View
220
Download
0
Category
Preview:
Citation preview
2017-JUN-08FSL version 7.5.932
MCAFEE FOUNDSTONE FSL UPDATE
To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is adetailed summary of the new and updated checks included with this release.
NEW CHECKS
21861 - Trend Micro ServerProtect Multiple Vulnerabilities
Category: SSH Module -> NonIntrusive -> SSH MiscellaneousRisk Level: HighCVE: CVE-2017-9032, CVE-2017-9033, CVE-2017-9034, CVE-2017-9035, CVE-2017-9036, CVE-2017-9037
DescriptionMultiple vulnerabilities are present in some versions of Trend Micro ServerProtect for Linux.
ObservationTrend Micro ServerProtect for Linux provides protection against security risks for file servers based on Linux.
Multiple vulnerabilities are present in some versions of Trend Micro ServerProtect for Linux. The flaws lie in the update mechanism. Successful exploitation could allow an attacker to execute arbitrary code with elevated privleges.
132375 - Oracle VM OVMSA-2017-0112 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle VM Patches and HotfixesRisk Level: HighCVE: CVE-2017-7308, CVE-2017-8890
DescriptionThe scan detected that the host is missing the following update:OVMSA-2017-0112
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://oss.oracle.com/pipermail/oraclevm-errata/2017-June/000738.html
OVM3.3x86_64kernel-uek-firmware-3.8.13-118.18.4.el6uekkernel-uek-3.8.13-118.18.4.el6uek
132376 - Oracle VM OVMSA-2017-0111 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle VM Patches and HotfixesRisk Level: HighCVE: CVE-2017-7308, CVE-2017-8890
DescriptionThe scan detected that the host is missing the following update:OVMSA-2017-0111
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://oss.oracle.com/pipermail/oraclevm-errata/2017-June/000737.html
OVM3.4x86_64kernel-uek-4.1.12-94.3.6.el6uekkernel-uek-firmware-4.1.12-94.3.6.el6uek
170815 - Amazon Linux AMI ALAS-2017-832 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: HighCVE: CVE-2016-10229
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-832
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-832.html
Amazon Linux AMIi686kernel-4.9.17-8.31.amzn1kernel-devel-4.9.17-8.31.amzn1kernel-headers-4.9.17-8.31.amzn1kernel-debuginfo-4.9.17-8.31.amzn1kernel-debuginfo-common-i686-4.9.17-8.31.amzn1perf-4.9.17-8.31.amzn1kernel-tools-devel-4.9.17-8.31.amzn1kernel-tools-4.9.17-8.31.amzn1kernel-tools-debuginfo-4.9.17-8.31.amzn1perf-debuginfo-4.9.17-8.31.amzn1
noarchkernel-doc-4.9.17-8.31.amzn1
x86_64kernel-4.9.17-8.31.amzn1kernel-devel-4.9.17-8.31.amzn1kernel-headers-4.9.17-8.31.amzn1kernel-debuginfo-4.9.17-8.31.amzn1perf-4.9.17-8.31.amzn1kernel-tools-devel-4.9.17-8.31.amzn1kernel-tools-4.9.17-8.31.amzn1kernel-tools-debuginfo-4.9.17-8.31.amzn1kernel-debuginfo-common-x86_64-4.9.17-8.31.amzn1
perf-debuginfo-4.9.17-8.31.amzn1
170819 - Amazon Linux AMI ALAS-2017-836 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: HighCVE: CVE-2015-5203, CVE-2015-5221, CVE-2016-1024, CVE-2016-1025, CVE-2016-1577, CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8654, CVE-2016-8690, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693, CVE-2016-8883, CVE-2016-8884,CVE-2016-8885, CVE-2016-9262, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9560, CVE-2016-9583, CVE-2016-9591, CVE-2016-9600
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-836
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-836.html
Amazon Linux AMIx86_64jasper-devel-1.900.1-21.9.amzn1jasper-libs-1.900.1-21.9.amzn1jasper-utils-1.900.1-21.9.amzn1jasper-debuginfo-1.900.1-21.9.amzn1jasper-1.900.1-21.9.amzn1
i686jasper-devel-1.900.1-21.9.amzn1jasper-libs-1.900.1-21.9.amzn1jasper-utils-1.900.1-21.9.amzn1jasper-1.900.1-21.9.amzn1jasper-debuginfo-1.900.1-21.9.amzn1
192163 - Fedora Linux 25 FEDORA-2017-6f06be3fe9 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-6f06be3fe9
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 25
kernel-4.11.3-200.fc25
192165 - Fedora Linux 25 FEDORA-2017-8e9bd58cbb Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-9078, CVE-2017-9079
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-8e9bd58cbb
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 25
dropbear-2017.75-1.fc25
192167 - Fedora Linux 24 FEDORA-2017-0b6da97aa5 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-7692
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-0b6da97aa5
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 24
squirrelmail-1.4.22-19.fc24
192169 - Fedora Linux 24 FEDORA-2017-b22de5c767 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-9078, CVE-2017-9079
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-b22de5c767
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 24
dropbear-2017.75-1.fc24
192171 - Fedora Linux 25 FEDORA-2017-f85c37ae3d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-7692
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-f85c37ae3d
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 25
squirrelmail-1.4.22-19.fc25
21868 - Splunk Hadoop Connect App Path Traversal Vulnerability (SP-CAAAP2F)
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: HighCVE: CVE-MAP-NOMATCH
DescriptionA path traversal vulnerability is present in some versions of Splunk Hadoop Connect app.
ObservationSplunk Hadoop Connect app is a management tool that provides integration between Splunk and Hadoop.
A path traversal vulnerability is present in some versions of Splunk Hadoop Connect app. The flaw lies in how the product handles web requests. Successful exploitation could allow an attacker to execute remote code.
21847 - Novell iManager Vulnerability Prior To 2.7 Support Pack 7 Patch 10 Hotfix 1
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: HighCVE: CVE-2017-7430, CVE-2017-7431, CVE-2017-7432
DescriptionMultiple vulnerabilities are present in some versions of Novell (NetIQ) iManager.
ObservationNovell iManager is a web-based administration console.
Multiple vulnerabilities are present in some versions of Novell (NetIQ) iManager. The flaw lies in several components. Successful exploitation could allow an attacker to disclose sensitive information.
21857 - Novell iManager Vulnerability Prior To 2.7 Support Pack 7 Patch 10 Hotfix 1
Category: SSH Module -> NonIntrusive -> SSH MiscellaneousRisk Level: HighCVE: CVE-2017-7430, CVE-2017-7431, CVE-2017-7432
DescriptionMultiple vulnerabilities are present in some versions of Novell (NetIQ) iManager.
ObservationNovell iManager is a web-based administration console.
Multiple vulnerabilities are present in some versions of Novell (NetIQ) iManager. The flaw lies in several components. Successful exploitation could allow an attacker to disclose sensitive information.
21863 - Schneider Electric Wonderware InduSoft Web Studio Privilege Escalation Vulnerability
Category: Windows Host Assessment -> SCADA (CATEGORY REQUIRES CREDENTIALS)Risk Level: HighCVE: CVE-2017-7968
DescriptionA privilege escalation vulnerability is present in some versions of Schneider Electric InduSoft Web Studio.
ObservationInduSoft Web Studio is a tool to build SCADA (Supervisory Control And Data Acquisition) or HMI (Human-Machine Interface) applications.
A privilege escalation vulnerability is present in some versions of Schneider Electric InduSoft Web Studio. The flaw lies in improper validation of system's path. Successful exploitation could allow locally logged in user to gain elevated privileges on the system.
21867 - Rockwell Automation ControlLogix Vulnerability
Category: General Vulnerability Assessment -> NonIntrusive -> Web ServerRisk Level: HighCVE: CVE-2017-6024
DescriptionA denial-of-service vulnerability is present in some versions of Rockwell Automation ControlLogix.
ObservationRockwell Automation ControlLogix is a system controller managed by a web server.
A denial-of-service vulnerability is present in some versions of Rockwell Automation ControlLogix. The flaw lies in an unknown component.Successful exploitation could allow an attacker to cause a full denial-of-service condition.
21873 - Wireshark Multiple Vulnerabilities Prior To 2.0.13
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: HighCVE: CVE-2017-9343, CVE-2017-9344, CVE-2017-9345, CVE-2017-9346, CVE-2017-9349, CVE-2017-9350, CVE-2017-9351, CVE-2017-9352, CVE-2017-9354
DescriptionMultiple vulnerabilities are present in some versions of Wireshark.
ObservationWireshark is a tool that is used to analyze the network protocol and traffic.
Multiple vulnerabilities are present in some versions of Wireshark. The flaws lie in multiple dissectors. Successful exploitation could allow an attacker to cause a denial of service condition.
21877 - Microsoft Windows NTFS File System Denial of Service Vulnerability
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS)Risk Level: HighCVE: CVE-MAP-NOMATCH
DescriptionA vulnerability is present in some versions of Microsoft Windows.
ObservationWindows is a graphical operating systems developed by Microsoft.
A vulnerability is present in some versions of Microsoft Windows. The flaw is due to improper handling of file path. Successful exploitation could allow an attacker to crash the system.
21878 - Wireshark Multiple Vulnerabilities Prior To 2.2.7
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: HighCVE: CVE-2017-9343, CVE-2017-9344, CVE-2017-9345, CVE-2017-9346, CVE-2017-9347, CVE-2017-9348, CVE-2017-9349, CVE-2017-9350, CVE-2017-9351, CVE-2017-9352, CVE-2017-9353, CVE-2017-9354
DescriptionMultiple vulnerabilities are present in some versions of Wireshark.
ObservationWireshark is a tool that is used to analyze the network protocol and traffic.
Multiple vulnerabilities are present in some versions of Wireshark. The flaws lie in multiple dissectors. Successful exploitation could allow an attacker to cause a denial of service condition.
21882 - (K39204079) F5 BIG-IP GNU C Library Vulnerability
Category: SSH Module -> NonIntrusive -> F5
Risk Level: HighCVE: CVE-2015-8983
DescriptionA vulnerability is present in some versions of F5's BIG-IP products.
ObservationF5's BIG-IP products are network appliances that run F5's Traffic Management Operating System.
A vulnerability is present in some versions of F5's BIG-IP products. The flaw lies in the GNU C library. Successful exploitation could allow an attacker to cause a denial of service condition or to execute arbitrary code on the target system.
130782 - Debian Linux 8.0 DSA-3872-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and HotfixesRisk Level: HighCVE: CVE-2017-5461, CVE-2017-5462, CVE-2017-7502
DescriptionThe scan detected that the host is missing the following update:DSA-3872-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2017/dsa-3872
Debian 8.0alllibnss3-1d_2:3.26-1+debu8u2libnss3-tools_2:3.26-1+debu8u2libnss3-dev_2:3.26-1+debu8u2libnss3-dbg_2:3.26-1+debu8u2libnss3_2:3.26-1+debu8u2
130786 - Debian Linux 8.0 DSA-3869-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and HotfixesRisk Level: HighCVE: CVE-2017-8911
DescriptionThe scan detected that the host is missing the following update:DSA-3869-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2017/dsa-3869
Debian 8.0all
tnef_1.4.9-1+deb8u3
141589 - Red Hat Enterprise Linux RHSA-2017-1382 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-1000367
DescriptionThe scan detected that the host is missing the following update:RHSA-2017-1382
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.redhat.com/archives/enterprise-watch-list/2017-May/msg00033.html
RHEL7Sx86_64sudo-debuginfo-1.8.6p7-22.el7_3sudo-1.8.6p7-22.el7_3sudo-devel-1.8.6p7-22.el7_3
RHEL6Si386sudo-1.8.6p3-28.el6_9sudo-debuginfo-1.8.6p3-28.el6_9sudo-devel-1.8.6p3-28.el6_9
x86_64sudo-1.8.6p3-28.el6_9sudo-debuginfo-1.8.6p3-28.el6_9sudo-devel-1.8.6p3-28.el6_9
RHEL6WSx86_64sudo-debuginfo-1.8.6p3-28.el6_9sudo-1.8.6p3-28.el6_9
i386sudo-debuginfo-1.8.6p3-28.el6_9sudo-1.8.6p3-28.el6_9
RHEL7Dx86_64sudo-debuginfo-1.8.6p7-22.el7_3sudo-1.8.6p7-22.el7_3sudo-devel-1.8.6p7-22.el7_3
RHEL6Dx86_64sudo-1.8.6p3-28.el6_9sudo-debuginfo-1.8.6p3-28.el6_9sudo-devel-1.8.6p3-28.el6_9
i386sudo-1.8.6p3-28.el6_9
sudo-debuginfo-1.8.6p3-28.el6_9sudo-devel-1.8.6p3-28.el6_9
RHEL7WSx86_64sudo-debuginfo-1.8.6p7-22.el7_3sudo-1.8.6p7-22.el7_3sudo-devel-1.8.6p7-22.el7_3
145382 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:1473-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2017-9022, CVE-2017-9023
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2017:1473-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2017-June/002934.html
SuSE SLED 12 SP2x86_64strongswan-ipsec-debuginfo-5.1.3-25.1strongswan-libs0-5.1.3-25.1strongswan-debugsource-5.1.3-25.1strongswan-5.1.3-25.1strongswan-libs0-debuginfo-5.1.3-25.1strongswan-ipsec-5.1.3-25.1
noarchstrongswan-doc-5.1.3-25.1
SuSE SLES 12 SP2noarchstrongswan-doc-5.1.3-25.1
x86_64strongswan-ipsec-debuginfo-5.1.3-25.1strongswan-libs0-5.1.3-25.1strongswan-libs0-debuginfo-5.1.3-25.1strongswan-debugsource-5.1.3-25.1strongswan-5.1.3-25.1strongswan-hmac-5.1.3-25.1strongswan-ipsec-5.1.3-25.1
145384 - SuSE SLES 11 SP4 SUSE-SU-2017:1471-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2017-9022, CVE-2017-9023
Description
The scan detected that the host is missing the following update:SUSE-SU-2017:1471-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2017-June/002933.html
SuSE SLES 11 SP4i586strongswan-doc-4.4.0-6.35.1strongswan-4.4.0-6.35.1
x86_64strongswan-doc-4.4.0-6.35.1strongswan-4.4.0-6.35.1
145385 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:1489-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2017-6502, CVE-2017-7606, CVE-2017-7941, CVE-2017-7942, CVE-2017-7943, CVE-2017-8343, CVE-2017-8344, CVE-2017-8345, CVE-2017-8346, CVE-2017-8347, CVE-2017-8348, CVE-2017-8349, CVE-2017-8350, CVE-2017-8351, CVE-2017-8352,CVE-2017-8353, CVE-2017-8354, CVE-2017-8355, CVE-2017-8356, CVE-2017-8357, CVE-2017-8765, CVE-2017-8830, CVE-2017-9098, CVE-2017-9141, CVE-2017-9142, CVE-2017-9143, CVE-2017-9144
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2017:1489-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2017-June/002937.html
SuSE SLED 12 SP2x86_64libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-70.1libMagick++-6_Q16-3-debuginfo-6.8.8.1-70.1libMagickWand-6_Q16-1-6.8.8.1-70.1ImageMagick-6.8.8.1-70.1libMagickCore-6_Q16-1-32bit-6.8.8.1-70.1ImageMagick-debuginfo-6.8.8.1-70.1libMagickWand-6_Q16-1-debuginfo-6.8.8.1-70.1libMagick++-6_Q16-3-6.8.8.1-70.1libMagickCore-6_Q16-1-6.8.8.1-70.1ImageMagick-debugsource-6.8.8.1-70.1libMagickCore-6_Q16-1-debuginfo-6.8.8.1-70.1
SuSE SLES 12 SP2x86_64libMagickCore-6_Q16-1-6.8.8.1-70.1ImageMagick-debuginfo-6.8.8.1-70.1libMagickWand-6_Q16-1-debuginfo-6.8.8.1-70.1libMagickWand-6_Q16-1-6.8.8.1-70.1
ImageMagick-debugsource-6.8.8.1-70.1libMagickCore-6_Q16-1-debuginfo-6.8.8.1-70.1
145386 - SuSE SLES 11 SP4 SUSE-SU-2017:1468-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2017-8779
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2017:1468-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2017-May/002932.html
SuSE SLES 11 SP4i586libtirpc1-0.2.1-1.12.3rpcbind-0.1.6+git20080930-6.27.2
x86_64libtirpc1-0.2.1-1.12.3rpcbind-0.1.6+git20080930-6.27.2
160263 - CentOS 6 CESA-2017-1364 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: HighCVE: CVE-2017-7502
DescriptionThe scan detected that the host is missing the following update:CESA-2017-1364
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.centos.org/pipermail/centos-announce/2017-May/022449.html
CentOS 6x86_64nss-sysinit-3.28.4-3.el6_9nss-3.28.4-3.el6_9nss-devel-3.28.4-3.el6_9nss-pkcs11-devel-3.28.4-3.el6_9nss-tools-3.28.4-3.el6_9
i686nss-sysinit-3.28.4-3.el6_9nss-3.28.4-3.el6_9nss-devel-3.28.4-3.el6_9
nss-pkcs11-devel-3.28.4-3.el6_9nss-tools-3.28.4-3.el6_9
160264 - CentOS 7 CESA-2017-1365 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: HighCVE: CVE-2017-7502
DescriptionThe scan detected that the host is missing the following update:CESA-2017-1365
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.centos.org/pipermail/centos-announce/2017-May/022451.html
CentOS 7x86_64nss-pkcs11-devel-3.28.4-1.2.el7_3nss-tools-3.28.4-1.2.el7_3nss-devel-3.28.4-1.2.el7_3nss-sysinit-3.28.4-1.2.el7_3nss-3.28.4-1.2.el7_3
i686nss-pkcs11-devel-3.28.4-1.2.el7_3nss-devel-3.28.4-1.2.el7_3nss-3.28.4-1.2.el7_3
160266 - CentOS 6, 7 CESA-2017-1382 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: HighCVE: CVE-2017-1000367
DescriptionThe scan detected that the host is missing the following update:CESA-2017-1382
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.centos.org/pipermail/centos-announce/2017-May/022450.htmlhttp://lists.centos.org/pipermail/centos-announce/2017-May/022442.html
CentOS 7x86_64sudo-1.8.6p7-22.el7_3sudo-devel-1.8.6p7-22.el7_3
i686sudo-devel-1.8.6p7-22.el7_3
CentOS 6x86_64sudo-devel-1.8.6p3-28.el6_9sudo-1.8.6p3-28.el6_9
i686sudo-devel-1.8.6p3-28.el6_9sudo-1.8.6p3-28.el6_9
163369 - Oracle Enterprise Linux ELSA-2017-1381 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-1000367
DescriptionThe scan detected that the host is missing the following update:ELSA-2017-1381
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://oss.oracle.com/pipermail/el-errata/2017-June/006977.html
OEL5i386sudo-1.7.2p1-29.0.1.el5_10
x86_64sudo-1.7.2p1-29.0.1.el5_10
163370 - Oracle Enterprise Linux ELSA-2017-3579 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-7308
DescriptionThe scan detected that the host is missing the following update:ELSA-2017-3579
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://oss.oracle.com/pipermail/el-errata/2017-June/006972.htmlhttp://oss.oracle.com/pipermail/el-errata/2017-June/006971.html
OEL7x86_64kernel-uek-debug-devel-4.1.12-94.3.6.el7uekkernel-uek-firmware-4.1.12-94.3.6.el7uekkernel-uek-4.1.12-94.3.6.el7uekkernel-uek-devel-4.1.12-94.3.6.el7uek
kernel-uek-debug-4.1.12-94.3.6.el7uekkernel-uek-doc-4.1.12-94.3.6.el7uekdtrace-modules-4.1.12-94.3.6.el7uek-0.6.0-4.el7
OEL6x86_64kernel-uek-firmware-4.1.12-94.3.6.el6uekkernel-uek-doc-4.1.12-94.3.6.el6uekdtrace-modules-4.1.12-94.3.6.el6uek-0.6.0-4.el6kernel-uek-devel-4.1.12-94.3.6.el6uekkernel-uek-debug-devel-4.1.12-94.3.6.el6uekkernel-uek-4.1.12-94.3.6.el6uekkernel-uek-debug-4.1.12-94.3.6.el6uek
163371 - Oracle Enterprise Linux ELSA-2017-3580 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-7308
DescriptionThe scan detected that the host is missing the following update:ELSA-2017-3580
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://oss.oracle.com/pipermail/el-errata/2017-June/006974.htmlhttp://oss.oracle.com/pipermail/el-errata/2017-June/006973.html
OEL7x86_64dtrace-modules-3.8.13-118.18.4.el7uek-0.4.5-3.el7kernel-uek-devel-3.8.13-118.18.4.el7uekkernel-uek-debug-devel-3.8.13-118.18.4.el7uekkernel-uek-debug-3.8.13-118.18.4.el7uekkernel-uek-firmware-3.8.13-118.18.4.el7uekkernel-uek-3.8.13-118.18.4.el7uekkernel-uek-doc-3.8.13-118.18.4.el7uek
OEL6x86_64kernel-uek-firmware-3.8.13-118.18.4.el6uekkernel-uek-3.8.13-118.18.4.el6uekkernel-uek-devel-3.8.13-118.18.4.el6uekkernel-uek-debug-3.8.13-118.18.4.el6uekdtrace-modules-3.8.13-118.18.4.el6uek-0.4.5-3.el6kernel-uek-doc-3.8.13-118.18.4.el6uekkernel-uek-debug-devel-3.8.13-118.18.4.el6uek
170809 - Amazon Linux AMI ALAS-2017-840 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-8779
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-840
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-840.html
Amazon Linux AMIx86_64libtirpc-0.2.4-0.8.14.amzn1libtirpc-debuginfo-0.2.4-0.8.14.amzn1libtirpc-devel-0.2.4-0.8.14.amzn1
i686libtirpc-0.2.4-0.8.14.amzn1libtirpc-debuginfo-0.2.4-0.8.14.amzn1libtirpc-devel-0.2.4-0.8.14.amzn1
170810 - Amazon Linux AMI ALAS-2017-841 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-8779
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-841
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-841.html
Amazon Linux AMIx86_64rpcbind-0.2.0-13.9.amzn1rpcbind-debuginfo-0.2.0-13.9.amzn1
i686rpcbind-0.2.0-13.9.amzn1rpcbind-debuginfo-0.2.0-13.9.amzn1
170812 - Amazon Linux AMI ALAS-2017-843 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-1000367
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-843
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-843.html
Amazon Linux AMIx86_64sudo-devel-1.8.6p3-28.25.amzn1sudo-1.8.6p3-28.25.amzn1sudo-debuginfo-1.8.6p3-28.25.amzn1
i686sudo-devel-1.8.6p3-28.25.amzn1sudo-1.8.6p3-28.25.amzn1sudo-debuginfo-1.8.6p3-28.25.amzn1
170816 - Amazon Linux AMI ALAS-2017-833 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-3139
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-833
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-833.html
Amazon Linux AMIx86_64bind-sdb-9.8.2-0.62.rc1.55.amzn1bind-libs-9.8.2-0.62.rc1.55.amzn1bind-debuginfo-9.8.2-0.62.rc1.55.amzn1bind-9.8.2-0.62.rc1.55.amzn1bind-chroot-9.8.2-0.62.rc1.55.amzn1bind-utils-9.8.2-0.62.rc1.55.amzn1bind-devel-9.8.2-0.62.rc1.55.amzn1
i686bind-utils-9.8.2-0.62.rc1.55.amzn1bind-libs-9.8.2-0.62.rc1.55.amzn1bind-debuginfo-9.8.2-0.62.rc1.55.amzn1bind-9.8.2-0.62.rc1.55.amzn1bind-devel-9.8.2-0.62.rc1.55.amzn1bind-chroot-9.8.2-0.62.rc1.55.amzn1bind-sdb-9.8.2-0.62.rc1.55.amzn1
170817 - Amazon Linux AMI ALAS-2017-834 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: High
CVE: CVE-2016-2125, CVE-2016-2126, CVE-2017-2619, CVE-2017-7494
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-834
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-834.html
Amazon Linux AMIi686samba-python-4.4.4-13.35.amzn1samba-winbind-4.4.4-13.35.amzn1samba-test-libs-4.4.4-13.35.amzn1samba-debuginfo-4.4.4-13.35.amzn1ctdb-tests-4.4.4-13.35.amzn1libwbclient-devel-4.4.4-13.35.amzn1samba-common-libs-4.4.4-13.35.amzn1samba-libs-4.4.4-13.35.amzn1samba-winbind-clients-4.4.4-13.35.amzn1libsmbclient-devel-4.4.4-13.35.amzn1samba-common-tools-4.4.4-13.35.amzn1samba-winbind-modules-4.4.4-13.35.amzn1ctdb-4.4.4-13.35.amzn1libwbclient-4.4.4-13.35.amzn1samba-client-libs-4.4.4-13.35.amzn1samba-test-4.4.4-13.35.amzn1samba-krb5-printing-4.4.4-13.35.amzn1samba-winbind-krb5-locator-4.4.4-13.35.amzn1libsmbclient-4.4.4-13.35.amzn1samba-devel-4.4.4-13.35.amzn1samba-client-4.4.4-13.35.amzn1samba-4.4.4-13.35.amzn1
noarchsamba-common-4.4.4-13.35.amzn1samba-pidl-4.4.4-13.35.amzn1
x86_64samba-python-4.4.4-13.35.amzn1samba-winbind-4.4.4-13.35.amzn1samba-debuginfo-4.4.4-13.35.amzn1ctdb-tests-4.4.4-13.35.amzn1samba-libs-4.4.4-13.35.amzn1libwbclient-devel-4.4.4-13.35.amzn1samba-winbind-krb5-locator-4.4.4-13.35.amzn1samba-common-tools-4.4.4-13.35.amzn1samba-winbind-clients-4.4.4-13.35.amzn1libsmbclient-devel-4.4.4-13.35.amzn1samba-winbind-modules-4.4.4-13.35.amzn1ctdb-4.4.4-13.35.amzn1libwbclient-4.4.4-13.35.amzn1samba-client-libs-4.4.4-13.35.amzn1samba-common-libs-4.4.4-13.35.amzn1samba-krb5-printing-4.4.4-13.35.amzn1samba-test-4.4.4-13.35.amzn1
libsmbclient-4.4.4-13.35.amzn1samba-devel-4.4.4-13.35.amzn1samba-client-4.4.4-13.35.amzn1samba-test-libs-4.4.4-13.35.amzn1samba-4.4.4-13.35.amzn1
170818 - Amazon Linux AMI ALAS-2017-835 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: HighCVE: CVE-2016-5542, CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-835
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-835.html
Amazon Linux AMIi686java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.73.amzn1java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.73.amzn1java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.73.amzn1java-1.7.0-openjdk-1.7.0.141-2.6.10.1.73.amzn1java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.73.amzn1
noarchjava-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.73.amzn1
x86_64java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.73.amzn1java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.73.amzn1java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.73.amzn1java-1.7.0-openjdk-1.7.0.141-2.6.10.1.73.amzn1java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.73.amzn1
178439 - Gentoo Linux GLSA-201706-12 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-2017-6014, CVE-2017-7700, CVE-2017-7701, CVE-2017-7702, CVE-2017-7703, CVE-2017-7704, CVE-2017-7705
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-12
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-12
Affected packages: net-analyzer/wireshark < 2.2.6
178440 - Gentoo Linux GLSA-201706-07 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-2017-8779
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-07
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-07
Affected packages: net-nds/rpcbind < 0.2.4-r1net-libs/libtirpc < 1.0.1-r1
178441 - Gentoo Linux GLSA-201706-06 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-2017-7452, CVE-2017-7453, CVE-2017-7454, CVE-2017-7939, CVE-2017-7940, CVE-2017-7962, CVE-2017-8325, CVE-2017-8326, CVE-2017-8327
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-06
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-06
Affected packages: media-gfx/imageworsener < 1.3.1
178443 - Gentoo Linux GLSA-201706-09 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-2017-6542
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-09
Observation
Updates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-09
Affected packages: net-ftp/filezilla < 3.25.2
178445 - Gentoo Linux GLSA-201706-14 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-2016-10244, CVE-2016-10328, CVE-2017-7857, CVE-2017-7858, CVE-2017-7864, CVE-2017-8105, CVE-2017-8287
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-14
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-14
Affected packages: media-libs/freetype < 2.8
178446 - Gentoo Linux GLSA-201706-03 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-2016-9603, CVE-2017-7377, CVE-2017-7471, CVE-2017-7493, CVE-2017-7718, CVE-2017-7980, CVE-2017-8086, CVE-2017-8112, CVE-2017-8309, CVE-2017-8379, CVE-2017-8380, CVE-2017-9060, CVE-2017-9310, CVE-2017-9330
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-03
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-03
Affected packages: app-emulation/qemu < 2.9.0-r2
178449 - Gentoo Linux GLSA-201706-01 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-MAP-NOMATCH
Description
The scan detected that the host is missing the following update:GLSA-201706-01
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-01
Affected packages: sys-auth/munge < 0.5.10-r2
185728 - Ubuntu Linux 14.04, 16.04, 16.10, 17.04 USN-3311-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: HighCVE: CVE-2017-0553
DescriptionThe scan detected that the host is missing the following update:USN-3311-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-June/003885.html
Ubuntu 16.04
libnl-3-200_3.2.27-1ubuntu0.16.04.1
Ubuntu 14.04
libnl-3-200_3.2.21-1ubuntu4.1
Ubuntu 16.10
libnl-3-200_3.2.27-1ubuntu0.16.10.1
Ubuntu 17.04
libnl-3-200_3.2.29-0ubuntu2.1
185729 - Ubuntu Linux 14.04, 16.04, 16.10, 17.04 USN-3305-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: HighCVE: CVE-2017-0350, CVE-2017-0351, CVE-2017-0352
DescriptionThe scan detected that the host is missing the following update:USN-3305-1
Observation
Updates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-May/003879.html
Ubuntu 16.04
nvidia-375_375.66-0ubuntu0.16.04.1nvidia-367_375.66-0ubuntu0.16.04.1
Ubuntu 14.04
nvidia-367_375.66-0ubuntu0.14.04.1nvidia-375_375.66-0ubuntu0.14.04.1
Ubuntu 16.10
nvidia-367_375.66-0ubuntu0.16.10.1nvidia-375_375.66-0ubuntu0.16.10.1
Ubuntu 17.04
nvidia-375_375.66-0ubuntu0.17.04.1nvidia-367_375.66-0ubuntu0.17.04.1
192172 - Fedora Linux 26 FEDORA-2017-6125002d79 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2016-9941, CVE-2016-9942
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-6125002d79
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 26
libvncserver-0.9.11-2.fc26
21837 - (SB10193) McAfee Host Intrusion Prevention Arbitrary Code Injection Vulnerability
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: MediumCVE: CVE-2017-4028
DescriptionA vulnerability is present in some versions of McAfee Host Intrusion Prevention.
Observation
McAfee Host Intrusion Prevention is an industry standard security application that monitors and blocks unwanted activity and makes it easier to keep desktops safe with multiple proven methods system firewall, signature analysis, and behavioral analysis.
A vulnerability is present in some versions of McAfee Host Intrusion Prevention. The flaw is related with a registry vulnerability in Microsoft Windows. Successful exploitation could allow a local attacker to execute arbitrary code on the target system.
21864 - (K41107914) F5 BIG-IP iControl REST Vulnerability
Category: SSH Module -> NonIntrusive -> F5Risk Level: MediumCVE: CVE-2016-9251
DescriptionA privilege escalation vulnerability is present in some versions of F5 BIG-IP systems.
ObservationF5's BIG-IP products are network appliances that run F5's Traffic Management Operating System.
A privilege escalation vulnerability is present in some versions of F5 BIG-IP systems. The flaw lies in iControl REST component. Successful exploitation could allow an attacker to gain elevated privileges on the target system.
130784 - Debian Linux 8.0 DSA-3870-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and HotfixesRisk Level: MediumCVE: CVE-2017-8295, CVE-2017-9061, CVE-2017-9062, CVE-2017-9063, CVE-2017-9064, CVE-2017-9065
DescriptionThe scan detected that the host is missing the following update:DSA-3870-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2017/dsa-3870
Debian 8.0allwordpress_4.1+dfsg-1+deb8u13
170820 - Amazon Linux AMI ALAS-2017-837 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-8291
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-837
ObservationUpdates often remediate critical security problems that should be quickly addressed.
For more information see:
https://alas.aws.amazon.com/ALAS-2017-837.html
Amazon Linux AMIx86_64ghostscript-devel-8.70-23.25.amzn1ghostscript-debuginfo-8.70-23.25.amzn1ghostscript-doc-8.70-23.25.amzn1ghostscript-8.70-23.25.amzn1
i686ghostscript-doc-8.70-23.25.amzn1ghostscript-debuginfo-8.70-23.25.amzn1ghostscript-8.70-23.25.amzn1ghostscript-devel-8.70-23.25.amzn1
178448 - Gentoo Linux GLSA-201706-08 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2016-10221, CVE-2017-5991, CVE-2017-6060
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-08
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-08
Affected packages: app-text/mupdf < 1.11-r1
185724 - Ubuntu Linux 14.04, 16.04, 16.10, 17.04 USN-3309-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: MediumCVE: CVE-2017-6891
DescriptionThe scan detected that the host is missing the following update:USN-3309-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-June/003883.html
Ubuntu 16.04
libtasn1-6_4.7-3ubuntu0.16.04.2
Ubuntu 14.04
libtasn1-6_3.4-3ubuntu0.5
Ubuntu 16.10
libtasn1-6_4.9-4ubuntu0.1
Ubuntu 17.04
libtasn1-6_4.10-1ubuntu0.1
185726 - Ubuntu Linux 16.04, 16.10, 17.04 USN-3310-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: MediumCVE: CVE-2017-8829
DescriptionThe scan detected that the host is missing the following update:USN-3310-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-June/003884.html
Ubuntu 16.04
lintian_2.5.43ubuntu0.1
Ubuntu 16.10
lintian_2.5.48ubuntu0.1
Ubuntu 17.04
lintian_2.5.50.1ubuntu0.1
185727 - Ubuntu Linux 14.04 USN-3308-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: MediumCVE: CVE-2014-3248, CVE-2017-2295
DescriptionThe scan detected that the host is missing the following update:USN-3308-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-June/003882.html
Ubuntu 14.04
puppet-common_3.4.3-1ubuntu1.2
192161 - Fedora Linux 25 FEDORA-2017-c7c3f7ed26 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2017-6891
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-c7c3f7ed26
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 25
libtasn1-4.12-1.fc25
21836 - (VMSA-2017-0009) VMware Workstation Player Multiple Vulnerabilities
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: MediumCVE: CVE-2017-4915, CVE-2017-4916
DescriptionMultiple vulnerabilities are present in some versions of VMware Workstation Player.
ObservationVMware Workstation Player is a virtualization software.
Multiple vulnerabilities are present in some versions of VMware Workstation Player. The flaws lie in several components. Successful exploitation could allow an attacker to escalate privileges and cause denial of services.
21862 - (VMSA-2017-0009) VMware Workstation Player Multiple Vulnerabilities
Category: SSH Module -> NonIntrusive -> SSH MiscellaneousRisk Level: MediumCVE: CVE-2017-4915, CVE-2017-4916
DescriptionMultiple vulnerabilities are present in some versions of VMware Workstation Player.
ObservationVMware Workstation Player is a virtualization software.
Multiple vulnerabilities are present in some versions of VMware Workstation Player. The flaws lie in several components. Successful
exploitation could allow an attacker to escalate privileges and cause denial of services.
21870 - (SB10199) McAfee ePolicy Orchestrator Tomcat Vulnerability
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: MediumCVE: CVE-2017-5647
DescriptionA vulnerability is present in some versions of McAfee ePolicy Orchestrator.
ObservationMcAfee ePolicy Orchestrator (ePO) is widely acknowledged as the most advanced and scalable security management software.
A vulnerability is present in some versions of McAfee ePolicy Orchestrator. The flaw lies in the Tomcat component. Successful exploitation could allow an attacker to retrieve sensitive data from the target system.
21874 - (K59503294) F5 BIG-IP libjpeg Vulnerability
Category: SSH Module -> NonIntrusive -> F5Risk Level: MediumCVE: CVE-2013-6629
DescriptionA vulnerability is present in some versions of F5 BIG-IP systems.
ObservationF5's BIG-IP products are network appliances that run F5's Traffic Management Operating System.
A vulnerability is present in some versions of F5 BIG-IP systems. The flaw lies in libjpeg. Successful exploitation could allow a remote attacker to obtain sensitive information.
141588 - Red Hat Enterprise Linux RHSA-2017-1372 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-6214
DescriptionThe scan detected that the host is missing the following update:RHSA-2017-1372
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.redhat.com/archives/enterprise-watch-list/2017-May/msg00034.html
RHEL6Di386python-perf-2.6.32-696.3.1.el6kernel-debuginfo-2.6.32-696.3.1.el6
perf-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-i686-2.6.32-696.3.1.el6kernel-debug-debuginfo-2.6.32-696.3.1.el6perf-debuginfo-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6python-perf-debuginfo-2.6.32-696.3.1.el6kernel-devel-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6
noarchkernel-abi-whitelists-2.6.32-696.3.1.el6kernel-firmware-2.6.32-696.3.1.el6kernel-doc-2.6.32-696.3.1.el6
x86_64kernel-debuginfo-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-x86_64-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6python-perf-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6python-perf-debuginfo-2.6.32-696.3.1.el6kernel-debug-debuginfo-2.6.32-696.3.1.el6perf-2.6.32-696.3.1.el6kernel-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-i686-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6perf-debuginfo-2.6.32-696.3.1.el6
RHEL6Si386python-perf-2.6.32-696.3.1.el6kernel-debuginfo-2.6.32-696.3.1.el6perf-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-i686-2.6.32-696.3.1.el6kernel-debug-debuginfo-2.6.32-696.3.1.el6perf-debuginfo-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6python-perf-debuginfo-2.6.32-696.3.1.el6kernel-devel-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6
noarchkernel-abi-whitelists-2.6.32-696.3.1.el6kernel-firmware-2.6.32-696.3.1.el6kernel-doc-2.6.32-696.3.1.el6
x86_64kernel-debuginfo-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-x86_64-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6python-perf-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6python-perf-debuginfo-2.6.32-696.3.1.el6kernel-debug-debuginfo-2.6.32-696.3.1.el6
perf-2.6.32-696.3.1.el6kernel-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-i686-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6perf-debuginfo-2.6.32-696.3.1.el6
RHEL6WSi386kernel-debuginfo-2.6.32-696.3.1.el6perf-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-i686-2.6.32-696.3.1.el6kernel-debug-debuginfo-2.6.32-696.3.1.el6perf-debuginfo-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6python-perf-debuginfo-2.6.32-696.3.1.el6kernel-devel-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6
noarchkernel-abi-whitelists-2.6.32-696.3.1.el6kernel-firmware-2.6.32-696.3.1.el6kernel-doc-2.6.32-696.3.1.el6
x86_64kernel-debuginfo-2.6.32-696.3.1.el6kernel-debuginfo-common-x86_64-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-i686-2.6.32-696.3.1.el6kernel-debug-debuginfo-2.6.32-696.3.1.el6perf-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6perf-debuginfo-2.6.32-696.3.1.el6kernel-devel-2.6.32-696.3.1.el6python-perf-debuginfo-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6
145383 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2017:1481-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2016-6489
DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2017:1481-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.suse.com/pipermail/sle-security-updates/2017-June/002936.html
SuSE SLED 12 SP2x86_64libnettle-debugsource-2.7.1-12.1
libhogweed2-debuginfo-2.7.1-12.1libnettle4-debuginfo-32bit-2.7.1-12.1libnettle4-debuginfo-2.7.1-12.1libhogweed2-32bit-2.7.1-12.1libhogweed2-debuginfo-32bit-2.7.1-12.1libhogweed2-2.7.1-12.1libnettle4-2.7.1-12.1libnettle4-32bit-2.7.1-12.1
SuSE SLES 12 SP2x86_64libnettle-debugsource-2.7.1-12.1libhogweed2-debuginfo-2.7.1-12.1libnettle4-debuginfo-32bit-2.7.1-12.1libnettle4-debuginfo-2.7.1-12.1libhogweed2-32bit-2.7.1-12.1libnettle4-2.7.1-12.1libhogweed2-debuginfo-32bit-2.7.1-12.1libhogweed2-2.7.1-12.1libnettle4-32bit-2.7.1-12.1
160265 - CentOS 6 CESA-2017-1372 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: MediumCVE: CVE-2017-6214
DescriptionThe scan detected that the host is missing the following update:CESA-2017-1372
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://lists.centos.org/pipermail/centos-announce/2017-May/022448.html
CentOS 6i686python-perf-2.6.32-696.3.1.el6perf-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6kernel-devel-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6
noarchkernel-abi-whitelists-2.6.32-696.3.1.el6kernel-firmware-2.6.32-696.3.1.el6kernel-doc-2.6.32-696.3.1.el6
x86_64python-perf-2.6.32-696.3.1.el6perf-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6
kernel-devel-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6
170811 - Amazon Linux AMI ALAS-2017-842 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-8386
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-842
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-842.html
Amazon Linux AMIi686git-debuginfo-2.7.5-1.49.amzn1git-svn-2.7.5-1.49.amzn1git-2.7.5-1.49.amzn1git-daemon-2.7.5-1.49.amzn1
noarchgit-p4-2.7.5-1.49.amzn1perl-Git-SVN-2.7.5-1.49.amzn1git-all-2.7.5-1.49.amzn1gitweb-2.7.5-1.49.amzn1git-hg-2.7.5-1.49.amzn1git-bzr-2.7.5-1.49.amzn1perl-Git-2.7.5-1.49.amzn1emacs-git-2.7.5-1.49.amzn1emacs-git-el-2.7.5-1.49.amzn1git-email-2.7.5-1.49.amzn1git-cvs-2.7.5-1.49.amzn1
x86_64git-2.7.5-1.49.amzn1git-svn-2.7.5-1.49.amzn1git-debuginfo-2.7.5-1.49.amzn1git-daemon-2.7.5-1.49.amzn1
170813 - Amazon Linux AMI ALAS-2017-838 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-7484, CVE-2017-7486
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-838
Observation
Updates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-838.html
Amazon Linux AMIx86_64postgresql92-debuginfo-9.2.21-1.60.amzn1postgresql92-server-9.2.21-1.60.amzn1postgresql92-libs-9.2.21-1.60.amzn1postgresql92-plperl-9.2.21-1.60.amzn1postgresql92-9.2.21-1.60.amzn1postgresql92-docs-9.2.21-1.60.amzn1postgresql92-test-9.2.21-1.60.amzn1postgresql92-server-compat-9.2.21-1.60.amzn1postgresql92-pltcl-9.2.21-1.60.amzn1postgresql92-plpython27-9.2.21-1.60.amzn1postgresql92-plpython26-9.2.21-1.60.amzn1postgresql92-contrib-9.2.21-1.60.amzn1postgresql92-devel-9.2.21-1.60.amzn1
i686postgresql92-debuginfo-9.2.21-1.60.amzn1postgresql92-server-9.2.21-1.60.amzn1postgresql92-plperl-9.2.21-1.60.amzn1postgresql92-docs-9.2.21-1.60.amzn1postgresql92-9.2.21-1.60.amzn1postgresql92-test-9.2.21-1.60.amzn1postgresql92-server-compat-9.2.21-1.60.amzn1postgresql92-pltcl-9.2.21-1.60.amzn1postgresql92-plpython27-9.2.21-1.60.amzn1postgresql92-plpython26-9.2.21-1.60.amzn1postgresql92-libs-9.2.21-1.60.amzn1postgresql92-contrib-9.2.21-1.60.amzn1postgresql92-devel-9.2.21-1.60.amzn1
170814 - Amazon Linux AMI ALAS-2017-839 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Amazon Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-7484, CVE-2017-7485, CVE-2017-7486
DescriptionThe scan detected that the host is missing the following update:ALAS-2017-839
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://alas.aws.amazon.com/ALAS-2017-839.html
Amazon Linux AMIx86_64postgresql95-plpython26-9.5.7-1.72.amzn1postgresql94-docs-9.4.12-1.68.amzn1postgresql95-9.5.7-1.72.amzn1postgresql95-libs-9.5.7-1.72.amzn1
postgresql95-contrib-9.5.7-1.72.amzn1postgresql93-docs-9.3.17-1.63.amzn1postgresql95-devel-9.5.7-1.72.amzn1postgresql93-contrib-9.3.17-1.63.amzn1postgresql95-plperl-9.5.7-1.72.amzn1postgresql93-devel-9.3.17-1.63.amzn1postgresql94-devel-9.4.12-1.68.amzn1postgresql94-contrib-9.4.12-1.68.amzn1postgresql94-debuginfo-9.4.12-1.68.amzn1postgresql94-server-9.4.12-1.68.amzn1postgresql95-docs-9.5.7-1.72.amzn1postgresql94-9.4.12-1.68.amzn1postgresql93-9.3.17-1.63.amzn1postgresql93-server-9.3.17-1.63.amzn1postgresql93-plperl-9.3.17-1.63.amzn1postgresql94-test-9.4.12-1.68.amzn1postgresql95-plpython27-9.5.7-1.72.amzn1postgresql93-debuginfo-9.3.17-1.63.amzn1postgresql95-static-9.5.7-1.72.amzn1postgresql94-plpython26-9.4.12-1.68.amzn1postgresql93-plpython26-9.3.17-1.63.amzn1postgresql93-test-9.3.17-1.63.amzn1postgresql95-server-9.5.7-1.72.amzn1postgresql95-test-9.5.7-1.72.amzn1postgresql93-pltcl-9.3.17-1.63.amzn1postgresql93-libs-9.3.17-1.63.amzn1postgresql93-plpython27-9.3.17-1.63.amzn1postgresql94-plperl-9.4.12-1.68.amzn1postgresql94-libs-9.4.12-1.68.amzn1postgresql95-debuginfo-9.5.7-1.72.amzn1postgresql94-plpython27-9.4.12-1.68.amzn1
i686postgresql95-plpython26-9.5.7-1.72.amzn1postgresql94-docs-9.4.12-1.68.amzn1postgresql95-9.5.7-1.72.amzn1postgresql95-libs-9.5.7-1.72.amzn1postgresql95-contrib-9.5.7-1.72.amzn1postgresql94-server-9.4.12-1.68.amzn1postgresql93-contrib-9.3.17-1.63.amzn1postgresql95-plperl-9.5.7-1.72.amzn1postgresql95-server-9.5.7-1.72.amzn1postgresql93-devel-9.3.17-1.63.amzn1postgresql94-devel-9.4.12-1.68.amzn1postgresql94-contrib-9.4.12-1.68.amzn1postgresql94-debuginfo-9.4.12-1.68.amzn1postgresql95-devel-9.5.7-1.72.amzn1postgresql95-docs-9.5.7-1.72.amzn1postgresql94-test-9.4.12-1.68.amzn1postgresql94-9.4.12-1.68.amzn1postgresql93-9.3.17-1.63.amzn1postgresql93-server-9.3.17-1.63.amzn1postgresql93-plperl-9.3.17-1.63.amzn1postgresql94-plpython27-9.4.12-1.68.amzn1postgresql95-plpython27-9.5.7-1.72.amzn1postgresql93-docs-9.3.17-1.63.amzn1postgresql95-static-9.5.7-1.72.amzn1postgresql94-plpython26-9.4.12-1.68.amzn1postgresql93-plpython26-9.3.17-1.63.amzn1postgresql93-test-9.3.17-1.63.amzn1
postgresql93-debuginfo-9.3.17-1.63.amzn1postgresql95-test-9.5.7-1.72.amzn1postgresql93-pltcl-9.3.17-1.63.amzn1postgresql93-libs-9.3.17-1.63.amzn1postgresql93-plpython27-9.3.17-1.63.amzn1postgresql94-plperl-9.4.12-1.68.amzn1postgresql94-libs-9.4.12-1.68.amzn1postgresql95-debuginfo-9.5.7-1.72.amzn1
175186 - Scientific Linux Security ERRATA Moderate: kernel on SL6.x i386/x86_64 (1705-14413)
Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2017-6214
DescriptionThe scan detected that the host is missing the following update:Security ERRATA Moderate: kernel on SL6.x i386/x86_64 (1705-14413)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://listserv.fnal.gov/scripts/wa.exe?A2=ind1705&L=scientific-linux-errata&F=&S=&P=14413
SL6i386python-perf-2.6.32-696.3.1.el6kernel-debuginfo-2.6.32-696.3.1.el6perf-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-i686-2.6.32-696.3.1.el6kernel-debug-debuginfo-2.6.32-696.3.1.el6perf-debuginfo-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6python-perf-debuginfo-2.6.32-696.3.1.el6kernel-devel-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6
noarchkernel-abi-whitelists-2.6.32-696.3.1.el6kernel-firmware-2.6.32-696.3.1.el6kernel-doc-2.6.32-696.3.1.el6
x86_64kernel-debuginfo-2.6.32-696.3.1.el6kernel-debug-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-x86_64-2.6.32-696.3.1.el6kernel-debug-2.6.32-696.3.1.el6python-perf-2.6.32-696.3.1.el6kernel-headers-2.6.32-696.3.1.el6python-perf-debuginfo-2.6.32-696.3.1.el6kernel-debug-debuginfo-2.6.32-696.3.1.el6perf-2.6.32-696.3.1.el6kernel-devel-2.6.32-696.3.1.el6kernel-debuginfo-common-i686-2.6.32-696.3.1.el6kernel-2.6.32-696.3.1.el6
perf-debuginfo-2.6.32-696.3.1.el6
178438 - Gentoo Linux GLSA-201706-05 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: MediumCVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-05
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-05
Affected packages: sys-apps/dbus < 1.10.18
178442 - Gentoo Linux GLSA-201706-10 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2017-2640
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-10
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-10
Affected packages: net-im/pidgin < 2.12.0
178444 - Gentoo Linux GLSA-201706-04 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2017-8386
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-04
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-04
Affected packages: dev-vcs/git < 2.13.0
178447 - Gentoo Linux GLSA-201706-13 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2017-7467
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-13
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-13
Affected packages: net-dialup/minicom < 2.7.1
178450 - Gentoo Linux GLSA-201706-11 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2017-6004
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-11
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-11
Affected packages: dev-libs/libpcre < 8.40-r1
21830 - (VMSA-2017-0009) VMware Workstation Pro Multiple Vulnerabilities
Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: MediumCVE: CVE-2017-4915, CVE-2017-4916
DescriptionMultiple vulnerabilities are present in some versions of VMware Workstation Pro.
Observation
VMware Workstation is a virtualization software.
Multiple vulnerabilities are present in some versions of VMware Workstation Pro. The flaws are related with the vstor2 and ALSA drivers. Successful exploitation could allow an attacker to cause a denial of service or escalate privileges.
21865 - (K43523962) F5 BIG-IP BIG-IP APM XSS Vulnerability
Category: SSH Module -> NonIntrusive -> F5Risk Level: MediumCVE: CVE-2016-9257
DescriptionA vulnerability is present in some versions of F5 BIG-IP systems.
ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.
A vulnerability is present in some versions of F5 BIG-IP systems. The flaw is present in the BIG-IP APM product and is related with the Access Reports feature. Successful exploitation could allow an attacker to remotely inject arbitrary code on the target system.
21884 - (K25552364) F5 BIG-IP GNU C Library Vulnerability
Category: SSH Module -> NonIntrusive -> F5Risk Level: MediumCVE: CVE-2015-8985
DescriptionA denial of service vulnerability is present in some versions of F5 BIG-IP systems.
ObservationF5's BIG-IP products are network appliances that run F5's Traffic Management Operating System.
A denial of service vulnerability is present in some versions of F5 BIG-IP systems. The flaw lies in GNU C Library. Successful exploitation could allow an attacker to cause a denial of service condition.
21885 - (K22012502) F5 BIG-IP Linux kernel Vulnerability
Category: SSH Module -> NonIntrusive -> F5Risk Level: MediumCVE: CVE-2017-7273
DescriptionA denial-of-service vulnerability is present in some versions of F5 BIG-IP systems.
ObservationF5's BIG-IP products are network appliances that run F5's Traffic Management Operating System.
A denial-of-service vulnerability is present in some versions of F5 BIG-IP systems. The flaw lies in the Linux Kernel. Successful exploitation could allow a physically proximate attacker to cause a denial-of-service.
178451 - Gentoo Linux GLSA-201706-02 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixes
Risk Level: MediumCVE: CVE-2016-6252, CVE-2017-2616
DescriptionThe scan detected that the host is missing the following update:GLSA-201706-02
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://security.gentoo.org/glsa/201706-02
Affected packages: sys-apps/shadow < 4.4-r2
185725 - Ubuntu Linux 14.04, 16.04, 16.10, 17.04 USN-3306-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: MediumCVE: CVE-2017-7585, CVE-2017-7586, CVE-2017-7741, CVE-2017-7742, CVE-2017-8361, CVE-2017-8362, CVE-2017-8363, CVE-2017-8365
DescriptionThe scan detected that the host is missing the following update:USN-3306-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-June/003880.html
Ubuntu 16.04
libsndfile1_1.0.25-10ubuntu0.16.04.1
Ubuntu 14.04
libsndfile1_1.0.25-7ubuntu2.2
Ubuntu 16.10
libsndfile1_1.0.25-10ubuntu0.16.10.1
Ubuntu 17.04
libsndfile1_1.0.27-1ubuntu0.1
192164 - Fedora Linux 25 FEDORA-2017-22f1a8404e Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2017-6508
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-22f1a8404e
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 25
wget-1.18-3.fc25
130781 - Debian Linux 8.0 DSA-3868-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and HotfixesRisk Level: LowCVE: CVE-2017-9287
DescriptionThe scan detected that the host is missing the following update:DSA-3868-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2017/dsa-3868
Debian 8.0allslapd-smbk5pwd_2.4.40+dfsg-1+deb8u3ldap-utils_2.4.40+dfsg-1+deb8u3slapd-dbg_2.4.40+dfsg-1+deb8u3slapd_2.4.40+dfsg-1+deb8u3libldap2-dev_2.4.40+dfsg-1+deb8u3libldap-2.4-2-dbg_2.4.40+dfsg-1+deb8u3libldap-2.4-2_2.4.40+dfsg-1+deb8u3
130783 - Debian Linux 8.0 DSA-3873-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and HotfixesRisk Level: LowCVE: CVE-2017-6512
DescriptionThe scan detected that the host is missing the following update:DSA-3873-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2017/dsa-3873
Debian 8.0allperl_5.20.2-3+deb8u7
130785 - Debian Linux 8.0 DSA-3871-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and HotfixesRisk Level: LowCVE: CVE-2017-5637
DescriptionThe scan detected that the host is missing the following update:DSA-3871-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.debian.org/security/2017/dsa-3871
Debian 8.0allzookeeper_3.4.5+dfsg-2+deb8u2
182364 - FreeBSD chromium Multiple Vulnerabilities (52f4b48b-4ac3-11e7-99aa-e8e0b747a45a)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: LowCVE: CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083, CVE-2017-5085,CVE-2017-5086
DescriptionThe scan detected that the host is missing the following update:chromium -- multiple vulnerabilities (52f4b48b-4ac3-11e7-99aa-e8e0b747a45a)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/52f4b48b-4ac3-11e7-99aa-e8e0b747a45a.html
Affected packages: chromium < 59.0.3071.86chromium-pulse < 59.0.3071.86
182365 - FreeBSD heimdal Bypass Of Capath Policy (40a8d798-4615-11e7-8080-a4badb2f4699)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: LowCVE: CVE-MAP-NOMATCH
Description
The scan detected that the host is missing the following update:heimdal -- bypass of capath policy (40a8d798-4615-11e7-8080-a4badb2f4699)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/40a8d798-4615-11e7-8080-a4badb2f4699.html
Affected packages: heimdal < 7.3.0
182366 - FreeBSD ansible Input Validation Flaw In Jinja2 Templating System (15a04b9f-47cb-11e7-a853-001fbc0f280f)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: LowCVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:ansible -- Input validation flaw in jinja2 templating system (15a04b9f-47cb-11e7-a853-001fbc0f280f)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/15a04b9f-47cb-11e7-a853-001fbc0f280f.html
Affected packages: ansible < 2.3.1
182367 - FreeBSD FreeRADIUS TLS Resumption Authentication Bypass (673dce46-46d0-11e7-a539-0050569f7e80)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: LowCVE: CVE-2017-9148
DescriptionThe scan detected that the host is missing the following update:FreeRADIUS -- TLS resumption authentication bypass (673dce46-46d0-11e7-a539-0050569f7e80)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/673dce46-46d0-11e7-a539-0050569f7e80.html
Affected packages: freeradius < 3.0.14freeradius2 < 3.0.14freeradius3 < 3.0.14
182368 - FreeBSD duo Two-factor Authentication Bypass (738e8ae1-46dd-11e7-a539-0050569f7e80)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes
Risk Level: LowCVE: CVE-MAP-NOMATCH
DescriptionThe scan detected that the host is missing the following update:duo -- Two-factor authentication bypass (738e8ae1-46dd-11e7-a539-0050569f7e80)
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
http://www.vuxml.org/freebsd/738e8ae1-46dd-11e7-a539-0050569f7e80.html
Affected packages: duo < 1.9.21
185723 - Ubuntu Linux 14.04, 16.04, 16.10, 17.04 USN-3307-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: LowCVE: CVE-2017-9287
DescriptionThe scan detected that the host is missing the following update:USN-3307-1
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-June/003881.html
Ubuntu 16.04
slapd_2.4.42+dfsg-2ubuntu3.2
Ubuntu 14.04
slapd_2.4.31-1+nmu2ubuntu8.4
Ubuntu 16.10
slapd_2.4.42+dfsg-2ubuntu4.1
Ubuntu 17.04
slapd_2.4.44+dfsg-3ubuntu2.1
192160 - Fedora Linux 24 FEDORA-2017-7d698eba8b Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2017-5052, CVE-2017-5053, CVE-2017-5054, CVE-2017-5055, CVE-2017-5056, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066,CVE-2017-5067, CVE-2017-5068, CVE-2017-5069
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-7d698eba8b
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 24
chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc24chromium-58.0.3029.110-2.fc24
192162 - Fedora Linux 25 FEDORA-2017-690eedcf41 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2017-7511
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-690eedcf41
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 25
poppler-0.45.0-3.fc25
192166 - Fedora Linux 26 FEDORA-2017-c729c6123c Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2017-7494
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-c729c6123c
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 26
samba-4.6.4-0.fc26
192168 - Fedora Linux 25 FEDORA-2017-54580efa82 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2017-1000367
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-54580efa82
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 25
sudo-1.8.20p2-1.fc25
192170 - Fedora Linux 25 FEDORA-2017-8ad8d1bd86 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2017-2295
DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-8ad8d1bd86
ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/2017/6/?count=200&page=1
Fedora Core 25
puppet-4.2.1-5.fc25
ENHANCED CHECKS
The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on avulnerability and anything else that improves upon an existing FSL check.
33152 - Oracle Solaris 119758-39 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and HotfixesRisk Level: HighCVE: CVE-2007-0452, CVE-2007-2444, CVE-2007-2446, CVE-2007-2447, CVE-2007-4138, CVE-2007-4572, CVE-2007-5398, CVE-2007-6015, CVE-2008-4314, CVE-2010-2063, CVE-2010-3069, CVE-2011-0719, CVE-2011-2522, CVE-2011-2694, CVE-2012-1182,CVE-2012-2111, CVE-2012-6150, CVE-2013-0213, CVE-2013-0214, CVE-2013-4124, CVE-2013-4408, CVE-2013-4475, CVE-2013-4496, CVE-2014-0178, CVE-2014-0244, CVE-2014-3493
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
33154 - Oracle Solaris 119757-39 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Solaris Patches and HotfixesRisk Level: HighCVE: CVE-2007-0452, CVE-2007-2444, CVE-2007-2446, CVE-2007-2447, CVE-2007-4138, CVE-2007-4572, CVE-2007-5398, CVE-2007-6015, CVE-2008-4314, CVE-2010-2063, CVE-2010-3069, CVE-2011-0719, CVE-2011-2522, CVE-2011-2694, CVE-2012-1182,CVE-2012-2111, CVE-2012-6150, CVE-2013-0213, CVE-2013-0214, CVE-2013-4124, CVE-2013-4408, CVE-2013-4475, CVE-2013-4496, CVE-2014-0178, CVE-2014-0244, CVE-2014-3493
Update DetailsName is updated Description is updated Observation is updated Recommendation is updated FASLScript is updated
21845 - (HT207798) Apple iOS Vulnerability Prior To 10.3.2
Category: Wireless Assessment -> NonIntrusive -> iOSRisk Level: HighCVE: CVE-2017-2495, CVE-2017-2496, CVE-2017-2497, CVE-2017-2498, CVE-2017-2499, CVE-2017-2501, CVE-2017-2502, CVE-2017-2504, CVE-2017-2505, CVE-2017-2506, CVE-2017-2507, CVE-2017-2508, CVE-2017-2510, CVE-2017-2513, CVE-2017-2514,CVE-2017-2515, CVE-2017-2518, CVE-2017-2519, CVE-2017-2520, CVE-2017-2521, CVE-2017-2524, CVE-2017-2525, CVE-2017-2526, CVE-2017-2528, CVE-2017-2530, CVE-2017-2531, CVE-2017-2536, CVE-2017-2538, CVE-2017-2539, CVE-2017-2544, CVE-2017-2547, CVE-2017-2549, CVE-2017-6979, CVE-2017-6980, CVE-2017-6981, CVE-2017-6982, CVE-2017-6983, CVE-2017-6984,CVE-2017-6987, CVE-2017-6989, CVE-2017-6991
Update DetailsRisk is updated
88866 - Slackware Linux 13.37, 14.0, 14.1, 14.2 SSA:2017-136-02 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Slackware Patches and HotfixesRisk Level: HighCVE: CVE-2017-8422
Update DetailsRisk is updated
178353 - Gentoo Linux GLSA-201701-56 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
Update DetailsRisk is updated
182347 - FreeBSD Kauth: Local Privilege Escalation (0baee383-356c-11e7-b9a9-50e549ebab6c)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: HighCVE: CVE-2017-8422
Update DetailsRisk is updated
182349 - FreeBSD Joomla3 SQL Injection (3c2549b3-3bed-11e7-a9f0-a4badb296695)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: HighCVE: CVE-2017-8917
Update DetailsRisk is updated
185689 - Ubuntu Linux 14.04 USN-3286-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: HighCVE: CVE-2017-8422
Update DetailsRisk is updated
187744 - Fedora Linux 19 FEDORA-2014-3812 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2014-0097
Update DetailsRisk is updated
187755 - Fedora Linux 20 FEDORA-2014-3811 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2014-0097
Update DetailsRisk is updated
192093 - Fedora Linux 24 FEDORA-2017-6bdbf57f29 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-8422
Update DetailsRisk is updated
192100 - Fedora Linux 26 FEDORA-2017-dd51077c87 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes
Risk Level: HighCVE: CVE-2017-8422
Update DetailsRisk is updated
192102 - Fedora Linux 26 FEDORA-2017-0898c704a1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-8422
Update DetailsRisk is updated
192104 - Fedora Linux 25 FEDORA-2017-aff6f6bd9d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-8422
Update DetailsRisk is updated
192105 - Fedora Linux 25 FEDORA-2017-7e3437b905 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-8422
Update DetailsRisk is updated
192134 - Fedora Linux 24 FEDORA-2017-8b4898ce81 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-8422
Update DetailsRisk is updated
130773 - Debian Linux 8.0 DSA-3861-1 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Debian Patches and HotfixesRisk Level: MediumCVE: CVE-2017-6891
Update DetailsRisk is updated
178349 - Gentoo Linux GLSA-201701-24 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2015-4054, CVE-2015-6817
Update DetailsRisk is updated
181596 - FreeBSD pgbouncer Failed Auth_query Lookup Leads To Connection As Auth_user (d76961da-56f6-11e5-934b-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: MediumCVE: CVE-2015-6817
Update DetailsRisk is updated
182358 - FreeBSD OpenEXR Multiple Remote Code Execution And Denial Of Service Vulnerabilities (803879e9-4195-11e7-9b08-080027ef73ec)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: MediumCVE: CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114, CVE-2017-9115, CVE-2017-9116
Update DetailsRisk is updated
189320 - Fedora Linux 20 FEDORA-2015-6862 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2014-0225
Update DetailsRisk is updated
21373 - (MS17-007) Microsoft Edge Memory Handling Information Disclosure I (4013071)
Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS)Risk Level: MediumCVE: CVE-2017-0011
Update Details
21495 - LibreOffice Calc and Writer Arbitrary File Disclosure Vulnerability
Category: SSH Module -> NonIntrusive -> Mac OS X Patches and HotfixesRisk Level: Medium
CVE: CVE-2017-3157
Update Details
181441 - FreeBSD pgbouncer Remote Denial Of Service (8fbd4187-0f18-11e5-b6a8-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: MediumCVE: CVE-2015-4054
Update DetailsRisk is updated
181483 - FreeBSD Roundcube - Multiple Vulnerabilities (038a5808-24b3-11e5-b0c8-bf4d8935d4fa)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: MediumCVE: CVE-2015-5381, CVE-2015-5383
Update DetailsRisk is updated
189574 - Fedora Linux 22 FEDORA-2015-11405 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2015-5381, CVE-2015-5382, CVE-2015-5383
Update DetailsRisk is updated
191610 - Fedora Linux 25 FEDORA-2017-7b181f9c98 Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2016-8741
Update DetailsRisk is updated
192147 - Fedora Linux 25 FEDORA-2017-8ff992386d Update Is Not Installed
Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2017-9217
Update DetailsRisk is updated
181714 - FreeBSD redmine Potential XSS Vulnerability (939a7086-9ed6-11e5-8f5c-002590263bf5)
Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: MediumCVE: CVE-2015-8477
Update DetailsRisk is updated
70050 - vmware.fasl3.inc
Category: General Vulnerability Assessment -> NonIntrusive -> Invalid CategoryRisk Level: InformationalCVE: CVE-MAP-NOMATCH
Update DetailsFASLScript is updated
ADDITIONAL NOTES
HOW TO UPDATE
FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we stronglyurge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download anycritical updates but will wait for your explicit authorization before installing.
FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting"FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerabilityscripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability categoryand checking the "Run New Checks" checkbox.
MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts willbe automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.
MCAFEE TECHNICAL SUPPORT
ServicePortal: https://mysupport.mcafee.comMulti-National Phone Support available here:
http://www.mcafee.com/us/about/contact/index.htmlNon-US customers - Select your country from the list of Worldwide Offices.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution byothers is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Copyright 2017 McAfee, Inc.McAfee is a registered trademark of McAfee, Inc. and/or its affiliates
Recommended