubuntu4.14
Ubuntu 15.04
libxml2_2.9.2+dfsg1-3ubuntu0.3
Ubuntu 15.10
libxml2_2.9.2+zdfsg1-4ubuntu0.3
Ubuntu 14.04
libxml2_2.9.1+dfsg1-3ubuntu4.7
19455 - (SOL55540723) F5 BIG-IP OpenSSL Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2015-3196
DescriptionA vulnerability is present in some versions of F5 BIG-IP products.
ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.
A vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in the OpenSSL component. Successful exploitation could allow an attacker to cause a denial of service condition.
19483 - (SOL17525) F5 BIG-IP NTP Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2015-7853
DescriptionA buffer overflow vulnerability is present in some versions of F5 BIG-IP products.
ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.
A buffer overflow vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in the ntpd component. Successful exploitation could allow an attacker to possibly cause a denial of service condition or to remotely execute arbitrary code.
88732 - Slackware Linux 13.0, 13.1, 13.37, 14.0, 14.1 SSA:2016-014-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
Description
The scan detected that the host is missing the following update:SSA:2016-014-01
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.677958
Slackware 14.0x86_64openssh-7.1p2-x86_64-1
Slackware 13.0x86_64openssh-7.1p2-x86_64-1
Slackware 13.1x86_64openssh-7.1p2-x86_64-1
Slackware 14.1x86_64openssh-7.1p2-x86_64-1
Slackware 13.37x86_64openssh-7.1p2-x86_64-1
96027 - Oracle Enterprise Linux ELSA-2016-0043 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:ELSA-2016-0043
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://oss.oracle.com/pipermail/el-errata/2016-January/005689.html
OEL7x86_64openssh-server-sysvinit-6.6.1p1-23.el7_2openssh-ldap-6.6.1p1-23.el7_2pam_ssh_agent_auth-0.9.3-9.23.el7_2openssh-askpass-6.6.1p1-23.el7_2openssh-server-6.6.1p1-23.el7_2openssh-6.6.1p1-23.el7_2openssh-keycat-6.6.1p1-23.el7_2openssh-clients-6.6.1p1-23.el7_2
130366 - Debian Linux 7.0, 8.0 DSA-3446-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:DSA-3446-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3446
Debian 8.0allopenssh-client_1:6.7p1-5+deb8u1ssh-krb5_1:6.7p1-5+deb8u1openssh-client-udeb_1:6.7p1-5+deb8u1ssh_1:6.7p1-5+deb8u1openssh-server_1:6.7p1-5+deb8u1openssh-server-udeb_1:6.7p1-5+deb8u1ssh-askpass-gnome_1:6.7p1-5+deb8u1openssh-sftp-server_1:6.7p1-5+deb8u1
Debian 7.0allopenssh-server-udeb_1:6.0p1-4+deb7u3ssh-krb5_1:6.0p1-4+deb7u3openssh-client_1:6.0p1-4+deb7u3openssh-server_1:6.0p1-4+deb7u3openssh-client-udeb_1:6.0p1-4+deb7u3ssh-askpass-gnome_1:6.0p1-4+deb7u3ssh_1:6.0p1-4+deb7u3
135122 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2016-0419)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0419
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135124 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2016-0428)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium
CVE: CVE-2016-0428
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135127 - Oracle Solaris 11.3.3.6.0 Update Is Not Installed (CVE-2016-0458)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0458
DescriptionThe scan detected that the host is missing the following update:SRU 11.3.3.6.0
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135129 - Oracle Solaris 11.3.3.6.0 Update Is Not Installed (CVE-2016-0535)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0535
DescriptionThe scan detected that the host is missing the following update:SRU 11.3.3.6.0
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
141061 - Red Hat Enterprise Linux RHSA-2016-0043 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:RHSA-2016-0043
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://rhn.redhat.com/errata/RHSA-2016-0043.html
RHEL7Dx86_64openssh-server-sysvinit-6.6.1p1-23.el7_2openssh-ldap-6.6.1p1-23.el7_2pam_ssh_agent_auth-0.9.3-9.23.el7_2openssh-debuginfo-6.6.1p1-23.el7_2openssh-askpass-6.6.1p1-23.el7_2openssh-server-6.6.1p1-23.el7_2openssh-6.6.1p1-23.el7_2openssh-keycat-6.6.1p1-23.el7_2openssh-clients-6.6.1p1-23.el7_2
RHEL7Sppc64openssh-server-sysvinit-6.6.1p1-23.el7_2openssh-ldap-6.6.1p1-23.el7_2pam_ssh_agent_auth-0.9.3-9.23.el7_2openssh-debuginfo-6.6.1p1-23.el7_2openssh-askpass-6.6.1p1-23.el7_2openssh-server-6.6.1p1-23.el7_2openssh-6.6.1p1-23.el7_2openssh-keycat-6.6.1p1-23.el7_2openssh-clients-6.6.1p1-23.el7_2
RHEL7WSx86_64openssh-server-sysvinit-6.6.1p1-23.el7_2openssh-ldap-6.6.1p1-23.el7_2pam_ssh_agent_auth-0.9.3-9.23.el7_2openssh-debuginfo-6.6.1p1-23.el7_2openssh-askpass-6.6.1p1-23.el7_2openssh-server-6.6.1p1-23.el7_2openssh-6.6.1p1-23.el7_2openssh-keycat-6.6.1p1-23.el7_2openssh-clients-6.6.1p1-23.el7_2
141062 - Red Hat Enterprise Linux RHSA-2016-0046 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-5307, CVE-2015-8104
DescriptionThe scan detected that the host is missing the following update:RHSA-2016-0046
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://rhn.redhat.com/errata/RHSA-2016-0046.html
RHEL6_2Sx86_64python-perf-2.6.32-220.65.1.el6kernel-debug-2.6.32-220.65.1.el6python-perf-debuginfo-2.6.32-220.65.1.el6kernel-debug-devel-2.6.32-220.65.1.el6kernel-debuginfo-common-x86_64-2.6.32-220.65.1.el6perf-2.6.32-220.65.1.el6kernel-devel-2.6.32-220.65.1.el6kernel-headers-2.6.32-220.65.1.el6kernel-2.6.32-220.65.1.el6perf-debuginfo-2.6.32-220.65.1.el6kernel-debug-debuginfo-2.6.32-220.65.1.el6kernel-debuginfo-2.6.32-220.65.1.el6
noarchkernel-firmware-2.6.32-220.65.1.el6kernel-doc-2.6.32-220.65.1.el6
144138 - SuSE Linux 11.4 openSUSE-SU-2016:0144-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0144-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00047.html
SuSE Linux 11.4x86_64openssh-debuginfo-5.8p1-11.1openssh-askpass-gnome-debuginfo-5.8p1-11.1openssh-debugsource-5.8p1-11.1openssh-5.8p1-11.1openssh-askpass-debuginfo-5.8p1-11.1openssh-askpass-5.8p1-11.1openssh-askpass-gnome-5.8p1-11.1
i586openssh-debuginfo-5.8p1-11.1openssh-askpass-gnome-debuginfo-5.8p1-11.1openssh-debugsource-5.8p1-11.1openssh-5.8p1-11.1openssh-askpass-debuginfo-5.8p1-11.1openssh-askpass-5.8p1-11.1openssh-askpass-gnome-5.8p1-11.1
144139 - SuSE Linux 13.2 openSUSE-SU-2016:0127-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes
Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0127-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00037.html
SuSE Linux 13.2x86_64openssh-debugsource-6.6p1-5.3.1openssh-helpers-debuginfo-6.6p1-5.3.1openssh-askpass-gnome-debuginfo-6.6p1-5.3.1openssh-helpers-6.6p1-5.3.1openssh-askpass-gnome-6.6p1-5.3.1openssh-debuginfo-6.6p1-5.3.1openssh-6.6p1-5.3.1openssh-fips-6.6p1-5.3.1
i586openssh-debugsource-6.6p1-5.3.1openssh-helpers-debuginfo-6.6p1-5.3.1openssh-askpass-gnome-debuginfo-6.6p1-5.3.1openssh-helpers-6.6p1-5.3.1openssh-askpass-gnome-6.6p1-5.3.1openssh-debuginfo-6.6p1-5.3.1openssh-6.6p1-5.3.1openssh-fips-6.6p1-5.3.1
144140 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0118-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0118-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001803.html
SuSE SLED 12x86_64openssh-helpers-debuginfo-6.6p1-33.1openssh-6.6p1-33.1openssh-debuginfo-6.6p1-33.1openssh-helpers-6.6p1-33.1
openssh-askpass-gnome-debuginfo-6.6p1-33.1openssh-askpass-gnome-6.6p1-33.1openssh-debugsource-6.6p1-33.1
SuSE SLES 12x86_64openssh-helpers-debuginfo-6.6p1-33.1openssh-6.6p1-33.1openssh-debuginfo-6.6p1-33.1openssh-helpers-6.6p1-33.1openssh-askpass-gnome-debuginfo-6.6p1-33.1openssh-askpass-gnome-6.6p1-33.1openssh-debugsource-6.6p1-33.1openssh-fips-6.6p1-33.1
144143 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0109-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7830, CVE-2015-8711, CVE-2015-8712, CVE-2015-8713, CVE-2015-8714, CVE-2015-8715, CVE-2015-8716, CVE-2015-8717, CVE-2015-8718, CVE-2015-8719, CVE-2015-8720, CVE-2015-8721, CVE-2015-8722, CVE-2015-8723, CVE-2015-8724, CVE-2015-8725, CVE-2015-8726, CVE-2015-8727, CVE-2015-8728, CVE-2015-8729, CVE-2015-8730, CVE-2015-8731, CVE-2015-8732, CVE-2015-8733
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2016:0109-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001797.html
SuSE SLED 12x86_64wireshark-debuginfo-1.12.9-22.1wireshark-1.12.9-22.1wireshark-debugsource-1.12.9-22.1
SuSE SLES 12x86_64wireshark-debuginfo-1.12.9-22.1wireshark-1.12.9-22.1wireshark-debugsource-1.12.9-22.1
144144 - SuSE Linux 13.2 openSUSE-SU-2016:0161-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0161-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html
SuSE Linux 13.2x86_64libpolarssl7-debuginfo-1.3.9-14.1polarssl-devel-1.3.9-14.1libpolarssl7-1.3.9-14.1
i586libpolarssl7-debuginfo-1.3.9-14.1polarssl-devel-1.3.9-14.1libpolarssl7-1.3.9-14.1
144150 - SuSE Linux 13.1 openSUSE-SU-2016:0145-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2016:0145-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.opensuse.org/opensuse-updates/2016-01/msg00048.html
SuSE Linux 13.1x86_64openssh-debugsource-6.2p2-3.7.1openssh-askpass-gnome-6.2p2-3.7.1openssh-6.2p2-3.7.1openssh-askpass-gnome-debuginfo-6.2p2-3.7.1openssh-debuginfo-6.2p2-3.7.1
i586openssh-debugsource-6.2p2-3.7.1openssh-askpass-gnome-6.2p2-3.7.1openssh-6.2p2-3.7.1openssh-askpass-gnome-debuginfo-6.2p2-3.7.1openssh-debuginfo-6.2p2-3.7.1
144154 - SuSE SLES 12, SLED 12 SUSE-SU-2016:0149-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
DescriptionThe scan detected that the host is missing the following update:
SUSE-SU-2016:0149-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2016-January/001807.html
SuSE SLED 12x86_64libsoftokn3-debuginfo-32bit-3.19.2.2-32.1libfreebl3-32bit-3.19.2.2-32.1libfreebl3-3.19.2.2-32.1mozilla-nss-certs-3.19.2.2-32.1libsoftokn3-3.19.2.2-32.1mozilla-nss-32bit-3.19.2.2-32.1mozilla-nss-debugsource-3.19.2.2-32.1mozilla-nss-debuginfo-32bit-3.19.2.2-32.1libfreebl3-debuginfo-32bit-3.19.2.2-32.1mozilla-nss-sysinit-3.19.2.2-32.1mozilla-nss-3.19.2.2-32.1mozilla-nss-certs-debuginfo-3.19.2.2-32.1mozilla-nss-certs-debuginfo-32bit-3.19.2.2-32.1mozilla-nss-tools-debuginfo-3.19.2.2-32.1mozilla-nss-sysinit-debuginfo-3.19.2.2-32.1mozilla-nss-sysinit-32bit-3.19.2.2-32.1libsoftokn3-32bit-3.19.2.2-32.1mozilla-nss-certs-32bit-3.19.2.2-32.1mozilla-nss-sysinit-debuginfo-32bit-3.19.2.2-32.1mozilla-nss-debuginfo-3.19.2.2-32.1libfreebl3-debuginfo-3.19.2.2-32.1mozilla-nss-tools-3.19.2.2-32.1libsoftokn3-debuginfo-3.19.2.2-32.1
SuSE SLES 12x86_64libsoftokn3-hmac-32bit-3.19.2.2-32.1mozilla-nss-certs-debuginfo-3.19.2.2-32.1libfreebl3-3.19.2.2-32.1libfreebl3-hmac-32bit-3.19.2.2-32.1libfreebl3-debuginfo-32bit-3.19.2.2-32.1libsoftokn3-debuginfo-32bit-3.19.2.2-32.1mozilla-nss-3.19.2.2-32.1mozilla-nss-tools-debuginfo-3.19.2.2-32.1mozilla-nss-certs-debuginfo-32bit-3.19.2.2-32.1libsoftokn3-32bit-3.19.2.2-32.1mozilla-nss-sysinit-3.19.2.2-32.1libfreebl3-debuginfo-3.19.2.2-32.1mozilla-nss-certs-3.19.2.2-32.1mozilla-nss-debugsource-3.19.2.2-32.1mozilla-nss-sysinit-debuginfo-3.19.2.2-32.1libsoftokn3-3.19.2.2-32.1libfreebl3-hmac-3.19.2.2-32.1libsoftokn3-debuginfo-3.19.2.2-32.1mozilla-nss-debuginfo-32bit-3.19.2.2-32.1libfreebl3-32bit-3.19.2.2-32.1mozilla-nss-debuginfo-3.19.2.2-32.1mozilla-nss-sysinit-debuginfo-32bit-3.19.2.2-32.1mozilla-nss-tools-3.19.2.2-32.1mozilla-nss-32bit-3.19.2.2-32.1
libsoftokn3-hmac-3.19.2.2-32.1mozilla-nss-sysinit-32bit-3.19.2.2-32.1mozilla-nss-certs-32bit-3.19.2.2-32.1
160029 - CentOS 7 CESA-2016-0043 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:CESA-2016-0043
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.centos.org/pipermail/centos-announce/2016-January/021614.html
CentOS 7x86_64openssh-server-sysvinit-6.6.1p1-23.el7_2openssh-ldap-6.6.1p1-23.el7_2pam_ssh_agent_auth-0.9.3-9.23.el7_2openssh-askpass-6.6.1p1-23.el7_2openssh-server-6.6.1p1-23.el7_2openssh-6.6.1p1-23.el7_2openssh-keycat-6.6.1p1-23.el7_2openssh-clients-6.6.1p1-23.el7_2
i686pam_ssh_agent_auth-0.9.3-9.23.el7_2
170613 - Amazon Linux AMI ALAS-2016-638 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-638
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-638.html
Amazon Linux AMIx86_64openssh-keycat-6.6.1p1-23.59.amzn1openssh-debuginfo-6.6.1p1-23.59.amzn1openssh-6.6.1p1-23.59.amzn1openssh-server-6.6.1p1-23.59.amzn1
openssh-ldap-6.6.1p1-23.59.amzn1pam_ssh_agent_auth-0.9.3-9.23.59.amzn1openssh-clients-6.6.1p1-23.59.amzn1
i686openssh-server-6.6.1p1-23.59.amzn1openssh-debuginfo-6.6.1p1-23.59.amzn1openssh-clients-6.6.1p1-23.59.amzn1openssh-ldap-6.6.1p1-23.59.amzn1pam_ssh_agent_auth-0.9.3-9.23.59.amzn1openssh-keycat-6.6.1p1-23.59.amzn1openssh-6.6.1p1-23.59.amzn1
174888 - Scientific Linux Security ERRATA Moderate: openssh on SL7.x x86_64 (1601-7514)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:Security ERRATA Moderate: openssh on SL7.x x86_64 (1601-7514)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://listserv.fnal.gov/scripts/wa.exe?A2=ind1601&L=scientific-linux-errata&F=&S=&P=7514
SL7x86_64openssh-server-sysvinit-6.6.1p1-23.el7_2openssh-ldap-6.6.1p1-23.el7_2pam_ssh_agent_auth-0.9.3-9.23.el7_2openssh-debuginfo-6.6.1p1-23.el7_2openssh-askpass-6.6.1p1-23.el7_2openssh-server-6.6.1p1-23.el7_2openssh-6.6.1p1-23.el7_2openssh-keycat-6.6.1p1-23.el7_2openssh-clients-6.6.1p1-23.el7_2
178147 - Gentoo Linux GLSA-201601-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:GLSA-201601-01
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201601-01
Affected packages: net-misc/openssh < 7.1_p2
181771 - FreeBSD ffmpeg Remote Attacker Can Access Local Files (046fedd1-bd01-11e5-bbf4-5404a68ad561)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-1897, CVE-2016-1898
DescriptionThe scan detected that the host is missing the following update:ffmpeg -- remote attacker can access local files (046fedd1-bd01-11e5-bbf4-5404a68ad561)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/046fedd1-bd01-11e5-bbf4-5404a68ad561.html
Affected packages: 2.0,1 < ffmpeg < 2.8.5,1mplayer < 1.2.r20151219_2mencoder < 1.2.r20151219_2
181775 - FreeBSD openssh Information Disclosure (dfe0cdc1-baf2-11e5-863a-b499baebfeaf)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:openssh -- information disclosure (dfe0cdc1-baf2-11e5-863a-b499baebfeaf)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/dfe0cdc1-baf2-11e5-863a-b499baebfeaf.html
Affected packages: 5.4.p0,1 < openssh-portable < 7.1.p2,1
185132 - Ubuntu Linux 12.04, 14.04, 15.04, 15.10 USN-2869-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-0778
DescriptionThe scan detected that the host is missing the following update:USN-2869-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003262.html
Ubuntu 12.04
openssh-client_5.9p1-5ubuntu1.8
Ubuntu 15.04
openssh-client_6.7p1-5ubuntu1.4
Ubuntu 15.10
openssh-client_6.9p1-2ubuntu0.1
Ubuntu 14.04
openssh-client_6.6p1-2ubuntu2.4
190202 - Fedora Linux 23 FEDORA-2016-67c6ef0d4f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-67c6ef0d4f
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html
Fedora Core 23
openssh-7.1p2-1.fc23
190214 - Fedora Linux 22 FEDORA-2016-c330264861 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Medium CVE: CVE-2016-0777, CVE-2016-1907
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-c330264861
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html
Fedora Core 22
openssh-6.9p1-10.fc22
19572 - Cisco Adaptive Security Appliance Non DCERPC Traffic Bypass Vulnerability
Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: Low CVE: CVE-2015-6423
DescriptionA security bypass vulnerability is present in some versions of Cisco ASA 5500 series devices.
ObservationCisco Adaptive Security Appliance is a word-class line of network security devices.
A security bypass vulnerability is present in some versions of Cisco ASA 5500 series devices. The flaw lies in the Distributed Computing Environment/Remote Procedure Calls Inspection feature (DCERPC). Successful exploitation could allow an attacker to bypass security access restrictions.
33326 - Oracle Solaris 152260-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0535
DescriptionThe scan detected that the host is missing the following update:152260-01
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://getupdates.oracle.com/readme/152260-01
SunOS 5.10: libnsl patch
SOLARIS_10
SUNWcslr:11.10.0,REV=2005.01.21.15.53
33327 - Oracle Solaris 152261-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0535
DescriptionThe scan detected that the host is missing the following update:152261-01
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://getupdates.oracle.com/readme/152261-01
SunOS 5.10(x86): libnsl patch
SOLARIS_10_x86
SUNWcslr:11.10.0,REV=2005.01.21.16.34
88733 - Slackware Linux 13.0, 13.1, 13.37, 14.0, 14.1 SSA:2016-012-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8605
DescriptionThe scan detected that the host is missing the following update:SSA:2016-012-01
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.494213
Slackware 14.0x86_64dhcp-4.3.3_P1-x86_64-1
Slackware 13.0x86_64dhcp-4.3.3_P1-x86_64-1
Slackware 13.1x86_64dhcp-4.3.3_P1-x86_64-1
Slackware 14.1x86_64dhcp-4.3.3_P1-x86_64-1
Slackware 13.37x86_64dhcp-4.3.3_P1-x86_64-1
130361 - Debian Linux 7.0, 8.0 DSA-3443-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8472, CVE-2015-8540
DescriptionThe scan detected that the host is missing the following update:
DSA-3443-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3443
Debian 8.0alllibpng12-0_1.2.50-2+deb8u2libpng12-dev_1.2.50-2+deb8u2libpng12-0-udeb_1.2.50-2+deb8u2libpng3_1.2.50-2+deb8u2
Debian 7.0alllibpng12-0_1.2.49-1+deb7u2libpng12-dev_1.2.49-1+deb7u2libpng3_1.2.49-1+deb7u2libpng12-0-udeb_1.2.49-1+deb7u2
130362 - Debian Linux 8.0 DSA-3448-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2013-4312, CVE-2015-7566, CVE-2015-8767, CVE-2016-0723, CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:DSA-3448-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3448
Debian 8.0allext4-modules-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u3sata-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u3crypto-modules-3.16.0-4-loongson-2e-di_3.16.7-ckt20-1+deb8u3isofs-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u3kernel-image-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u3jfs-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u3usb-serial-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u3crypto-dm-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u3event-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u3sound-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u3uinput-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u3kernel-image-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u3ipv6-modules-3.16.0-4-orion5x-di_3.16.7-ckt20-1+deb8u3firewire-core-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u3crc-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u3pata-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u3usb-storage-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u3
pata-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u3kernel-image-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u3efi-modules-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u3linux-image-3.16.0-4-sb1-bcm91250a_3.16.7-ckt20-1+deb8u3nbd-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u3serial-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u3squashfs-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u3nic-shared-modules-3.16.0-4-r4k-ip22-di_3.16.7-ckt20-1+deb8u3usb-storage-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u3linux-compiler-gcc-4.8-s390_3.16.7-ckt20-1+deb8u3nbd-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u3nic-shared-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u3isofs-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u3ata-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u3ext4-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u3usb-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u3nic-shared-modules-3.16.0-4-r5k-ip32-di_3.16.7-ckt20-1+deb8u3cdrom-core-modules-3.16.0-4-loongson-2e-di_3.16.7-ckt20-1+deb8u3multipath-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u3linux-headers-3.16.0-4-all_3.16.7-ckt20-1+deb8u3fat-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u3cdrom-core-modules-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u3sata-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u3crypto-dm-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u3core-modules-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u3udf-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u3ntfs-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u3crypto-dm-modules-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u3fat-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u3nic-modules-3.16.0-4-s390x-di_3.16.7-ckt20-1+deb8u3usb-storage-modules-3.16.0-4-orion5x-di_3.16.7-ckt20-1+deb8u3input-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u3md-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u3uinput-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u3core-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u3rtc-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u3scsi-core-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u3nic-usb-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u3btrfs-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u3linux-doc-3.16_3.16.7-ckt20-1+deb8u3mouse-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u3linux-headers-3.16.0-4-all-arm64_3.16.7-ckt20-1+deb8u3event-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u3linux-image-3.16.0-4-586_3.16.7-ckt20-1+deb8u3squashfs-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u3virtio-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u3core-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u3udf-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u3crc-modules-3.16.0-4-r5k-ip32-di_3.16.7-ckt20-1+deb8u3usb-serial-modules-3.16.0-4-loongson-2e-di_3.16.7-ckt20-1+deb8u3scsi-core-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u3fuse-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u3cdrom-core-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u3crypto-dm-modules-3.16.0-4-orion5x-di_3.16.7-ckt20-1+deb8u3usb-storage-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u3loop-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u3core-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u3acpi-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u3crc-modules-3.16.0-4-powerpc64le-di_3.16.7-ckt20-1+deb8u3event-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u3
scsi-common-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u3multipath-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u3usb-storage-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u3crc-modules-3.16.0-4-r4k-ip22-di_3.16.7-ckt20-1+deb8u3linux-headers-3.16.0-4-r4k-ip22_3.16.7-ckt20-1+deb8u3ata-modules-3.16.0-4-arm64-di_3.16.7-ckt20-1+deb8u3btrfs-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u3xfs-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u3sata-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u3fat-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u3multipath-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u3udf-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u3ata-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u3squashfs-modules-3.16.0-4-r4k-ip22-di_3.16.7-ckt20-1+deb8u3scsi-core-modules-3.16.0-4-s390x-di_3.16.7-ckt20-1+deb8u3crypto-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u3serial-modules-3.16.0-4-powerpc-di_3.16.7-ckt20-1+deb8u3nic-modules-3.16.0-4-octeon-di_3.16.7-ckt20-1+deb8u3usb-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u3multipath-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u3linux-headers-3.16.0-4-all-i386_3.16.7-ckt20-1+deb8u3jfs-modules-3.16.0-4-loongson-2e-di_3.16.7-ckt20-1+deb8u3scsi-core-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u3hyperv-modules-3.16.0-4-amd64-di_3.16.7-ckt20-1+deb8u3nbd-modules-3.16.0-4-r4k-ip22-di_3.16.7-ckt20-1+deb8u3linux-image-3.16.0-4-686-pae_3.16.7-ckt20-1+deb8u3i2c-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u3ppp-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u3minix-modules-3.16.0-4-orion5x-di_3.16.7-ckt20-1+deb8u3crypto-dm-modules-3.16.0-4-586-di_3.16.7-ckt20-1+deb8u3hfs-modules-3.16.0-4-4kc-malta-di_3.16.7-ckt20-1+deb8u3dasd-extra-modules-3.16.0-4-s390x-di_3.16.7-ckt20-1+deb8u3pata-modules-3.16.0-4-686-pae-di_3.16.7-ckt20-1+deb8u3sata-modules-3.16.0-4-loongson-3-di_3.16.7-ckt20-1+deb8u3nic-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u3nic-wireless-modules-3.16.0-4-loongson-2e-di_3.16.7-ckt20-1+deb8u3jfs-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u3speakup-modules-3.16.0-4-loongson-2f-di_3.16.7-ckt20-1+deb8u3mmc-modules-3.16.0-4-armmp-di_3.16.7-ckt20-1+deb8u3cdrom-core-modules-3.16.0-4-versatile-di_3.16.7-ckt20-1+deb8u3hypervisor-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u3rtc-modules-3.16.0-4-sb1-bcm91250a-di_3.16.7-ckt20-1+deb8u3pcmcia-modules-3.16.0-4-powerpc64-di_3.16.7-ckt20-1+deb8u3mmc-modules-3.16.0-4-kirkwood-di_3.16.7-ckt20-1+deb8u3
130363 - Debian Linux 7.0, 8.0 DSA-3444-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2016-1564
DescriptionThe scan detected that the host is missing the following update:DSA-3444-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3444
Debian 8.0allwordpress_4.1+dfsg-1+deb8u7
Debian 7.0allwordpress_3.6.1+dfsg-1~deb7u9
130364 - Debian Linux 7.0, 8.0 DSA-3449-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8704
DescriptionThe scan detected that the host is missing the following update:DSA-3449-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3449
Debian 8.0allbind9_1:9.9.5.dfsg-9+deb8u5
Debian 7.0allbind9_1:9.8.4.dfsg.P1-6+nmu2+deb7u9
130367 - Debian Linux 7.0, 8.0 DSA-3442-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8605
DescriptionThe scan detected that the host is missing the following update:DSA-3442-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2016/dsa-3442
Debian 8.0allisc-dhcp-relay-dbg_4.3.1-6+deb8u2isc-dhcp-client-dbg_4.3.1-6+deb8u2isc-dhcp-common_4.3.1-6+deb8u2
isc-dhcp-server-ldap_4.3.1-6+deb8u2isc-dhcp-server-dbg_4.3.1-6+deb8u2isc-dhcp-dev_4.3.1-6+deb8u2isc-dhcp-client-udeb_4.3.1-6+deb8u2isc-dhcp-relay_4.3.1-6+deb8u2isc-dhcp-client_4.3.1-6+deb8u2isc-dhcp-dbg_4.3.1-6+deb8u2isc-dhcp-server_4.3.1-6+deb8u2
Debian 7.0allisc-dhcp-server-ldap_4.2.2.dfsg.1-5+deb70u8isc-dhcp-client_4.2.2.dfsg.1-5+deb70u8isc-dhcp-relay-dbg_4.2.2.dfsg.1-5+deb70u8isc-dhcp-common_4.2.2.dfsg.1-5+deb70u8isc-dhcp-client-udeb_4.2.2.dfsg.1-5+deb70u8isc-dhcp-relay_4.2.2.dfsg.1-5+deb70u8isc-dhcp-dev_4.2.2.dfsg.1-5+deb70u8isc-dhcp-client-dbg_4.2.2.dfsg.1-5+deb70u8isc-dhcp-server_4.2.2.dfsg.1-5+deb70u8isc-dhcp-server-dbg_4.2.2.dfsg.1-5+deb70u8
135118 - Oracle Solaris 11.3.3.6.0 Update Is Not Installed (CVE-2016-0406)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0406
DescriptionThe scan detected that the host is missing the following update:SRU 11.3.3.6.0
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135123 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2016-0426)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0426
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135128 - Oracle Solaris 11.3.3.6.0 Update Is Not Installed (CVE-2016-0493)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0493
DescriptionThe scan detected that the host is missing the following update:SRU 11.3.3.6.0
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
170609 - Amazon Linux AMI ALAS-2016-632 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7551
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-632
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-632.html
Amazon Linux AMIi686ruby22-debuginfo-2.2.4-1.8.amzn1ruby20-debuginfo-2.0.0.648-1.29.amzn1ruby21-2.1.8-1.19.amzn1rubygem21-psych-2.0.5-1.19.amzn1ruby20-devel-2.0.0.648-1.29.amzn1rubygem21-bigdecimal-1.2.4-1.19.amzn1ruby19-1.9.3.551-32.70.amzn1ruby19-doc-1.9.3.551-32.70.amzn1rubygem20-io-console-0.4.2-1.29.amzn1ruby19-devel-1.9.3.551-32.70.amzn1rubygem19-io-console-0.3-32.70.amzn1rubygem22-io-console-0.4.3-1.8.amzn1rubygem20-psych-2.0.0-1.29.amzn1rubygem22-bigdecimal-1.2.6-1.8.amzn1rubygem21-io-console-0.4.3-1.19.amzn1ruby21-libs-2.1.8-1.19.amzn1ruby21-debuginfo-2.1.8-1.19.amzn1ruby20-libs-2.0.0.648-1.29.amzn1ruby19-libs-1.9.3.551-32.70.amzn1ruby22-libs-2.2.4-1.8.amzn1rubygem19-json-1.5.5-32.70.amzn1rubygem22-psych-2.0.8-1.8.amzn1ruby19-debuginfo-1.9.3.551-32.70.amzn1ruby21-devel-2.1.8-1.19.amzn1
ruby20-2.0.0.648-1.29.amzn1rubygem20-bigdecimal-1.2.0-1.29.amzn1ruby22-2.2.4-1.8.amzn1ruby22-devel-2.2.4-1.8.amzn1rubygem19-bigdecimal-1.1.0-32.70.amzn1
noarchrubygem19-rdoc-3.9.5-32.70.amzn1ruby22-irb-2.2.4-1.8.amzn1rubygems21-2.2.5-1.19.amzn1ruby21-doc-2.1.8-1.19.amzn1ruby20-irb-2.0.0.648-1.29.amzn1rubygems20-2.0.14.1-1.29.amzn1rubygem19-rake-0.9.2.2-32.70.amzn1rubygems20-devel-2.0.14.1-1.29.amzn1ruby19-irb-1.9.3.551-32.70.amzn1ruby20-doc-2.0.0.648-1.29.amzn1rubygems22-devel-2.4.5.1-1.8.amzn1rubygems21-devel-2.2.5-1.19.amzn1rubygems19-1.8.23.2-32.70.amzn1rubygems22-2.4.5.1-1.8.amzn1ruby21-irb-2.1.8-1.19.amzn1ruby22-doc-2.2.4-1.8.amzn1rubygems19-devel-1.8.23.2-32.70.amzn1rubygem19-minitest-2.5.1-32.70.amzn1
x86_64ruby22-debuginfo-2.2.4-1.8.amzn1ruby20-debuginfo-2.0.0.648-1.29.amzn1ruby21-2.1.8-1.19.amzn1rubygem21-psych-2.0.5-1.19.amzn1ruby20-devel-2.0.0.648-1.29.amzn1rubygem21-bigdecimal-1.2.4-1.19.amzn1ruby19-1.9.3.551-32.70.amzn1ruby19-doc-1.9.3.551-32.70.amzn1ruby22-devel-2.2.4-1.8.amzn1rubygem20-io-console-0.4.2-1.29.amzn1ruby19-devel-1.9.3.551-32.70.amzn1rubygem19-io-console-0.3-32.70.amzn1rubygem22-io-console-0.4.3-1.8.amzn1rubygem22-bigdecimal-1.2.6-1.8.amzn1rubygem21-io-console-0.4.3-1.19.amzn1ruby21-libs-2.1.8-1.19.amzn1ruby21-debuginfo-2.1.8-1.19.amzn1ruby20-libs-2.0.0.648-1.29.amzn1ruby19-libs-1.9.3.551-32.70.amzn1ruby22-libs-2.2.4-1.8.amzn1rubygem19-json-1.5.5-32.70.amzn1rubygem22-psych-2.0.8-1.8.amzn1ruby19-debuginfo-1.9.3.551-32.70.amzn1ruby21-devel-2.1.8-1.19.amzn1ruby20-2.0.0.648-1.29.amzn1rubygem20-psych-2.0.0-1.29.amzn1ruby22-2.2.4-1.8.amzn1rubygem20-bigdecimal-1.2.0-1.29.amzn1rubygem19-bigdecimal-1.1.0-32.70.amzn1
181772 - FreeBSD h2o Directory Traversal Vulnerability (6c808811-bb9a-11e5-a65c-485d605f4717)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes
Risk Level: Low CVE: CVE-2016-1133
DescriptionThe scan detected that the host is missing the following update:h2o -- directory traversal vulnerability (6c808811-bb9a-11e5-a65c-485d605f4717)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/6c808811-bb9a-11e5-a65c-485d605f4717.html
Affected packages: h2o < 1.6.2
181773 - FreeBSD isc-dhcpd Denial Of Service (05eeb7e9-b987-11e5-83ef-14dae9d210b8)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8605
DescriptionThe scan detected that the host is missing the following update:isc-dhcpd -- Denial of Service (05eeb7e9-b987-11e5-83ef-14dae9d210b8)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/05eeb7e9-b987-11e5-83ef-14dae9d210b8.html
Affected packages: isc-dhcp41-server < 4.1.e_10,2isc-dhcp41-client < 4.1.e_3,2isc-dhcp41-relay < 4.1.e_6,2isc-dhcp43-client < 4.3.3.p1isc-dhcp43-server < 4.3.3.p1isc-dhcp43-relay < 4.3.3.p1
181776 - FreeBSD claws-mail No Bounds Checking On The Output Buffer In Conv_jistoeuc, Conv_euctojis, Conv_sjistoeuc (51358314-bec8-11e5-8
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8614
DescriptionThe scan detected that the host is missing the following update:claws-mail -- no bounds checking on the output buffer in conv_jistoeuc, conv_euctojis, conv_sjistoeuc (51358314-bec8-11e5-82cd-bcaec524bf84)
ObservationUpdates often remediate critical security problems that should be quickly addressed.
For more information see:
http://www.vuxml.org/freebsd/51358314-bec8-11e5-82cd-bcaec524bf84.html
Affected packages: claws-mail < 3.13.2
181777 - FreeBSD kibana4 XSS Vulnerability (a7a4e96c-ba50-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:kibana4 -- XSS vulnerability (a7a4e96c-ba50-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/a7a4e96c-ba50-11e5-9728-002590263bf5.html
Affected packages: kibana4 < 4.1.4kibana41 < 4.1.4kibana42 < 4.2.2kibana43 < 4.3.1
181778 - FreeBSD go Information Disclosure Vulnerability (6809c6db-bdeb-11e5-b5fe-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8618
DescriptionThe scan detected that the host is missing the following update:go -- information disclosure vulnerability (6809c6db-bdeb-11e5-b5fe-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/6809c6db-bdeb-11e5-b5fe-002590263bf5.html
Affected packages: 1.5,1 <= go < 1.5.3,1
181779 - FreeBSD prosody Multiple Vulnerabilities (842cd117-ba54-11e5-9728-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-2016-1231, CVE-2016-1232
DescriptionThe scan detected that the host is missing the following update:prosody -- multiple vulnerabilities (842cd117-ba54-11e5-9728-002590263bf5)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/842cd117-ba54-11e5-9728-002590263bf5.html
Affected packages: prosody < 0.9.9
185123 - Ubuntu Linux 12.04 USN-2870-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:USN-2870-2
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003270.html
Ubuntu 12.04
linux-image-3.13.0-76-generic_3.13.0-76.120~precise1linux-image-3.13.0-76-generic-lpae_3.13.0-76.120~precise1
185125 - Ubuntu Linux 15.10 USN-2872-3 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:USN-2872-3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003269.html
Ubuntu 15.10
linux-image-4.2.0-1020-raspi2_4.2.0-1020.27
185126 - Ubuntu Linux 14.04 USN-2870-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:USN-2870-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003263.html
Ubuntu 14.04
linux-image-3.13.0-76-powerpc-e500mc_3.13.0-76.120linux-image-3.13.0-76-generic-lpae_3.13.0-76.120linux-image-3.13.0-76-generic_3.13.0-76.120linux-image-3.13.0-76-powerpc-smp_3.13.0-76.120linux-image-3.13.0-76-powerpc-e500_3.13.0-76.120linux-image-3.13.0-76-powerpc64-smp_3.13.0-76.120linux-image-3.13.0-76-powerpc64-emb_3.13.0-76.120linux-image-3.13.0-76-lowlatency_3.13.0-76.120
185127 - Ubuntu Linux 15.10 USN-2872-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:USN-2872-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003265.html
Ubuntu 15.10
linux-image-4.2.0-25-generic_4.2.0-25.30linux-image-4.2.0-25-lowlatency_4.2.0-25.30linux-image-4.2.0-25-powerpc-smp_4.2.0-25.30linux-image-4.2.0-25-generic-lpae_4.2.0-25.30linux-image-4.2.0-25-powerpc64-smp_4.2.0-25.30linux-image-4.2.0-25-powerpc-e500mc_4.2.0-25.30linux-image-4.2.0-25-powerpc64-emb_4.2.0-25.30
185128 - Ubuntu Linux 14.04 USN-2872-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes
Risk Level: Low CVE: CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:USN-2872-2
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003268.html
Ubuntu 14.04
linux-image-4.2.0-25-lowlatency_4.2.0-25.30~14.04.1linux-image-4.2.0-25-powerpc-e500mc_4.2.0-25.30~14.04.1linux-image-4.2.0-25-generic_4.2.0-25.30~14.04.1linux-image-4.2.0-25-powerpc-smp_4.2.0-25.30~14.04.1linux-image-4.2.0-25-powerpc64-smp_4.2.0-25.30~14.04.1linux-image-4.2.0-25-generic-lpae_4.2.0-25.30~14.04.1linux-image-4.2.0-25-powerpc64-emb_4.2.0-25.30~14.04.1
185129 - Ubuntu Linux 14.04 USN-2871-2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:USN-2871-2
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003267.html
Ubuntu 14.04
linux-image-3.19.0-47-generic-lpae_3.19.0-47.53~14.04.1linux-image-3.19.0-47-powerpc64-smp_3.19.0-47.53~14.04.1linux-image-3.19.0-47-powerpc-e500mc_3.19.0-47.53~14.04.1linux-image-3.19.0-47-lowlatency_3.19.0-47.53~14.04.1linux-image-3.19.0-47-powerpc-smp_3.19.0-47.53~14.04.1linux-image-3.19.0-47-powerpc64-emb_3.19.0-47.53~14.04.1linux-image-3.19.0-47-generic_3.19.0-47.53~14.04.1
185130 - Ubuntu Linux 15.04 USN-2871-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:USN-2871-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003264.html
Ubuntu 15.04
linux-image-3.19.0-47-generic_3.19.0-47.53linux-image-3.19.0-47-generic-lpae_3.19.0-47.53linux-image-3.19.0-47-lowlatency_3.19.0-47.53linux-image-3.19.0-47-powerpc64-emb_3.19.0-47.53linux-image-3.19.0-47-powerpc64-smp_3.19.0-47.53linux-image-3.19.0-47-powerpc-e500mc_3.19.0-47.53linux-image-3.19.0-47-powerpc-smp_3.19.0-47.53
185131 - Ubuntu Linux 14.04 USN-2873-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0728
DescriptionThe scan detected that the host is missing the following update:USN-2873-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003266.html
Ubuntu 14.04
linux-image-3.16.0-59-lowlatency_3.16.0-59.79~14.04.1linux-image-3.16.0-59-powerpc-smp_3.16.0-59.79~14.04.1linux-image-3.16.0-59-generic-lpae_3.16.0-59.79~14.04.1linux-image-3.16.0-59-powerpc64-emb_3.16.0-59.79~14.04.1linux-image-3.16.0-59-powerpc-e500mc_3.16.0-59.79~14.04.1linux-image-3.16.0-59-generic_3.16.0-59.79~14.04.1linux-image-3.16.0-59-powerpc64-smp_3.16.0-59.79~14.04.1
185134 - Ubuntu Linux 12.04, 14.04, 15.04, 15.10 USN-2868-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8605
DescriptionThe scan detected that the host is missing the following update:USN-2868-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003259.html
Ubuntu 12.04
isc-dhcp-client_4.1.ESV-R4-0ubuntu5.10isc-dhcp-server_4.1.ESV-R4-0ubuntu5.10isc-dhcp-server-ldap_4.1.ESV-R4-0ubuntu5.10isc-dhcp-relay_4.1.ESV-R4-0ubuntu5.10
Ubuntu 15.04
isc-dhcp-server_4.3.1-5ubuntu2.3isc-dhcp-server-ldap_4.3.1-5ubuntu2.3isc-dhcp-relay_4.3.1-5ubuntu2.3isc-dhcp-client_4.3.1-5ubuntu2.3
Ubuntu 15.10
isc-dhcp-client_4.3.1-5ubuntu3.1isc-dhcp-relay_4.3.1-5ubuntu3.1isc-dhcp-server_4.3.1-5ubuntu3.1isc-dhcp-server-ldap_4.3.1-5ubuntu3.1
Ubuntu 14.04
isc-dhcp-server-ldap_4.2.4-7ubuntu12.4isc-dhcp-server_4.2.4-7ubuntu12.4isc-dhcp-client_4.2.4-7ubuntu12.4isc-dhcp-relay_4.2.4-7ubuntu12.4
185135 - Ubuntu Linux 12.04, 14.04, 15.04, 15.10 USN-2874-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8704
DescriptionThe scan detected that the host is missing the following update:USN-2874-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/003271.html
Ubuntu 12.04
bind9_9.8.1.dfsg.P1-4ubuntu0.15
Ubuntu 15.04
bind9_9.9.5.dfsg-9ubuntu0.5
Ubuntu 15.10
bind9_9.9.5.dfsg-11ubuntu1.2
Ubuntu 14.04
bind9_9.9.5.dfsg-3ubuntu0.7
190193 - Fedora Linux 22 FEDORA-2016-8f950932c1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-8f950932c1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175779.html
Fedora Core 22
libxmp-4.3.10-1.fc22
190194 - Fedora Linux 22 FEDORA-2016-5207e0c1a1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-5207e0c1a1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175617.html
Fedora Core 22
php-5.6.17-1.fc22
190195 - Fedora Linux 23 FEDORA-2016-3509d27585 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-3509d27585
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175499.html
Fedora Core 23
nodejs-ws-1.0.1-1.fc23
190196 - Fedora Linux 23 FEDORA-2016-f048c43393 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8747, CVE-2015-8748
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-f048c43393
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175738.html
Fedora Core 23
radicale-1.1.1-1.fc23
190197 - Fedora Linux 23 FEDORA-2016-c82e5c322c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8688
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-c82e5c322c
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175503.html
Fedora Core 23
gajim-0.16.5-1.fc23
190198 - Fedora Linux 23 FEDORA-2016-558167a417 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-558167a417
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175601.html
Fedora Core 23
php-5.6.17-1.fc23
190199 - Fedora Linux 23 FEDORA-2016-902a2b18d8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-902a2b18d8
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175443.html
Fedora Core 23
shotwell-0.23.0-0.1.20160105gitf2fb1f7.fc23
190200 - Fedora Linux 23 FEDORA-2016-0c5bb21bf1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8605
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-0c5bb21bf1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175594.html
Fedora Core 23
dhcp-4.3.3-8.P1.fc23
190201 - Fedora Linux 23 FEDORA-2015-12739 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-5159
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-12739
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175591.html
Fedora Core 23
python-kdcproxy-0.3.2-1.fc23
190203 - Fedora Linux 23 FEDORA-2016-21f5261525 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-21f5261525
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175602.html
Fedora Core 23
wordpress-4.4.1-1.fc23
190204 - Fedora Linux 22 FEDORA-2016-191ff70357 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:
FEDORA-2016-191ff70357
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175466.html
Fedora Core 22
shotwell-0.23.0-0.1.20160105gitf2fb1f7.fc22
190205 - Fedora Linux 22 FEDORA-2016-4c8956da04 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-4c8956da04
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175616.html
Fedora Core 22
wordpress-4.4.1-1.fc22
190206 - Fedora Linux 23 FEDORA-2015-66439aa9e2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2015-66439aa9e2
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175584.html
Fedora Core 23
openstack-glance-2015.1.2-1.fc23
190207 - Fedora Linux 22 FEDORA-2016-cbb76d0e3a Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes
Risk Level: Low CVE: CVE-2015-0855
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-cbb76d0e3a
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175475.html
Fedora Core 22
pitivi-0.94-5.fc22
190208 - Fedora Linux 22 FEDORA-2016-2ac04ea72f Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-2ac04ea72f
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175694.html
Fedora Core 22
wireshark-1.12.9-1.fc22
190209 - Fedora Linux 22 FEDORA-2016-a6f02951a2 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-a6f02951a2
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175523.html
Fedora Core 22
nodejs-ws-1.0.1-1.fc22
190210 - Fedora Linux 22 FEDORA-2016-11cca392ff Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-11cca392ff
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175762.html
Fedora Core 22
mbedtls-1.3.16-1.fc22
190211 - Fedora Linux 22 FEDORA-2016-cf9e2429b5 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8747, CVE-2015-8748
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-cf9e2429b5
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175776.html
Fedora Core 22
radicale-1.1.1-1.fc22
190212 - Fedora Linux 23 FEDORA-2016-b3784096ef Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-b3784096ef
Observation
Updates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175716.html
Fedora Core 23
mbedtls-2.2.1-1.fc23
190213 - Fedora Linux 22 FEDORA-2016-51195e6b92 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-51195e6b92
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175476.html
Fedora Core 22
openvpn-2.3.10-1.fc22
190215 - Fedora Linux 23 FEDORA-2016-69e506e02d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8607
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-69e506e02d
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175494.html
Fedora Core 23
perl-PathTools-3.60-2.fc23
190216 - Fedora Linux 23 FEDORA-2016-64c69ec297 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-64c69ec297
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175739.html
Fedora Core 23
libxmp-4.3.10-1.fc23
190217 - Fedora Linux 22 FEDORA-2016-838200213e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8688
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-838200213e
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175526.html
Fedora Core 22
gajim-0.16.5-1.fc22
190218 - Fedora Linux 23 FEDORA-2016-105b3b8804 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-1838, CVE-2015-1839
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-105b3b8804
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html
Fedora Core 23
salt-2015.5.8-1.fc23
190219 - Fedora Linux 22 FEDORA-2016-890e612f52 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-7549, CVE-2015-8558, CVE-2015-8666, CVE-2015-8744, CVE-2015-8745
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-890e612f52
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175760.html
Fedora Core 22
qemu-2.3.1-10.fc22
190220 - Fedora Linux 23 FEDORA-2016-5a073cbd93 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: Low CVE: CVE-2015-8618
DescriptionThe scan detected that the host is missing the following update:FEDORA-2016-5a073cbd93
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175642.html
Fedora Core 23
golang-1.5.3-1.fc23
135114 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2015-4920)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2015-4920
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135115 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2015-4922)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2015-4922
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
170612 - Amazon Linux AMI ALAS-2016-639 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Low CVE: CVE-2015-1345
DescriptionThe scan detected that the host is missing the following update:ALAS-2016-639
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2016-639.html
Amazon Linux AMIx86_64grep-debuginfo-2.20-1.16.amzn1grep-2.20-1.16.amzn1
i686grep-debuginfo-2.20-1.16.amzn1grep-2.20-1.16.amzn1
135125 - Oracle Solaris 11.3 Update Is Not Installed (CVE-2016-0431)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0431
DescriptionThe scan detected that the host is missing the following update:SRU 11.3
Observation
Updates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
135130 - Oracle Solaris 11.3.4.5.0 Update Is Not Installed (CVE-2016-0618)
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-2016-0618
DescriptionThe scan detected that the host is missing the following update:SRU 11.3.4.5.0
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2091648.1&_adf.ctrl-state=qldn3xhrz_4&_afrLoop=348336903209252
19492 - (SOL90230486) F5 BIG-IP Linux Kernel Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Informational CVE: CVE-2015-7613
DescriptionA vulnerability is present in some versions of F5 BIG-IP products.
ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.
A vulnerability is present in some versions of F5 BIG-IP products. The flaw lies in the Linux kernel. Successful exploitation could allow an attacker to escalate privileges. The attacker needs local shell access in order to trigger this vulnerability.
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on a vulnerability and anything else that improves upon an existing FSL check.
190177 - Fedora Linux 22 FEDORA-2016-8e13ac5754 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2015-8659
Update DetailsRisk is updated
190190 - Fedora Linux 23 FEDORA-2016-54f85ec6e8 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes
Risk Level: High CVE: CVE-2015-8659
Update DetailsRisk is updated
18102 - Cisco IOS Software Common Industrial Protocol Multiple Vulnerabilities
Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2015-0647, CVE-2015-0648, CVE-2015-0649
Update DetailsRecommendation is updated
18524 - (SOL16715) F5 BIG-IP Multiple libTIFF Vulnerabilities
Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2013-1960, CVE-2013-1961, CVE-2013-4231, CVE-2013-4232, CVE-2013-4243, CVE-2013-4244
Update DetailsFASLScript is updated
19180 - (HT205375) Apple OS X Multiple Vulnerabilities
Category: SSH Module -> NonIntrusive -> Mac OS X Patches and Hotfixes Risk Level: High CVE: CVE-2012-6151, CVE-2014-3565, CVE-2015-0235, CVE-2015-0273, CVE-2015-5924, CVE-2015-5925, CVE-2015-5926, CVE-2015-5927, CVE-2015-5932, CVE-2015-5933, CVE-2015-5934, CVE-2015-5935, CVE-2015-5936, CVE-2015-5937, CVE-2015-5938, CVE-2015-5939, CVE-2015-5940, CVE-2015-5942, CVE-2015-5943, CVE-2015-5944, CVE-2015-5945, CVE-2015-6563, CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838, CVE-2015-6974, CVE-2015-6975, CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6980, CVE-2015-6983, CVE-2015-6984, CVE-2015-6985, CVE-2015-6987, CVE-2015-6988, CVE-2015-6989, CVE-2015-6990, CVE-2015-6991, CVE-2015-6992, CVE-2015-6993, CVE-2015-6994, CVE-2015-6995, CVE-2015-6996, CVE-2015-7003, CVE-2015-7006, CVE-2015-7007, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, CVE-2015-7015, CVE-2015-7016, CVE-2015-7017, CVE-2015-7018, CVE-2015-7019, CVE-2015-7020, CVE-2015-7021, CVE-2015-7023, CVE-2015-7024, CVE-2015-7035
Update DetailsCVE is updated
19506 - (MS16-002) Microsoft Edge Scripting Engine Memory Corruption Remote Code Execution (3124904)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2016-0024
Update DetailsRecommendation is updated
33312 - Oracle Solaris 152078-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33313 - Oracle Solaris 152076-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33314 - Oracle Solaris 152079-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33315 - Oracle Solaris 152077-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2008-2086, CVE-2009-3910
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
19163 - (SOL17378) F5 BIG-IP SNMP Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2015-5621
Update DetailsDocumentation is updated
85996 - CentOS 7 CESA-2015-1943 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2015-1779
Update Details
Risk is updated
91917 - Oracle Enterprise Linux ELSA-2015-1943 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2015-1779
Update DetailsRisk is updated
93615 - Mandriva Linux MBS1, MBS2 MDVSA-2015-210 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Mandriva Patches and Hotfixes Risk Level: High CVE: CVE-2015-1779
Update DetailsRisk is updated
140956 - Red Hat Enterprise Linux RHSA-2015-1943 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2015-1779
Update DetailsRisk is updated
174773 - Scientific Linux Security ERRATA Moderate: qemu-kvm on SL7.x x86_64 (1510-6479)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: High CVE: CVE-2015-1779
Update DetailsRisk is updated
189157 - Fedora Linux 22 FEDORA-2015-5541 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2015-1779
Update DetailsRisk is updated
19487 - Joomla! SQL Injection Vulnerability (20151207)
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server Risk Level: Medium
CVE: CVE-2015-8769
Update DetailsCVE is updated
18726 - (SOL16907) F5 BIG-IP Apache HTTPD Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2011-3607
Update DetailsFASLScript is updated
19012 - (SOL16728) F5 BIG-IP iCall Privilege Escalation Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Medium CVE: CVE-2015-3628
Update DetailsFASLScript is updated
170601 - Amazon Linux AMI ALAS-2015-631 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-8000
Update DetailsFASLScript is updated
91991 - Oracle Enterprise Linux ELSA-2016-0012 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
91992 - Oracle Enterprise Linux ELSA-2016-0007 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
91996 - Oracle Enterprise Linux ELSA-2016-0008 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
130354 - Debian Linux 7.0 DSA-3436-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
130356 - Debian Linux 7.0 DSA-3437-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
141056 - Red Hat Enterprise Linux RHSA-2016-0012 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
141058 - Red Hat Enterprise Linux RHSA-2016-0007 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
141059 - Red Hat Enterprise Linux RHSA-2016-0008 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update Details
Risk is updated
144119 - SuSE Linux 13.1, 13.2 openSUSE-SU-2015:2405-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
144128 - SuSE Linux 13.1, 13.2 openSUSE-SU-2016:0007-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
160023 - CentOS 6, 7 CESA-2016-0007 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
160025 - CentOS 6, 7 CESA-2016-0012 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
160026 - CentOS 6, 7 CESA-2016-0008 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
174878 - Scientific Linux Security ERRATA Moderate: openssl on SL6.x, SL7.x i386/x86_64 (1601-1160)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium
CVE: CVE-2015-7575
Update DetailsRisk is updated
174879 - Scientific Linux Security ERRATA Moderate: gnutls on SL6.x, SL7.x i386/x86_64 (1601-2989)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
174881 - Scientific Linux Security ERRATA Moderate: nss on SL6.x, SL7.x i386/x86_64 (1601-832)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
181736 - FreeBSD NSS MD5 Downgrade In TLS 1.2 Signatures (10f7bc76-0335-4a88-b391-0b05b3a8ce1c)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
185115 - Ubuntu Linux 12.04, 14.04, 15.04 USN-2865-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
185117 - Ubuntu Linux 12.04, 14.04, 15.04, 15.10 USN-2866-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
185121 - Ubuntu Linux 12.04, 14.04, 15.04, 15.10 USN-2864-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
185122 - Ubuntu Linux 12.04 USN-2863-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and Hotfixes Risk Level: Medium CVE: CVE-2015-7575
Update DetailsRisk is updated
32884 - Oracle Solaris 147694-95 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
32885 - Oracle Solaris 147692-95 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
32886 - Oracle Solaris 147695-95 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33190 - Oracle Solaris 147693-95 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update Details
Name is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33270 - Oracle Solaris 151009-71 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33271 - Oracle Solaris 151010-71 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
181570 - FreeBSD OpenSSH PAM Vulnerabilities (2920c449-4850-11e5-825f-c80aa9043978)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: Low CVE: CVE-MAP-NOMATCH
Update DetailsFASLScript is updated
19160 - (SOL17462) F5 BIG-IP Linux Kernel Vulnerability
Category: SSH Module -> NonIntrusive -> F5 Risk Level: Low CVE: CVE-2015-2830
Update DetailsDocumentation is updated
HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we strongly urge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download any critical updates but will wait for your explicit authorization before installing.
FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting "FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerability scripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability category and checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts will be automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT
ServicePortal: https://mysupport.mcafee.comMulti-National Phone Support available here:
http://www.mcafee.com/us/about/contact/index.htmlNon-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Copyright 2016 McAfee, Inc.McAfee is a registered trademark of McAfee, Inc. and/or its affiliates