McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing...

75
2018-MAR-15 FSL version 7.6.11 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 182643 - FreeBSD chromium Vulnerability (555af074-22b9-11e8-9799-54ee754af08e) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2017-11215, CVE-2017-11225, CVE-2018-6057, CVE-2018-6060, CVE-2018-6061, CVE-2018-6062, CVE-2018-6063, CVE-2018-6064, CVE-2018-6065, CVE-2018-6066, CVE-2018-6067, CVE-2018-6069, CVE-2018-6070, CVE-2018-6071, CVE-2018- 6072, CVE-2018-6073, CVE-2018-6074, CVE-2018-6075, CVE-2018-6076, CVE-2018-6077, CVE-2018-6078, CVE-2018-6079, CVE- 2018-6080, CVE-2018-6081, CVE-2018-6082, CVE-2018-6083 Description The scan detected that the host is missing the following update: chromium -- vulnerability (555af074-22b9-11e8-9799-54ee754af08e) Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/555af074-22b9-11e8-9799-54ee754af08e.html Affected packages: chromium < 65.0.3325.146 193375 - Fedora Linux 27 FEDORA-2018-2bce10900e Update Is Not Installed Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes Risk Level: High CVE: CVE-2018-1065, CVE-2018-5703, CVE-2018-5803, CVE-2018-7757 Description The scan detected that the host is missing the following update: FEDORA-2018-2bce10900e Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=1 Fedora Core 27 kernel-4.15.8-300.fc27 193379 - Fedora Linux 26 FEDORA-2018-d2b08aa37f Update Is Not Installed

Transcript of McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing...

Page 1: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

2018-MAR-15 FSL version 7.6.11

MCAFEE FOUNDSTONE FSL UPDATE

To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is adetailed summary of the new and updated checks included with this release.

NEW CHECKS

182643 - FreeBSD chromium Vulnerability (555af074-22b9-11e8-9799-54ee754af08e)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: HighCVE: CVE-2017-11215, CVE-2017-11225, CVE-2018-6057, CVE-2018-6060, CVE-2018-6061, CVE-2018-6062, CVE-2018-6063,CVE-2018-6064, CVE-2018-6065, CVE-2018-6066, CVE-2018-6067, CVE-2018-6069, CVE-2018-6070, CVE-2018-6071, CVE-2018-6072, CVE-2018-6073, CVE-2018-6074, CVE-2018-6075, CVE-2018-6076, CVE-2018-6077, CVE-2018-6078, CVE-2018-6079, CVE-2018-6080, CVE-2018-6081, CVE-2018-6082, CVE-2018-6083

DescriptionThe scan detected that the host is missing the following update:chromium -- vulnerability (555af074-22b9-11e8-9799-54ee754af08e)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.vuxml.org/freebsd/555af074-22b9-11e8-9799-54ee754af08e.html

Affected packages: chromium < 65.0.3325.146

193375 - Fedora Linux 27 FEDORA-2018-2bce10900e Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2018-1065, CVE-2018-5703, CVE-2018-5803, CVE-2018-7757

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-2bce10900e

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=1

Fedora Core 27

kernel-4.15.8-300.fc27

193379 - Fedora Linux 26 FEDORA-2018-d2b08aa37f Update Is Not Installed

Page 2: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2012-6706, CVE-2017-11423, CVE-2017-6419, CVE-2018-0202, CVE-2018-1000085

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-d2b08aa37f

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=2

Fedora Core 26

clamav-0.99.4-1.fc26

160368 - CentOS 7 CESA-2018-0378 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: HighCVE: CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784,CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17790

DescriptionThe scan detected that the host is missing the following update:CESA-2018-0378

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.centos.org/pipermail/centos-announce/2018-March/022791.html

CentOS 7i686ruby-libs-2.0.0.648-33.el7_4

noarchrubygem-rdoc-4.0.0-33.el7_4rubygems-2.0.14.1-33.el7_4rubygem-minitest-4.3.2-33.el7_4ruby-doc-2.0.0.648-33.el7_4rubygems-devel-2.0.14.1-33.el7_4rubygem-rake-0.9.6-33.el7_4ruby-irb-2.0.0.648-33.el7_4

x86_64rubygem-bigdecimal-1.2.0-33.el7_4ruby-libs-2.0.0.648-33.el7_4ruby-devel-2.0.0.648-33.el7_4ruby-tcltk-2.0.0.648-33.el7_4rubygem-json-1.7.7-33.el7_4ruby-2.0.0.648-33.el7_4rubygem-psych-2.0.0-33.el7_4

Page 3: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

rubygem-io-console-0.4.2-33.el7_4

23122 - (K08613310) F5 BIG-IP BIND Vulnerability

Category: SSH Module -> NonIntrusive -> F5Risk Level: HighCVE: CVE-2017-3145

DescriptionA denial of service vulnerability is present in some versions of F5 BIG-IP systems.

ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.

A denial of service vulnerability is present in some versions of F5 BIG-IP systems. The flaw lies in BIND. Successful exploitation could allow an attacker to cause a denial of service condition.

23195 - (HPESBHF03826) HPE Integrated Lights-Out Denial Of Service Vulnerability

Category: General Vulnerability Assessment -> NonIntrusive -> Web ServerRisk Level: HighCVE: CVE-2017-8987

DescriptionA denial of service is present in some versions of HPE Integrated Lights-Out.

ObservationHPE Integrated Lights-Out is a Hewlett-Packard proprietary embedded server management technology.

A denial of service is present in some versions of HPE Integrated Lights-Out. The flaw lies in an unknown component. Successful exploitation could allow a remote attacker to cause a denial of service condition.

23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability

Category: SSH Module -> NonIntrusive -> F5Risk Level: HighCVE: CVE-2017-6154

DescriptionA denial of service vulnerability is present in some versions of F5 BIG-IP ASM.

ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.

A denial of service vulnerability is present in some versions of F5 BIG-IP ASM. The flaw lies in BIG-IP ASM bd process. Successful exploitation could allow an attacker to cause a denial of service condition.

132439 - Oracle VM OVMSA-2018-0024 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle VM Patches and HotfixesRisk Level: HighCVE: CVE-2018-5732, CVE-2018-5733

Page 4: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

DescriptionThe scan detected that the host is missing the following update:OVMSA-2018-0024

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/oraclevm-errata/2018-March/000835.html

OVM3.3x86_64dhcp-common-4.1.1-53.P1.0.1.el6_9.3dhclient-4.1.1-53.P1.0.1.el6_9.3

132440 - Oracle VM OVMSA-2018-0023 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle VM Patches and HotfixesRisk Level: HighCVE: CVE-2018-5732, CVE-2018-5733

DescriptionThe scan detected that the host is missing the following update:OVMSA-2018-0023

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/oraclevm-errata/2018-March/000834.html

OVM3.4x86_64dhcp-common-4.1.1-53.P1.0.1.el6_9.3dhclient-4.1.1-53.P1.0.1.el6_9.3

141887 - Red Hat Enterprise Linux RHSA-2018-0488 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-3145

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0488

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00020.html

RHEL7_3Snoarch

Page 5: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

bind-license-9.9.4-50.el7_3.3

x86_64bind-pkcs11-utils-9.9.4-50.el7_3.3bind-pkcs11-9.9.4-50.el7_3.3bind-pkcs11-devel-9.9.4-50.el7_3.3bind-utils-9.9.4-50.el7_3.3bind-devel-9.9.4-50.el7_3.3bind-9.9.4-50.el7_3.3bind-lite-devel-9.9.4-50.el7_3.3bind-pkcs11-libs-9.9.4-50.el7_3.3bind-chroot-9.9.4-50.el7_3.3bind-libs-9.9.4-50.el7_3.3bind-libs-lite-9.9.4-50.el7_3.3bind-debuginfo-9.9.4-50.el7_3.3bind-sdb-9.9.4-50.el7_3.3bind-sdb-chroot-9.9.4-50.el7_3.3

141890 - Red Hat Enterprise Linux RHSA-2018-0484 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2018-6057, CVE-2018-6060, CVE-2018-6061, CVE-2018-6062, CVE-2018-6063, CVE-2018-6064, CVE-2018-6065, CVE-2018-6066, CVE-2018-6067, CVE-2018-6069, CVE-2018-6070, CVE-2018-6071, CVE-2018-6072, CVE-2018-6073, CVE-2018-6074,CVE-2018-6075, CVE-2018-6076, CVE-2018-6077, CVE-2018-6078, CVE-2018-6079, CVE-2018-6080, CVE-2018-6081, CVE-2018-6082, CVE-2018-6083

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0484

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00018.html

RHEL6Dx86_64chromium-browser-debuginfo-65.0.3325.146-2.el6_9chromium-browser-65.0.3325.146-2.el6_9

i386chromium-browser-debuginfo-65.0.3325.146-2.el6_9chromium-browser-65.0.3325.146-2.el6_9

RHEL6Sx86_64chromium-browser-debuginfo-65.0.3325.146-2.el6_9chromium-browser-65.0.3325.146-2.el6_9

i386chromium-browser-debuginfo-65.0.3325.146-2.el6_9chromium-browser-65.0.3325.146-2.el6_9

RHEL6WSx86_64chromium-browser-debuginfo-65.0.3325.146-2.el6_9

Page 6: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

chromium-browser-65.0.3325.146-2.el6_9

i386chromium-browser-debuginfo-65.0.3325.146-2.el6_9chromium-browser-65.0.3325.146-2.el6_9

141893 - Red Hat Enterprise Linux RHSA-2018-0469 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2018-5732, CVE-2018-5733

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0469

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00012.html

RHEL6Dx86_64dhcp-debuginfo-4.1.1-53.P1.el6_9.3dhcp-devel-4.1.1-53.P1.el6_9.3dhcp-common-4.1.1-53.P1.el6_9.3dhcp-4.1.1-53.P1.el6_9.3dhclient-4.1.1-53.P1.el6_9.3

i386dhcp-debuginfo-4.1.1-53.P1.el6_9.3dhcp-devel-4.1.1-53.P1.el6_9.3dhcp-common-4.1.1-53.P1.el6_9.3dhcp-4.1.1-53.P1.el6_9.3dhclient-4.1.1-53.P1.el6_9.3

RHEL6Si386dhclient-4.1.1-53.P1.el6_9.3dhcp-devel-4.1.1-53.P1.el6_9.3dhcp-common-4.1.1-53.P1.el6_9.3dhcp-debuginfo-4.1.1-53.P1.el6_9.3dhcp-4.1.1-53.P1.el6_9.3

x86_64dhclient-4.1.1-53.P1.el6_9.3dhcp-devel-4.1.1-53.P1.el6_9.3dhcp-common-4.1.1-53.P1.el6_9.3dhcp-debuginfo-4.1.1-53.P1.el6_9.3dhcp-4.1.1-53.P1.el6_9.3

RHEL6WSx86_64dhclient-4.1.1-53.P1.el6_9.3dhcp-common-4.1.1-53.P1.el6_9.3dhcp-debuginfo-4.1.1-53.P1.el6_9.3dhcp-4.1.1-53.P1.el6_9.3

Page 7: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

i386dhclient-4.1.1-53.P1.el6_9.3dhcp-common-4.1.1-53.P1.el6_9.3dhcp-debuginfo-4.1.1-53.P1.el6_9.3dhcp-4.1.1-53.P1.el6_9.3

141897 - Red Hat Enterprise Linux RHSA-2018-0483 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2018-5732, CVE-2018-5733

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0483

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00019.html

RHEL7Dx86_64dhcp-libs-4.2.5-58.el7_4.3dhcp-common-4.2.5-58.el7_4.3dhcp-debuginfo-4.2.5-58.el7_4.3dhcp-4.2.5-58.el7_4.3dhcp-devel-4.2.5-58.el7_4.3dhclient-4.2.5-58.el7_4.3

RHEL7Sx86_64dhcp-libs-4.2.5-58.el7_4.3dhcp-common-4.2.5-58.el7_4.3dhcp-debuginfo-4.2.5-58.el7_4.3dhcp-4.2.5-58.el7_4.3dhcp-devel-4.2.5-58.el7_4.3dhclient-4.2.5-58.el7_4.3

RHEL7WSx86_64dhcp-libs-4.2.5-58.el7_4.3dhcp-common-4.2.5-58.el7_4.3dhcp-debuginfo-4.2.5-58.el7_4.3dhcp-4.2.5-58.el7_4.3dhcp-devel-4.2.5-58.el7_4.3dhclient-4.2.5-58.el7_4.3

141898 - Red Hat Enterprise Linux RHSA-2018-0487 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-3145

Description

Page 8: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

The scan detected that the host is missing the following update:RHSA-2018-0487

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00022.html

RHEL6_7Si386bind-libs-9.8.2-0.37.rc1.el6_7.12bind-devel-9.8.2-0.37.rc1.el6_7.12bind-utils-9.8.2-0.37.rc1.el6_7.12bind-debuginfo-9.8.2-0.37.rc1.el6_7.12bind-9.8.2-0.37.rc1.el6_7.12bind-chroot-9.8.2-0.37.rc1.el6_7.12bind-sdb-9.8.2-0.37.rc1.el6_7.12

x86_64bind-libs-9.8.2-0.37.rc1.el6_7.12bind-devel-9.8.2-0.37.rc1.el6_7.12bind-utils-9.8.2-0.37.rc1.el6_7.12bind-debuginfo-9.8.2-0.37.rc1.el6_7.12bind-9.8.2-0.37.rc1.el6_7.12bind-chroot-9.8.2-0.37.rc1.el6_7.12bind-sdb-9.8.2-0.37.rc1.el6_7.12

RHEL6_6Sx86_64bind-sdb-9.8.2-0.30.rc1.el6_6.10bind-chroot-9.8.2-0.30.rc1.el6_6.10bind-utils-9.8.2-0.30.rc1.el6_6.10bind-9.8.2-0.30.rc1.el6_6.10bind-debuginfo-9.8.2-0.30.rc1.el6_6.10bind-devel-9.8.2-0.30.rc1.el6_6.10bind-libs-9.8.2-0.30.rc1.el6_6.10

RHEL6_5Sx86_64bind-chroot-9.8.2-0.23.rc1.el6_5.8bind-libs-9.8.2-0.23.rc1.el6_5.8bind-debuginfo-9.8.2-0.23.rc1.el6_5.8bind-devel-9.8.2-0.23.rc1.el6_5.8bind-9.8.2-0.23.rc1.el6_5.8bind-sdb-9.8.2-0.23.rc1.el6_5.8bind-utils-9.8.2-0.23.rc1.el6_5.8

RHEL6_4Sx86_64bind-utils-9.8.2-0.17.rc1.el6_4.13bind-chroot-9.8.2-0.17.rc1.el6_4.13bind-debuginfo-9.8.2-0.17.rc1.el6_4.13bind-devel-9.8.2-0.17.rc1.el6_4.13bind-9.8.2-0.17.rc1.el6_4.13bind-libs-9.8.2-0.17.rc1.el6_4.13bind-sdb-9.8.2-0.17.rc1.el6_4.13

146461 - SuSE SLES 12 SP3, SLED 12 SP3 SUSE-SU-2018:0650-1 Update Is Not Installed

Page 9: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2017-7555

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0650-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003799.html

SuSE SLED 12 SP3x86_64augeas-1.2.0-17.3.1augeas-debugsource-1.2.0-17.3.1augeas-debuginfo-1.2.0-17.3.1libaugeas0-debuginfo-1.2.0-17.3.1augeas-lenses-1.2.0-17.3.1libaugeas0-1.2.0-17.3.1

SuSE SLES 12 SP3x86_64augeas-1.2.0-17.3.1augeas-debugsource-1.2.0-17.3.1augeas-debuginfo-1.2.0-17.3.1libaugeas0-debuginfo-1.2.0-17.3.1augeas-lenses-1.2.0-17.3.1libaugeas0-1.2.0-17.3.1

146462 - SuSE SLES 11 SP4 SUSE-SU-2018:0638-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2017-15595, CVE-2017-17563, CVE-2017-17564, CVE-2017-17565, CVE-2017-17566, CVE-2017-18030, CVE-2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2018-5683

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0638-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003795.html

SuSE SLES 11 SP4x86_64xen-4.4.4_28-61.23.2xen-tools-domU-4.4.4_28-61.23.2xen-libs-4.4.4_28-61.23.2xen-kmp-default-4.4.4_28_3.0.101_108.35-61.23.2xen-libs-32bit-4.4.4_28-61.23.2

Page 10: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

xen-doc-html-4.4.4_28-61.23.2xen-tools-4.4.4_28-61.23.2

i586xen-kmp-default-4.4.4_28_3.0.101_108.35-61.23.2xen-kmp-pae-4.4.4_28_3.0.101_108.35-61.23.2xen-tools-domU-4.4.4_28-61.23.2xen-libs-4.4.4_28-61.23.2

146463 - SuSE SLES 11 SP4 SUSE-SU-2018:0653-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2014-8119, CVE-2017-7555

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0653-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003801.html

SuSE SLES 11 SP4i586libaugeas0-0.9.0-3.21.3.1augeas-0.9.0-3.21.3.1augeas-lenses-0.9.0-3.21.3.1

x86_64libaugeas0-0.9.0-3.21.3.1augeas-0.9.0-3.21.3.1augeas-lenses-0.9.0-3.21.3.1

146465 - SuSE Linux 42.3 openSUSE-SU-2018:0628-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2018-6574

DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2018:0628-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.opensuse.org/opensuse-updates/2018-03/msg00022.html

SuSE Linux 42.3x86_64go1.8-doc-1.8.7-5.1go1.8-1.8.7-5.1

Page 11: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

go1.8-debugsource-1.8.7-5.1go1.8-debuginfo-1.8.7-5.1go1.8-race-1.8.7-5.1

i586go1.8-doc-1.8.7-5.1go1.8-1.8.7-5.1go1.8-debugsource-1.8.7-5.1go1.8-debuginfo-1.8.7-5.1

146471 - SuSE Linux 42.3 openSUSE-SU-2018:0657-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2018-7584

DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2018:0657-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.opensuse.org/opensuse-updates/2018-03/msg00034.html

SuSE Linux 42.3i586php7-ctype-7.0.7-31.1php7-xsl-debuginfo-7.0.7-31.1php7-pgsql-7.0.7-31.1php7-pcntl-debuginfo-7.0.7-31.1php7-posix-debuginfo-7.0.7-31.1php7-gd-7.0.7-31.1php7-7.0.7-31.1php7-mbstring-debuginfo-7.0.7-31.1php7-openssl-debuginfo-7.0.7-31.1php7-fileinfo-7.0.7-31.1php7-bz2-debuginfo-7.0.7-31.1php7-sysvshm-debuginfo-7.0.7-31.1php7-ftp-debuginfo-7.0.7-31.1php7-ldap-7.0.7-31.1php7-ldap-debuginfo-7.0.7-31.1php7-mcrypt-debuginfo-7.0.7-31.1php7-sqlite-7.0.7-31.1php7-firebird-debuginfo-7.0.7-31.1php7-enchant-7.0.7-31.1php7-gd-debuginfo-7.0.7-31.1php7-debuginfo-7.0.7-31.1php7-xmlreader-7.0.7-31.1php7-snmp-debuginfo-7.0.7-31.1php7-pspell-debuginfo-7.0.7-31.1php7-opcache-7.0.7-31.1php7-debugsource-7.0.7-31.1php7-mysql-debuginfo-7.0.7-31.1php7-fileinfo-debuginfo-7.0.7-31.1php7-tidy-7.0.7-31.1php7-xmlrpc-debuginfo-7.0.7-31.1

Page 12: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

php7-curl-7.0.7-31.1php7-readline-debuginfo-7.0.7-31.1php7-calendar-7.0.7-31.1php7-ftp-7.0.7-31.1php7-sysvmsg-debuginfo-7.0.7-31.1php7-bcmath-debuginfo-7.0.7-31.1php7-intl-debuginfo-7.0.7-31.1php7-soap-7.0.7-31.1php7-dba-debuginfo-7.0.7-31.1php7-shmop-debuginfo-7.0.7-31.1php7-json-debuginfo-7.0.7-31.1php7-sysvshm-7.0.7-31.1php7-bz2-7.0.7-31.1php7-gmp-debuginfo-7.0.7-31.1php7-mbstring-7.0.7-31.1php7-intl-7.0.7-31.1php7-fastcgi-debuginfo-7.0.7-31.1php7-exif-7.0.7-31.1php7-gmp-7.0.7-31.1php7-opcache-debuginfo-7.0.7-31.1php7-calendar-debuginfo-7.0.7-31.1php7-wddx-debuginfo-7.0.7-31.1php7-shmop-7.0.7-31.1php7-dom-7.0.7-31.1php7-firebird-7.0.7-31.1php7-xmlrpc-7.0.7-31.1php7-zlib-debuginfo-7.0.7-31.1php7-exif-debuginfo-7.0.7-31.1php7-odbc-7.0.7-31.1php7-phar-7.0.7-31.1php7-xmlwriter-7.0.7-31.1php7-openssl-7.0.7-31.1php7-posix-7.0.7-31.1php7-imap-debuginfo-7.0.7-31.1php7-pspell-7.0.7-31.1php7-pdo-debuginfo-7.0.7-31.1php7-readline-7.0.7-31.1php7-iconv-7.0.7-31.1php7-gettext-debuginfo-7.0.7-31.1php7-xmlwriter-debuginfo-7.0.7-31.1php7-dom-debuginfo-7.0.7-31.1php7-devel-7.0.7-31.1php7-phar-debuginfo-7.0.7-31.1php7-pdo-7.0.7-31.1php7-xsl-7.0.7-31.1php7-wddx-7.0.7-31.1php7-gettext-7.0.7-31.1php7-tidy-debuginfo-7.0.7-31.1php7-enchant-debuginfo-7.0.7-31.1php7-mysql-7.0.7-31.1php7-zlib-7.0.7-31.1php7-pcntl-7.0.7-31.1php7-fpm-debuginfo-7.0.7-31.1php7-mcrypt-7.0.7-31.1php7-ctype-debuginfo-7.0.7-31.1php7-bcmath-7.0.7-31.1php7-sqlite-debuginfo-7.0.7-31.1php7-zip-7.0.7-31.1php7-imap-7.0.7-31.1php7-json-7.0.7-31.1

Page 13: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

php7-tokenizer-7.0.7-31.1php7-sysvsem-debuginfo-7.0.7-31.1apache2-mod_php7-7.0.7-31.1php7-curl-debuginfo-7.0.7-31.1php7-sockets-7.0.7-31.1php7-iconv-debuginfo-7.0.7-31.1php7-fastcgi-7.0.7-31.1php7-dba-7.0.7-31.1php7-sockets-debuginfo-7.0.7-31.1php7-snmp-7.0.7-31.1php7-odbc-debuginfo-7.0.7-31.1php7-zip-debuginfo-7.0.7-31.1php7-sysvmsg-7.0.7-31.1php7-xmlreader-debuginfo-7.0.7-31.1apache2-mod_php7-debuginfo-7.0.7-31.1php7-pgsql-debuginfo-7.0.7-31.1php7-sysvsem-7.0.7-31.1php7-fpm-7.0.7-31.1php7-soap-debuginfo-7.0.7-31.1php7-tokenizer-debuginfo-7.0.7-31.1

noarchphp7-pear-7.0.7-31.1php7-pear-Archive_Tar-7.0.7-31.1

x86_64php7-ctype-7.0.7-31.1php7-xsl-debuginfo-7.0.7-31.1php7-pgsql-7.0.7-31.1php7-pcntl-debuginfo-7.0.7-31.1php7-posix-debuginfo-7.0.7-31.1php7-gd-7.0.7-31.1php7-7.0.7-31.1php7-mbstring-debuginfo-7.0.7-31.1php7-openssl-debuginfo-7.0.7-31.1php7-fileinfo-7.0.7-31.1php7-bz2-debuginfo-7.0.7-31.1php7-sysvshm-debuginfo-7.0.7-31.1php7-ftp-debuginfo-7.0.7-31.1php7-ldap-7.0.7-31.1php7-ldap-debuginfo-7.0.7-31.1php7-mcrypt-debuginfo-7.0.7-31.1php7-sqlite-7.0.7-31.1php7-firebird-debuginfo-7.0.7-31.1php7-enchant-7.0.7-31.1php7-gd-debuginfo-7.0.7-31.1php7-debuginfo-7.0.7-31.1php7-xmlreader-7.0.7-31.1php7-snmp-debuginfo-7.0.7-31.1php7-pspell-debuginfo-7.0.7-31.1php7-opcache-7.0.7-31.1php7-debugsource-7.0.7-31.1php7-mysql-debuginfo-7.0.7-31.1php7-fileinfo-debuginfo-7.0.7-31.1php7-tidy-7.0.7-31.1php7-xmlrpc-debuginfo-7.0.7-31.1php7-curl-7.0.7-31.1php7-readline-debuginfo-7.0.7-31.1php7-calendar-7.0.7-31.1php7-ftp-7.0.7-31.1

Page 14: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

php7-sysvmsg-debuginfo-7.0.7-31.1php7-bcmath-debuginfo-7.0.7-31.1php7-intl-debuginfo-7.0.7-31.1php7-soap-7.0.7-31.1php7-dba-debuginfo-7.0.7-31.1php7-shmop-debuginfo-7.0.7-31.1php7-json-debuginfo-7.0.7-31.1php7-sysvshm-7.0.7-31.1php7-bz2-7.0.7-31.1php7-gmp-debuginfo-7.0.7-31.1php7-mbstring-7.0.7-31.1php7-intl-7.0.7-31.1php7-fastcgi-debuginfo-7.0.7-31.1php7-exif-7.0.7-31.1php7-gmp-7.0.7-31.1php7-opcache-debuginfo-7.0.7-31.1php7-calendar-debuginfo-7.0.7-31.1php7-wddx-debuginfo-7.0.7-31.1php7-shmop-7.0.7-31.1php7-dom-7.0.7-31.1php7-firebird-7.0.7-31.1php7-xmlrpc-7.0.7-31.1php7-zlib-debuginfo-7.0.7-31.1php7-exif-debuginfo-7.0.7-31.1php7-odbc-7.0.7-31.1php7-phar-7.0.7-31.1php7-xmlwriter-7.0.7-31.1php7-openssl-7.0.7-31.1php7-posix-7.0.7-31.1php7-imap-debuginfo-7.0.7-31.1php7-pspell-7.0.7-31.1php7-pdo-debuginfo-7.0.7-31.1php7-readline-7.0.7-31.1php7-iconv-7.0.7-31.1php7-gettext-debuginfo-7.0.7-31.1php7-xmlwriter-debuginfo-7.0.7-31.1php7-dom-debuginfo-7.0.7-31.1php7-devel-7.0.7-31.1php7-phar-debuginfo-7.0.7-31.1php7-pdo-7.0.7-31.1php7-xsl-7.0.7-31.1php7-wddx-7.0.7-31.1php7-gettext-7.0.7-31.1php7-tidy-debuginfo-7.0.7-31.1php7-enchant-debuginfo-7.0.7-31.1php7-mysql-7.0.7-31.1php7-zlib-7.0.7-31.1php7-pcntl-7.0.7-31.1php7-fpm-debuginfo-7.0.7-31.1php7-mcrypt-7.0.7-31.1php7-ctype-debuginfo-7.0.7-31.1php7-bcmath-7.0.7-31.1php7-sqlite-debuginfo-7.0.7-31.1php7-zip-7.0.7-31.1php7-imap-7.0.7-31.1php7-json-7.0.7-31.1php7-tokenizer-7.0.7-31.1php7-sysvsem-debuginfo-7.0.7-31.1apache2-mod_php7-7.0.7-31.1php7-curl-debuginfo-7.0.7-31.1

Page 15: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

php7-sockets-7.0.7-31.1php7-iconv-debuginfo-7.0.7-31.1php7-fastcgi-7.0.7-31.1php7-dba-7.0.7-31.1php7-sockets-debuginfo-7.0.7-31.1php7-snmp-7.0.7-31.1php7-odbc-debuginfo-7.0.7-31.1php7-zip-debuginfo-7.0.7-31.1php7-sysvmsg-7.0.7-31.1php7-xmlreader-debuginfo-7.0.7-31.1apache2-mod_php7-debuginfo-7.0.7-31.1php7-pgsql-debuginfo-7.0.7-31.1php7-sysvsem-7.0.7-31.1php7-fpm-7.0.7-31.1php7-soap-debuginfo-7.0.7-31.1php7-tokenizer-debuginfo-7.0.7-31.1

146477 - SuSE SLES 12 SP2, SLED 12 SP2 SUSE-SU-2018:0652-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: HighCVE: CVE-2017-7555

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0652-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003800.html

SuSE SLED 12 SP2x86_64augeas-lenses-1.2.0-12.3.1libaugeas0-debuginfo-1.2.0-12.3.1augeas-debugsource-1.2.0-12.3.1augeas-debuginfo-1.2.0-12.3.1libaugeas0-1.2.0-12.3.1augeas-1.2.0-12.3.1

SuSE SLES 12 SP2x86_64augeas-lenses-1.2.0-12.3.1libaugeas0-debuginfo-1.2.0-12.3.1augeas-debugsource-1.2.0-12.3.1augeas-debuginfo-1.2.0-12.3.1libaugeas0-1.2.0-12.3.1augeas-1.2.0-12.3.1

160363 - CentOS 7 CESA-2018-0377 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: HighCVE: CVE-2018-5379

Page 16: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

DescriptionThe scan detected that the host is missing the following update:CESA-2018-0377

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.centos.org/pipermail/centos-announce/2018-March/022790.html

CentOS 7x86_64quagga-contrib-0.99.22.4-5.el7_4quagga-devel-0.99.22.4-5.el7_4quagga-0.99.22.4-5.el7_4

i686quagga-devel-0.99.22.4-5.el7_4quagga-0.99.22.4-5.el7_4

160366 - CentOS 6 CESA-2018-0469 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: HighCVE: CVE-2018-5732, CVE-2018-5733

DescriptionThe scan detected that the host is missing the following update:CESA-2018-0469

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.centos.org/pipermail/centos-announce/2018-March/022767.html

CentOS 6x86_64dhclient-4.1.1-53.P1.el6.centos.3dhcp-devel-4.1.1-53.P1.el6.centos.3dhcp-4.1.1-53.P1.el6.centos.3dhcp-common-4.1.1-53.P1.el6.centos.3

i686dhclient-4.1.1-53.P1.el6.centos.3dhcp-devel-4.1.1-53.P1.el6.centos.3dhcp-4.1.1-53.P1.el6.centos.3dhcp-common-4.1.1-53.P1.el6.centos.3

163552 - Oracle Enterprise Linux ELSA-2018-0418 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2017-3157, CVE-2017-7870, CVE-2018-1055, CVE-2018-6871

Description

Page 17: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

The scan detected that the host is missing the following update:ELSA-2018-0418

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/el-errata/2018-March/007555.html

OEL7x86_64libreoffice-langpack-sk-5.0.6.2-15.0.1.el7_4libreoffice-langpack-si-5.0.6.2-15.0.1.el7_4libreoffice-bsh-5.0.6.2-15.0.1.el7_4autocorr-sk-5.0.6.2-15.0.1.el7_4libreoffice-pdfimport-5.0.6.2-15.0.1.el7_4libreoffice-base-5.0.6.2-15.0.1.el7_4libreoffice-langpack-nn-5.0.6.2-15.0.1.el7_4autocorr-ru-5.0.6.2-15.0.1.el7_4autocorr-lt-5.0.6.2-15.0.1.el7_4libreoffice-langpack-hu-5.0.6.2-15.0.1.el7_4autocorr-ko-5.0.6.2-15.0.1.el7_4autocorr-en-5.0.6.2-15.0.1.el7_4autocorr-mn-5.0.6.2-15.0.1.el7_4libreoffice-pyuno-5.0.6.2-15.0.1.el7_4libreoffice-langpack-gu-5.0.6.2-15.0.1.el7_4libreoffice-langpack-hi-5.0.6.2-15.0.1.el7_4libreoffice-langpack-uk-5.0.6.2-15.0.1.el7_4autocorr-de-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ro-5.0.6.2-15.0.1.el7_4autocorr-it-5.0.6.2-15.0.1.el7_4libreoffice-langpack-th-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ga-5.0.6.2-15.0.1.el7_4libreoffice-draw-5.0.6.2-15.0.1.el7_4libreoffice-langpack-da-5.0.6.2-15.0.1.el7_4libreoffice-langpack-el-5.0.6.2-15.0.1.el7_4libreoffice-rhino-5.0.6.2-15.0.1.el7_4libreoffice-impress-5.0.6.2-15.0.1.el7_4libreoffice-langpack-pt-PT-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ar-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ko-5.0.6.2-15.0.1.el7_4libreoffice-langpack-st-5.0.6.2-15.0.1.el7_4libreoffice-langpack-nb-5.0.6.2-15.0.1.el7_4libreoffice-langpack-tn-5.0.6.2-15.0.1.el7_4libreoffice-langpack-fr-5.0.6.2-15.0.1.el7_4libreoffice-postgresql-5.0.6.2-15.0.1.el7_4libreoffice-langpack-nso-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ca-5.0.6.2-15.0.1.el7_4libreoffice-calc-5.0.6.2-15.0.1.el7_4libreoffice-langpack-nr-5.0.6.2-15.0.1.el7_4libreoffice-langpack-de-5.0.6.2-15.0.1.el7_4libreoffice-sdk-doc-5.0.6.2-15.0.1.el7_4libreoffice-langpack-gl-5.0.6.2-15.0.1.el7_4autocorr-vi-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ja-5.0.6.2-15.0.1.el7_4libreoffice-opensymbol-fonts-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ve-5.0.6.2-15.0.1.el7_4libreoffice-langpack-cy-5.0.6.2-15.0.1.el7_4libreoffice-langpack-bn-5.0.6.2-15.0.1.el7_4autocorr-fa-5.0.6.2-15.0.1.el7_4

Page 18: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

libreoffice-langpack-lv-5.0.6.2-15.0.1.el7_4autocorr-ca-5.0.6.2-15.0.1.el7_4libreoffice-langpack-hr-5.0.6.2-15.0.1.el7_4libreoffice-langpack-fa-5.0.6.2-15.0.1.el7_4libreoffice-langpack-es-5.0.6.2-15.0.1.el7_4libreoffice-sdk-5.0.6.2-15.0.1.el7_4autocorr-fr-5.0.6.2-15.0.1.el7_4autocorr-hu-5.0.6.2-15.0.1.el7_4libreoffice-gdb-debug-support-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ta-5.0.6.2-15.0.1.el7_4autocorr-cs-5.0.6.2-15.0.1.el7_4autocorr-zh-5.0.6.2-15.0.1.el7_4libreoffice-langpack-or-5.0.6.2-15.0.1.el7_4libreoffice-langpack-dz-5.0.6.2-15.0.1.el7_4autocorr-is-5.0.6.2-15.0.1.el7_4autocorr-da-5.0.6.2-15.0.1.el7_4libreoffice-langpack-tr-5.0.6.2-15.0.1.el7_4libreoffice-wiki-publisher-5.0.6.2-15.0.1.el7_4autocorr-ga-5.0.6.2-15.0.1.el7_4autocorr-ro-5.0.6.2-15.0.1.el7_4libreoffice-langpack-kk-5.0.6.2-15.0.1.el7_4libreoffice-ure-5.0.6.2-15.0.1.el7_4libreoffice-langpack-as-5.0.6.2-15.0.1.el7_4libreoffice-emailmerge-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ss-5.0.6.2-15.0.1.el7_4autocorr-bg-5.0.6.2-15.0.1.el7_4libreoffice-glade-5.0.6.2-15.0.1.el7_4libreoffice-langpack-te-5.0.6.2-15.0.1.el7_4autocorr-fi-5.0.6.2-15.0.1.el7_4libreofficekit-5.0.6.2-15.0.1.el7_4libreoffice-officebean-5.0.6.2-15.0.1.el7_4libreoffice-langpack-sr-5.0.6.2-15.0.1.el7_4libreoffice-langpack-pa-5.0.6.2-15.0.1.el7_4libreoffice-langpack-fi-5.0.6.2-15.0.1.el7_4libreoffice-core-5.0.6.2-15.0.1.el7_4autocorr-pt-5.0.6.2-15.0.1.el7_4libreoffice-xsltfilter-5.0.6.2-15.0.1.el7_4libreofficekit-devel-5.0.6.2-15.0.1.el7_4autocorr-sv-5.0.6.2-15.0.1.el7_4libreoffice-langpack-cs-5.0.6.2-15.0.1.el7_4libreoffice-langpack-bg-5.0.6.2-15.0.1.el7_4libreoffice-langpack-mr-5.0.6.2-15.0.1.el7_4autocorr-sl-5.0.6.2-15.0.1.el7_4libreoffice-langpack-nl-5.0.6.2-15.0.1.el7_4autocorr-pl-5.0.6.2-15.0.1.el7_4libreoffice-langpack-sl-5.0.6.2-15.0.1.el7_4libreoffice-ogltrans-5.0.6.2-15.0.1.el7_4libreoffice-langpack-it-5.0.6.2-15.0.1.el7_4autocorr-nl-5.0.6.2-15.0.1.el7_4libreoffice-writer-5.0.6.2-15.0.1.el7_4libreoffice-math-5.0.6.2-15.0.1.el7_4libreoffice-langpack-lt-5.0.6.2-15.0.1.el7_4libreoffice-langpack-pt-BR-5.0.6.2-15.0.1.el7_4libreoffice-filters-5.0.6.2-15.0.1.el7_4libreoffice-langpack-af-5.0.6.2-15.0.1.el7_4autocorr-lb-5.0.6.2-15.0.1.el7_4libreoffice-langpack-zu-5.0.6.2-15.0.1.el7_4libreoffice-langpack-et-5.0.6.2-15.0.1.el7_4autocorr-sr-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ts-5.0.6.2-15.0.1.el7_4

Page 19: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

autocorr-es-5.0.6.2-15.0.1.el7_4libreoffice-langpack-br-5.0.6.2-15.0.1.el7_4libreoffice-5.0.6.2-15.0.1.el7_4libreoffice-nlpsolver-5.0.6.2-15.0.1.el7_4autocorr-hr-5.0.6.2-15.0.1.el7_4libreoffice-langpack-mai-5.0.6.2-15.0.1.el7_4libreoffice-langpack-en-5.0.6.2-15.0.1.el7_4libreoffice-langpack-pl-5.0.6.2-15.0.1.el7_4autocorr-ja-5.0.6.2-15.0.1.el7_4libreoffice-graphicfilter-5.0.6.2-15.0.1.el7_4autocorr-tr-5.0.6.2-15.0.1.el7_4libreoffice-langpack-zh-Hans-5.0.6.2-15.0.1.el7_4libreoffice-langpack-he-5.0.6.2-15.0.1.el7_4libreoffice-langpack-kn-5.0.6.2-15.0.1.el7_4libreoffice-langpack-xh-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ru-5.0.6.2-15.0.1.el7_4libreoffice-librelogo-5.0.6.2-15.0.1.el7_4autocorr-af-5.0.6.2-15.0.1.el7_4libreoffice-langpack-sv-5.0.6.2-15.0.1.el7_4libreoffice-langpack-zh-Hant-5.0.6.2-15.0.1.el7_4libreoffice-langpack-eu-5.0.6.2-15.0.1.el7_4libreoffice-langpack-ml-5.0.6.2-15.0.1.el7_4

163556 - Oracle Enterprise Linux ELSA-2018-0469 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2018-5732, CVE-2018-5733

DescriptionThe scan detected that the host is missing the following update:ELSA-2018-0469

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/el-errata/2018-March/007568.html

OEL6x86_64dhcp-4.1.1-53.P1.0.1.el6_9.3dhcp-common-4.1.1-53.P1.0.1.el6_9.3dhcp-devel-4.1.1-53.P1.0.1.el6_9.3dhclient-4.1.1-53.P1.0.1.el6_9.3

i386dhcp-4.1.1-53.P1.0.1.el6_9.3dhcp-common-4.1.1-53.P1.0.1.el6_9.3dhcp-devel-4.1.1-53.P1.0.1.el6_9.3dhclient-4.1.1-53.P1.0.1.el6_9.3

163558 - Oracle Enterprise Linux ELSA-2018-0483 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: HighCVE: CVE-2018-5732, CVE-2018-5733

Page 20: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

DescriptionThe scan detected that the host is missing the following update:ELSA-2018-0483

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/el-errata/2018-March/007571.html

OEL7x86_64dhcp-libs-4.2.5-58.0.1.el7_4.3dhclient-4.2.5-58.0.1.el7_4.3dhcp-devel-4.2.5-58.0.1.el7_4.3dhcp-4.2.5-58.0.1.el7_4.3dhcp-common-4.2.5-58.0.1.el7_4.3

175329 - Scientific Linux Security ERRATA Important: dhcp on SL6.x i386/x86_64 (1803-1439)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: HighCVE: CVE-2018-5732, CVE-2018-5733

DescriptionThe scan detected that the host is missing the following update:Security ERRATA Important: dhcp on SL6.x i386/x86_64 (1803-1439)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://listserv.fnal.gov/scripts/wa.exe?A2=ind1803&L=scientific-linux-errata&F=&S=&P=1439

SL6x86_64dhclient-4.1.1-53.P1.el6_9.3dhcp-devel-4.1.1-53.P1.el6_9.3dhcp-common-4.1.1-53.P1.el6_9.3dhcp-debuginfo-4.1.1-53.P1.el6_9.3dhcp-4.1.1-53.P1.el6_9.3

i386dhclient-4.1.1-53.P1.el6_9.3dhcp-devel-4.1.1-53.P1.el6_9.3dhcp-common-4.1.1-53.P1.el6_9.3dhcp-debuginfo-4.1.1-53.P1.el6_9.3dhcp-4.1.1-53.P1.el6_9.3

175334 - Scientific Linux Security ERRATA Important: dhcp on SL7.x x86_64 (1803-1793)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: HighCVE: CVE-2018-5732, CVE-2018-5733

Page 21: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

DescriptionThe scan detected that the host is missing the following update:Security ERRATA Important: dhcp on SL7.x x86_64 (1803-1793)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://listserv.fnal.gov/scripts/wa.exe?A2=ind1803&L=scientific-linux-errata&F=&S=&P=1793

SL7x86_64dhcp-libs-4.2.5-58.el7_4.3dhcp-common-4.2.5-58.el7_4.3dhcp-debuginfo-4.2.5-58.el7_4.3dhcp-4.2.5-58.el7_4.3dhcp-devel-4.2.5-58.el7_4.3dhclient-4.2.5-58.el7_4.3

178591 - Gentoo Linux GLSA-201803-02 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-MAP-NOMATCH

DescriptionThe scan detected that the host is missing the following update:GLSA-201803-02

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://security.gentoo.org/glsa/201803-02

Affected packages: sys-apps/util-linux < 2.30.2-r1

178593 - Gentoo Linux GLSA-201803-03 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: HighCVE: CVE-MAP-NOMATCH

DescriptionThe scan detected that the host is missing the following update:GLSA-201803-03

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://security.gentoo.org/glsa/201803-03

Affected packages:

Page 22: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

dev-lang/go < 1.9.4

193366 - Fedora Linux 26 FEDORA-2018-78570112db Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-18196, CVE-2018-3836, CVE-2018-7186, CVE-2018-7247

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-78570112db

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=2

Fedora Core 26

leptonica-1.74.4-5.fc26mingw-leptonica-1.74.4-4.fc26

193369 - Fedora Linux 27 FEDORA-2018-cbf621a53c Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-18196, CVE-2018-3836, CVE-2018-7186, CVE-2018-7247

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-cbf621a53c

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=1

Fedora Core 27

mingw-leptonica-1.74.4-4.fc27leptonica-1.74.4-5.fc27

193371 - Fedora Linux 26 FEDORA-2018-394bf4fb5a Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2018-2565, CVE-2018-2573, CVE-2018-2576, CVE-2018-2583, CVE-2018-2586, CVE-2018-2590, CVE-2018-2600, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2646, CVE-2018-2647, CVE-2018-2665, CVE-2018-2667,CVE-2018-2668, CVE-2018-2696, CVE-2018-2703

DescriptionThe scan detected that the host is missing the following update:

Page 23: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

FEDORA-2018-394bf4fb5a

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=3

Fedora Core 26

community-mysql-5.7.21-6.fc26

193377 - Fedora Linux 27 FEDORA-2018-00647ae0d5 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2018-2562, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-00647ae0d5

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=1

Fedora Core 27

mariadb-10.2.13-2.fc27

193381 - Fedora Linux 26 FEDORA-2018-1fffa787e7 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2017-17790, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077,CVE-2018-1000078, CVE-2018-1000079

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-1fffa787e7

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=3

Fedora Core 26

ruby-2.4.3-87.fc26

23154 - Apache ActiveMQ Information Disclosure Vulnerability Prior To 5.15.2

Page 24: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Category: General Vulnerability Assessment -> NonIntrusive -> Web ServerRisk Level: MediumCVE: CVE-2017-15709

DescriptionA vulnerability is present in some versions of Apache ActiveMQ.

ObservationApache ActiveMQ is an open source messaging server.

A vulnerability is present in some versions of Apache ActiveMQ. The flaw lies in OpenWire protocol. Successful exploitation could allow an attacker to disclose sensitive information on the target machine.

23243 - IBM WebSphere Portal Cross-Site Scripting Vulnerability (swg22013706)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: MediumCVE: CVE-2018-1416

DescriptionA cross-site-scripting vulnerability is present in some versions of IBM WebSphere Portal.

ObservationIBM WebSphere Portal is a set of software tools that is used to build and manage web portals.

A cross-site-scripting vulnerability is present in some versions of IBM WebSphere Portal. The flaw lies in Web UI. Successful exploitation could allow an attacker to embed arbitrary JavaScript code in the web-based user interface.

146466 - SuSE SLES 12 SP2, 12 SP3 SUSE-SU-2018:0665-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677,CVE-2018-2678

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0665-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003808.html

SuSE SLES 12 SP3x86_64java-1_8_0-ibm-1.8.0_sr5.10-30.16.1java-1_8_0-ibm-plugin-1.8.0_sr5.10-30.16.1java-1_8_0-ibm-alsa-1.8.0_sr5.10-30.16.1

SuSE SLES 12 SP2

Page 25: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

x86_64java-1_8_0-ibm-1.8.0_sr5.10-30.16.1java-1_8_0-ibm-plugin-1.8.0_sr5.10-30.16.1java-1_8_0-ibm-alsa-1.8.0_sr5.10-30.16.1

146472 - SuSE Linux 42.3 openSUSE-SU-2018:0666-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2017-3523, CVE-2017-3586, CVE-2017-3589

DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2018:0666-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.opensuse.org/opensuse-updates/2018-03/msg00035.html

SuSE Linux 42.3noarchmysql-connector-java-5.1.42-10.3.1

160365 - CentOS 7 CESA-2018-0395 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: MediumCVE: CVE-2017-12188, CVE-2017-7518

DescriptionThe scan detected that the host is missing the following update:CESA-2018-0395

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.centos.org/pipermail/centos-announce/2018-March/022768.html

CentOS 7x86_64kernel-devel-3.10.0-693.21.1.el7kernel-tools-libs-devel-3.10.0-693.21.1.el7kernel-debug-devel-3.10.0-693.21.1.el7perf-3.10.0-693.21.1.el7kernel-3.10.0-693.21.1.el7kernel-tools-libs-3.10.0-693.21.1.el7kernel-debug-3.10.0-693.21.1.el7python-perf-3.10.0-693.21.1.el7kernel-headers-3.10.0-693.21.1.el7kernel-tools-3.10.0-693.21.1.el7

noarchkernel-abi-whitelists-3.10.0-693.21.1.el7

Page 26: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

kernel-doc-3.10.0-693.21.1.el7

163559 - Oracle Enterprise Linux ELSA-2018-0395 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-12188, CVE-2017-7518

DescriptionThe scan detected that the host is missing the following update:ELSA-2018-0395

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/el-errata/2018-March/007562.html

OEL7x86_64kernel-devel-3.10.0-693.21.1.el7kernel-headers-3.10.0-693.21.1.el7kernel-debug-devel-3.10.0-693.21.1.el7perf-3.10.0-693.21.1.el7kernel-3.10.0-693.21.1.el7kernel-tools-libs-3.10.0-693.21.1.el7kernel-debug-3.10.0-693.21.1.el7python-perf-3.10.0-693.21.1.el7kernel-abi-whitelists-3.10.0-693.21.1.el7kernel-tools-libs-devel-3.10.0-693.21.1.el7kernel-doc-3.10.0-693.21.1.el7kernel-tools-3.10.0-693.21.1.el7

175332 - Scientific Linux Security ERRATA Important: kernel on SL7.x x86_64 (1803-1085)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2017-12188, CVE-2017-7518

DescriptionThe scan detected that the host is missing the following update:Security ERRATA Important: kernel on SL7.x x86_64 (1803-1085)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://listserv.fnal.gov/scripts/wa.exe?A2=ind1803&L=scientific-linux-errata&F=&S=&P=1085

SL7x86_64kernel-devel-3.10.0-693.21.1.el7python-perf-debuginfo-3.10.0-693.21.1.el7kernel-debug-devel-3.10.0-693.21.1.el7kernel-tools-libs-3.10.0-693.21.1.el7kernel-debuginfo-3.10.0-693.21.1.el7

Page 27: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7kernel-headers-3.10.0-693.21.1.el7kernel-tools-debuginfo-3.10.0-693.21.1.el7kernel-debug-3.10.0-693.21.1.el7python-perf-3.10.0-693.21.1.el7kernel-tools-libs-devel-3.10.0-693.21.1.el7perf-debuginfo-3.10.0-693.21.1.el7kernel-3.10.0-693.21.1.el7perf-3.10.0-693.21.1.el7kernel-debug-debuginfo-3.10.0-693.21.1.el7kernel-tools-3.10.0-693.21.1.el7

noarchkernel-abi-whitelists-3.10.0-693.21.1.el7kernel-doc-3.10.0-693.21.1.el7

193367 - Fedora Linux 26 FEDORA-2018-b166805347 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2018-5702

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-b166805347

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=3

Fedora Core 26

transmission-2.92-12.fc26

193380 - Fedora Linux 26 FEDORA-2018-d94e205df8 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2018-6767, CVE-2018-7253

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-d94e205df8

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=2

Fedora Core 26

wavpack-5.1.0-7.fc26

Page 28: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

22996 - (K55102452) F5 BIG-IP TMM Vulnerability

Category: SSH Module -> NonIntrusive -> F5Risk Level: MediumCVE: CVE-2017-6140

DescriptionA denial of service vulnerability is present in some versions of F5's BIG-IP products.

ObservationF5's BIG-IP product is a network appliance that runs F5's Traffic Management Operating System.

A denial of service vulnerability is present in some versions of F5's BIG-IP products. The flaw lies in the virtual servers with a Client or Server SSL profile using AES-GCM cipher suites. Successful exploitation could allow an attacker to cause a denial of service condition on the target system.

23191 - Wireshark Multiple Vulnerabilities Prior To 2.2.13

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: MediumCVE: CVE-2018-7320, CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333, CVE-2018-7334,CVE-2018-7335, CVE-2018-7336

DescriptionMultiple vulnerabilities are present in some versions of Wireshark.

ObservationWireshark is a tool that is used to analyze the network protocol and traffic.

Multiple vulnerabilities are present in some versions of Wireshark. The flaws lie in multiple dissectors. Successful exploitation could allow an attacker to cause a denial of service condition.

23259 - IBM WebSphere Application Server Information Disclosure Vulnerability (swg22012342)

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: MediumCVE: CVE-2017-1741

DescriptionAn information disclosure vulnerability is present in some versions of IBM WebSphere Application Server.

ObservationIBM WebSphere Application Server is a server engine for Java EE Web applications.

An information disclosure vulnerability is present in some versions of IBM WebSphere Application Server. The flaw is due to improper handling of administrative console panel fields. Successful exploitation could allow an attacker to obtain sensitive information.

88921 - Slackware Linux 13.0, 13.1, 13.37, 14.0, 14.1, 14.2 SSA:2018-067-01 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and Hotfixes

Page 29: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Risk Level: MediumCVE: CVE-2017-15906

DescriptionThe scan detected that the host is missing the following update:SSA:2018-067-01

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.554315

Slackware 14.0x86_64openssh-7.4p1-x86_64-2

Slackware 13.37x86_64openssh-7.4p1-x86_64-2

Slackware 14.1x86_64openssh-7.4p1-x86_64-2

Slackware 13.1x86_64openssh-7.4p1-x86_64-2

Slackware 14.2x86_64openssh-7.4p1-x86_64-2

i586openssh-7.4p1-i586-2

Slackware 13.0x86_64openssh-7.4p1-x86_64-2

141888 - Red Hat Enterprise Linux RHSA-2018-0458 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0458

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00008.html

Page 30: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

RHEL7Dx86_64java-1.7.1-ibm-plugin-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-src-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-demo-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-devel-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-jdbc-1.7.1.4.20-1jpp.1.el7

RHEL7Sx86_64java-1.7.1-ibm-plugin-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-src-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-demo-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-devel-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-jdbc-1.7.1.4.20-1jpp.1.el7

RHEL7WSx86_64java-1.7.1-ibm-plugin-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-src-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-demo-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-devel-1.7.1.4.20-1jpp.1.el7java-1.7.1-ibm-jdbc-1.7.1.4.20-1jpp.1.el7

141889 - Red Hat Enterprise Linux RHSA-2018-0517 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2018-6871

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0517

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00029.html

RHEL6Si386libreoffice-langpack-hu-4.3.7.2-2.el6_9.2libreoffice-langpack-fr-4.3.7.2-2.el6_9.2libreoffice-langpack-cy-4.3.7.2-2.el6_9.2libreoffice-langpack-zu-4.3.7.2-2.el6_9.2libreoffice-langpack-ml-4.3.7.2-2.el6_9.2libreoffice-langpack-sv-4.3.7.2-2.el6_9.2libreoffice-langpack-es-4.3.7.2-2.el6_9.2libreoffice-langpack-af-4.3.7.2-2.el6_9.2libreoffice-langpack-dz-4.3.7.2-2.el6_9.2libreoffice-langpack-et-4.3.7.2-2.el6_9.2libreoffice-pdfimport-4.3.7.2-2.el6_9.2libreoffice-langpack-mai-4.3.7.2-2.el6_9.2libreoffice-langpack-he-4.3.7.2-2.el6_9.2

Page 31: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

libreoffice-langpack-sl-4.3.7.2-2.el6_9.2libreoffice-langpack-ro-4.3.7.2-2.el6_9.2libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.2libreoffice-glade-4.3.7.2-2.el6_9.2libreoffice-emailmerge-4.3.7.2-2.el6_9.2libreoffice-langpack-da-4.3.7.2-2.el6_9.2libreoffice-wiki-publisher-4.3.7.2-2.el6_9.2libreoffice-langpack-lt-4.3.7.2-2.el6_9.2libreoffice-langpack-cs-4.3.7.2-2.el6_9.2libreoffice-langpack-bg-4.3.7.2-2.el6_9.2libreoffice-langpack-bn-4.3.7.2-2.el6_9.2libreoffice-langpack-ts-4.3.7.2-2.el6_9.2libreoffice-headless-4.3.7.2-2.el6_9.2libreoffice-langpack-st-4.3.7.2-2.el6_9.2libreoffice-officebean-4.3.7.2-2.el6_9.2libreoffice-langpack-ss-4.3.7.2-2.el6_9.2libreoffice-langpack-gu-4.3.7.2-2.el6_9.2libreoffice-langpack-as-4.3.7.2-2.el6_9.2libreoffice-langpack-de-4.3.7.2-2.el6_9.2libreoffice-langpack-ms-4.3.7.2-2.el6_9.2libreoffice-4.3.7.2-2.el6_9.2libreoffice-langpack-ca-4.3.7.2-2.el6_9.2libreoffice-langpack-xh-4.3.7.2-2.el6_9.2libreoffice-langpack-ja-4.3.7.2-2.el6_9.2libreoffice-langpack-uk-4.3.7.2-2.el6_9.2libreoffice-langpack-nb-4.3.7.2-2.el6_9.2libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.2libreoffice-draw-4.3.7.2-2.el6_9.2libreoffice-langpack-it-4.3.7.2-2.el6_9.2libreoffice-langpack-ru-4.3.7.2-2.el6_9.2libreoffice-graphicfilter-4.3.7.2-2.el6_9.2libreoffice-langpack-nn-4.3.7.2-2.el6_9.2libreoffice-langpack-hi-4.3.7.2-2.el6_9.2libreoffice-langpack-en-4.3.7.2-2.el6_9.2libreoffice-sdk-doc-4.3.7.2-2.el6_9.2libreoffice-langpack-nr-4.3.7.2-2.el6_9.2libreoffice-langpack-ve-4.3.7.2-2.el6_9.2libreoffice-langpack-fi-4.3.7.2-2.el6_9.2libreoffice-impress-4.3.7.2-2.el6_9.2libreoffice-writer-4.3.7.2-2.el6_9.2libreoffice-langpack-ko-4.3.7.2-2.el6_9.2libreoffice-langpack-th-4.3.7.2-2.el6_9.2libreoffice-langpack-sk-4.3.7.2-2.el6_9.2libreoffice-langpack-eu-4.3.7.2-2.el6_9.2libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.2libreoffice-bsh-4.3.7.2-2.el6_9.2libreoffice-calc-4.3.7.2-2.el6_9.2libreoffice-langpack-pa-4.3.7.2-2.el6_9.2libreoffice-langpack-ga-4.3.7.2-2.el6_9.2libreoffice-ogltrans-4.3.7.2-2.el6_9.2libreoffice-debuginfo-4.3.7.2-2.el6_9.2libreoffice-langpack-gl-4.3.7.2-2.el6_9.2libreoffice-langpack-te-4.3.7.2-2.el6_9.2libreoffice-pyuno-4.3.7.2-2.el6_9.2libreoffice-librelogo-4.3.7.2-2.el6_9.2libreoffice-langpack-nl-4.3.7.2-2.el6_9.2libreoffice-langpack-el-4.3.7.2-2.el6_9.2libreoffice-langpack-sr-4.3.7.2-2.el6_9.2libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.2libreoffice-langpack-ar-4.3.7.2-2.el6_9.2

Page 32: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

libreoffice-langpack-tr-4.3.7.2-2.el6_9.2libreoffice-langpack-nso-4.3.7.2-2.el6_9.2libreoffice-langpack-ta-4.3.7.2-2.el6_9.2libreoffice-core-4.3.7.2-2.el6_9.2libreoffice-langpack-tn-4.3.7.2-2.el6_9.2libreoffice-filters-4.3.7.2-2.el6_9.2libreoffice-base-4.3.7.2-2.el6_9.2libreoffice-math-4.3.7.2-2.el6_9.2libreoffice-xsltfilter-4.3.7.2-2.el6_9.2libreoffice-langpack-or-4.3.7.2-2.el6_9.2libreoffice-langpack-kn-4.3.7.2-2.el6_9.2libreoffice-langpack-ur-4.3.7.2-2.el6_9.2libreoffice-ure-4.3.7.2-2.el6_9.2libreoffice-langpack-mr-4.3.7.2-2.el6_9.2libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.2libreoffice-sdk-4.3.7.2-2.el6_9.2libreoffice-rhino-4.3.7.2-2.el6_9.2libreoffice-langpack-hr-4.3.7.2-2.el6_9.2libreoffice-nlpsolver-4.3.7.2-2.el6_9.2libreoffice-langpack-pl-4.3.7.2-2.el6_9.2

noarchautocorr-fi-4.3.7.2-2.el6_9.2autocorr-cs-4.3.7.2-2.el6_9.2autocorr-ro-4.3.7.2-2.el6_9.2autocorr-pl-4.3.7.2-2.el6_9.2autocorr-hr-4.3.7.2-2.el6_9.2libreoffice-opensymbol-fonts-4.3.7.2-2.el6_9.2autocorr-fa-4.3.7.2-2.el6_9.2autocorr-de-4.3.7.2-2.el6_9.2autocorr-zh-4.3.7.2-2.el6_9.2autocorr-lb-4.3.7.2-2.el6_9.2autocorr-ga-4.3.7.2-2.el6_9.2autocorr-en-4.3.7.2-2.el6_9.2autocorr-ca-4.3.7.2-2.el6_9.2autocorr-sv-4.3.7.2-2.el6_9.2autocorr-da-4.3.7.2-2.el6_9.2autocorr-hu-4.3.7.2-2.el6_9.2autocorr-tr-4.3.7.2-2.el6_9.2autocorr-nl-4.3.7.2-2.el6_9.2autocorr-af-4.3.7.2-2.el6_9.2autocorr-vi-4.3.7.2-2.el6_9.2autocorr-ko-4.3.7.2-2.el6_9.2autocorr-sl-4.3.7.2-2.el6_9.2autocorr-pt-4.3.7.2-2.el6_9.2autocorr-is-4.3.7.2-2.el6_9.2autocorr-sr-4.3.7.2-2.el6_9.2autocorr-ru-4.3.7.2-2.el6_9.2autocorr-ja-4.3.7.2-2.el6_9.2autocorr-mn-4.3.7.2-2.el6_9.2autocorr-es-4.3.7.2-2.el6_9.2autocorr-lt-4.3.7.2-2.el6_9.2autocorr-it-4.3.7.2-2.el6_9.2autocorr-bg-4.3.7.2-2.el6_9.2autocorr-fr-4.3.7.2-2.el6_9.2autocorr-sk-4.3.7.2-2.el6_9.2

x86_64libreoffice-langpack-hu-4.3.7.2-2.el6_9.2libreoffice-langpack-fr-4.3.7.2-2.el6_9.2

Page 33: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

libreoffice-langpack-cy-4.3.7.2-2.el6_9.2libreoffice-langpack-zu-4.3.7.2-2.el6_9.2libreoffice-langpack-ml-4.3.7.2-2.el6_9.2libreoffice-langpack-sv-4.3.7.2-2.el6_9.2libreoffice-langpack-es-4.3.7.2-2.el6_9.2libreoffice-langpack-af-4.3.7.2-2.el6_9.2libreoffice-langpack-dz-4.3.7.2-2.el6_9.2libreoffice-langpack-et-4.3.7.2-2.el6_9.2libreoffice-pdfimport-4.3.7.2-2.el6_9.2libreoffice-langpack-mai-4.3.7.2-2.el6_9.2libreoffice-langpack-he-4.3.7.2-2.el6_9.2libreoffice-langpack-sl-4.3.7.2-2.el6_9.2libreoffice-langpack-ro-4.3.7.2-2.el6_9.2libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.2libreoffice-glade-4.3.7.2-2.el6_9.2libreoffice-emailmerge-4.3.7.2-2.el6_9.2libreoffice-langpack-da-4.3.7.2-2.el6_9.2libreoffice-wiki-publisher-4.3.7.2-2.el6_9.2libreoffice-langpack-lt-4.3.7.2-2.el6_9.2libreoffice-langpack-cs-4.3.7.2-2.el6_9.2libreoffice-langpack-bg-4.3.7.2-2.el6_9.2libreoffice-langpack-bn-4.3.7.2-2.el6_9.2libreoffice-langpack-ts-4.3.7.2-2.el6_9.2libreoffice-headless-4.3.7.2-2.el6_9.2libreoffice-langpack-st-4.3.7.2-2.el6_9.2libreoffice-officebean-4.3.7.2-2.el6_9.2libreoffice-langpack-ss-4.3.7.2-2.el6_9.2libreoffice-langpack-gu-4.3.7.2-2.el6_9.2libreoffice-langpack-as-4.3.7.2-2.el6_9.2libreoffice-langpack-de-4.3.7.2-2.el6_9.2libreoffice-langpack-ms-4.3.7.2-2.el6_9.2libreoffice-4.3.7.2-2.el6_9.2libreoffice-langpack-ca-4.3.7.2-2.el6_9.2libreoffice-langpack-xh-4.3.7.2-2.el6_9.2libreoffice-langpack-ja-4.3.7.2-2.el6_9.2libreoffice-langpack-uk-4.3.7.2-2.el6_9.2libreoffice-langpack-nb-4.3.7.2-2.el6_9.2libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.2libreoffice-draw-4.3.7.2-2.el6_9.2libreoffice-langpack-it-4.3.7.2-2.el6_9.2libreoffice-langpack-ru-4.3.7.2-2.el6_9.2libreoffice-graphicfilter-4.3.7.2-2.el6_9.2libreoffice-langpack-nn-4.3.7.2-2.el6_9.2libreoffice-langpack-hi-4.3.7.2-2.el6_9.2libreoffice-langpack-en-4.3.7.2-2.el6_9.2

RHEL6Di386libreoffice-langpack-hu-4.3.7.2-2.el6_9.2

RHEL6WSi386libreoffice-langpack-hu-4.3.7.2-2.el6_9.2

146467 - SuSE Linux 42.3 openSUSE-SU-2018:0667-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2018-7169

Page 34: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2018:0667-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.opensuse.org/opensuse-updates/2018-03/msg00036.html

SuSE Linux 42.3x86_64shadow-debuginfo-4.2.1-13.1shadow-debugsource-4.2.1-13.1shadow-4.2.1-13.1

i586shadow-debuginfo-4.2.1-13.1shadow-debugsource-4.2.1-13.1shadow-4.2.1-13.1

146468 - SuSE Linux 42.3 openSUSE-SU-2018:0642-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2017-1000024

DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2018:0642-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.opensuse.org/opensuse-updates/2018-03/msg00025.html

SuSE Linux 42.3x86_64shotwell-debugsource-0.22.0+git.20160103-16.1shotwell-debuginfo-0.22.0+git.20160103-16.1shotwell-0.22.0+git.20160103-16.1

noarchshotwell-lang-0.22.0+git.20160103-16.1

146469 - SuSE Linux 42.3 openSUSE-SU-2018:0643-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2018-5764

DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2018:0643-1

Page 35: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.opensuse.org/opensuse-updates/2018-03/msg00026.html

SuSE Linux 42.3x86_64rsync-3.1.0-13.1rsync-debugsource-3.1.0-13.1rsync-debuginfo-3.1.0-13.1

i586rsync-3.1.0-13.1rsync-debugsource-3.1.0-13.1rsync-debuginfo-3.1.0-13.1

146470 - SuSE Linux 42.3 openSUSE-SU-2018:0647-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2018-1000024, CVE-2018-1000027

DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2018:0647-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.opensuse.org/opensuse-updates/2018-03/msg00028.html

SuSE Linux 42.3x86_64squid-debugsource-3.5.21-12.1squid-debuginfo-3.5.21-12.1squid-3.5.21-12.1

i586squid-debugsource-3.5.21-12.1squid-debuginfo-3.5.21-12.1squid-3.5.21-12.1

146473 - SuSE SLES 12 SP2, 12 SP3, SLED 12 SP2, 12 SP3 SUSE-SU-2018:0661-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0661-1

Page 36: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003804.html

SuSE SLES 12 SP2x86_64java-1_7_0-openjdk-debugsource-1.7.0.171-43.12.1java-1_7_0-openjdk-demo-1.7.0.171-43.12.1java-1_7_0-openjdk-devel-1.7.0.171-43.12.1java-1_7_0-openjdk-headless-1.7.0.171-43.12.1java-1_7_0-openjdk-devel-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-demo-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-headless-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-1.7.0.171-43.12.1

SuSE SLED 12 SP3x86_64java-1_7_0-openjdk-headless-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-debugsource-1.7.0.171-43.12.1java-1_7_0-openjdk-headless-1.7.0.171-43.12.1java-1_7_0-openjdk-1.7.0.171-43.12.1java-1_7_0-openjdk-debuginfo-1.7.0.171-43.12.1

SuSE SLED 12 SP2x86_64java-1_7_0-openjdk-headless-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-debugsource-1.7.0.171-43.12.1java-1_7_0-openjdk-headless-1.7.0.171-43.12.1java-1_7_0-openjdk-1.7.0.171-43.12.1java-1_7_0-openjdk-debuginfo-1.7.0.171-43.12.1

SuSE SLES 12 SP3x86_64java-1_7_0-openjdk-debugsource-1.7.0.171-43.12.1java-1_7_0-openjdk-demo-1.7.0.171-43.12.1java-1_7_0-openjdk-devel-1.7.0.171-43.12.1java-1_7_0-openjdk-headless-1.7.0.171-43.12.1java-1_7_0-openjdk-devel-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-demo-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-headless-debuginfo-1.7.0.171-43.12.1java-1_7_0-openjdk-1.7.0.171-43.12.1

146474 - SuSE SLES 12 SP2, 12 SP3 SUSE-SU-2018:0636-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2018-1000024, CVE-2018-1000027

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0636-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.

Page 37: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003793.html

SuSE SLES 12 SP3x86_64squid-debugsource-3.5.21-26.6.1squid-3.5.21-26.6.1squid-debuginfo-3.5.21-26.6.1

SuSE SLES 12 SP2x86_64squid-debugsource-3.5.21-26.6.1squid-3.5.21-26.6.1squid-debuginfo-3.5.21-26.6.1

146476 - SuSE SLES 12 SP2, 12 SP3, SLED 12 SP2, 12 SP3 SUSE-SU-2018:0662-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2018-7169

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0662-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003805.html

SuSE SLES 12 SP2x86_64shadow-4.2.1-27.6.1shadow-debugsource-4.2.1-27.6.1shadow-debuginfo-4.2.1-27.6.1

SuSE SLED 12 SP3x86_64shadow-4.2.1-27.6.1shadow-debugsource-4.2.1-27.6.1shadow-debuginfo-4.2.1-27.6.1

SuSE SLED 12 SP2x86_64shadow-4.2.1-27.6.1shadow-debugsource-4.2.1-27.6.1shadow-debuginfo-4.2.1-27.6.1

SuSE SLES 12 SP3x86_64shadow-4.2.1-27.6.1shadow-debugsource-4.2.1-27.6.1shadow-debuginfo-4.2.1-27.6.1

146478 - SuSE SLED 12 SP2, 12 SP3 SUSE-SU-2018:0637-1 Update Is Not Installed

Page 38: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2017-1000024

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0637-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003794.html

SuSE SLED 12 SP3x86_64shotwell-debuginfo-0.22.0+git.20160103-15.6.1shotwell-0.22.0+git.20160103-15.6.1shotwell-debugsource-0.22.0+git.20160103-15.6.1

noarchshotwell-lang-0.22.0+git.20160103-15.6.1

SuSE SLED 12 SP2x86_64shotwell-debuginfo-0.22.0+git.20160103-15.6.1shotwell-0.22.0+git.20160103-15.6.1shotwell-debugsource-0.22.0+git.20160103-15.6.1

noarchshotwell-lang-0.22.0+git.20160103-15.6.1

146479 - SuSE SLES 12 SP2, 12 SP3, SLED 12 SP2, 12 SP3 SUSE-SU-2018:0663-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0663-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003806.html

SuSE SLES 12 SP2x86_64java-1_8_0-openjdk-1.8.0.161-27.13.1java-1_8_0-openjdk-devel-debuginfo-1.8.0.161-27.13.1java-1_8_0-openjdk-devel-1.8.0.161-27.13.1java-1_8_0-openjdk-demo-1.8.0.161-27.13.1java-1_8_0-openjdk-debugsource-1.8.0.161-27.13.1

Page 39: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

java-1_8_0-openjdk-headless-1.8.0.161-27.13.1java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-27.13.1java-1_8_0-openjdk-debuginfo-1.8.0.161-27.13.1java-1_8_0-openjdk-demo-debuginfo-1.8.0.161-27.13.1

SuSE SLED 12 SP3x86_64java-1_8_0-openjdk-debugsource-1.8.0.161-27.13.1java-1_8_0-openjdk-debuginfo-1.8.0.161-27.13.1java-1_8_0-openjdk-headless-1.8.0.161-27.13.1java-1_8_0-openjdk-1.8.0.161-27.13.1java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-27.13.1

SuSE SLED 12 SP2x86_64java-1_8_0-openjdk-debugsource-1.8.0.161-27.13.1java-1_8_0-openjdk-debuginfo-1.8.0.161-27.13.1java-1_8_0-openjdk-headless-1.8.0.161-27.13.1java-1_8_0-openjdk-1.8.0.161-27.13.1java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-27.13.1

SuSE SLES 12 SP3x86_64java-1_8_0-openjdk-1.8.0.161-27.13.1java-1_8_0-openjdk-devel-debuginfo-1.8.0.161-27.13.1java-1_8_0-openjdk-devel-1.8.0.161-27.13.1java-1_8_0-openjdk-demo-1.8.0.161-27.13.1java-1_8_0-openjdk-debugsource-1.8.0.161-27.13.1java-1_8_0-openjdk-headless-1.8.0.161-27.13.1java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-27.13.1java-1_8_0-openjdk-debuginfo-1.8.0.161-27.13.1java-1_8_0-openjdk-demo-debuginfo-1.8.0.161-27.13.1

146481 - SuSE SLES 11 SP4 SUSE-SU-2018:0630-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0630-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003790.html

SuSE SLES 11 SP4i586java-1_7_1-ibm-1.7.1_sr4.20-26.13.1java-1_7_1-ibm-jdbc-1.7.1_sr4.20-26.13.1java-1_7_1-ibm-plugin-1.7.1_sr4.20-26.13.1java-1_7_1-ibm-alsa-1.7.1_sr4.20-26.13.1

x86_64

Page 40: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

java-1_7_1-ibm-1.7.1_sr4.20-26.13.1java-1_7_1-ibm-jdbc-1.7.1_sr4.20-26.13.1java-1_7_1-ibm-plugin-1.7.1_sr4.20-26.13.1java-1_7_1-ibm-alsa-1.7.1_sr4.20-26.13.1

160367 - CentOS 7 CESA-2018-0418 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: MediumCVE: CVE-2018-6871

DescriptionThe scan detected that the host is missing the following update:CESA-2018-0418

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.centos.org/pipermail/centos-announce/2018-March/022770.html

CentOS 7i686libreofficekit-5.0.6.2-15.el7_4libreofficekit-devel-5.0.6.2-15.el7_4

noarchautocorr-cs-5.0.6.2-15.el7_4autocorr-is-5.0.6.2-15.el7_4autocorr-hu-5.0.6.2-15.el7_4autocorr-fi-5.0.6.2-15.el7_4autocorr-nl-5.0.6.2-15.el7_4autocorr-af-5.0.6.2-15.el7_4autocorr-sk-5.0.6.2-15.el7_4autocorr-ko-5.0.6.2-15.el7_4autocorr-de-5.0.6.2-15.el7_4autocorr-zh-5.0.6.2-15.el7_4autocorr-vi-5.0.6.2-15.el7_4autocorr-tr-5.0.6.2-15.el7_4autocorr-fr-5.0.6.2-15.el7_4autocorr-hr-5.0.6.2-15.el7_4autocorr-it-5.0.6.2-15.el7_4autocorr-fa-5.0.6.2-15.el7_4libreoffice-opensymbol-fonts-5.0.6.2-15.el7_4autocorr-en-5.0.6.2-15.el7_4autocorr-sr-5.0.6.2-15.el7_4autocorr-ro-5.0.6.2-15.el7_4autocorr-mn-5.0.6.2-15.el7_4autocorr-sl-5.0.6.2-15.el7_4autocorr-es-5.0.6.2-15.el7_4autocorr-bg-5.0.6.2-15.el7_4autocorr-pl-5.0.6.2-15.el7_4autocorr-ga-5.0.6.2-15.el7_4autocorr-lt-5.0.6.2-15.el7_4autocorr-ca-5.0.6.2-15.el7_4autocorr-da-5.0.6.2-15.el7_4autocorr-ja-5.0.6.2-15.el7_4autocorr-lb-5.0.6.2-15.el7_4

Page 41: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

autocorr-pt-5.0.6.2-15.el7_4autocorr-sv-5.0.6.2-15.el7_4autocorr-ru-5.0.6.2-15.el7_4

x86_64libreoffice-writer-5.0.6.2-15.el7_4libreoffice-langpack-ta-5.0.6.2-15.el7_4libreoffice-langpack-ro-5.0.6.2-15.el7_4libreoffice-filters-5.0.6.2-15.el7_4libreoffice-langpack-en-5.0.6.2-15.el7_4libreoffice-graphicfilter-5.0.6.2-15.el7_4libreoffice-langpack-gu-5.0.6.2-15.el7_4libreoffice-wiki-publisher-5.0.6.2-15.el7_4libreoffice-ogltrans-5.0.6.2-15.el7_4libreoffice-langpack-fa-5.0.6.2-15.el7_4libreoffice-langpack-eu-5.0.6.2-15.el7_4libreoffice-langpack-ml-5.0.6.2-15.el7_4libreoffice-langpack-de-5.0.6.2-15.el7_4libreoffice-langpack-ga-5.0.6.2-15.el7_4libreoffice-librelogo-5.0.6.2-15.el7_4libreoffice-langpack-nb-5.0.6.2-15.el7_4libreoffice-officebean-5.0.6.2-15.el7_4libreoffice-langpack-ss-5.0.6.2-15.el7_4libreoffice-langpack-bg-5.0.6.2-15.el7_4libreoffice-langpack-dz-5.0.6.2-15.el7_4libreoffice-langpack-ca-5.0.6.2-15.el7_4libreoffice-langpack-br-5.0.6.2-15.el7_4libreoffice-langpack-zu-5.0.6.2-15.el7_4libreoffice-langpack-lv-5.0.6.2-15.el7_4libreoffice-langpack-or-5.0.6.2-15.el7_4libreoffice-math-5.0.6.2-15.el7_4libreoffice-langpack-kk-5.0.6.2-15.el7_4libreoffice-langpack-ar-5.0.6.2-15.el7_4libreoffice-langpack-th-5.0.6.2-15.el7_4libreoffice-postgresql-5.0.6.2-15.el7_4libreofficekit-devel-5.0.6.2-15.el7_4libreoffice-langpack-nl-5.0.6.2-15.el7_4libreoffice-langpack-bn-5.0.6.2-15.el7_4libreoffice-langpack-pt-BR-5.0.6.2-15.el7_4libreoffice-draw-5.0.6.2-15.el7_4libreoffice-langpack-es-5.0.6.2-15.el7_4libreoffice-langpack-hu-5.0.6.2-15.el7_4libreoffice-xsltfilter-5.0.6.2-15.el7_4libreoffice-rhino-5.0.6.2-15.el7_4libreoffice-impress-5.0.6.2-15.el7_4libreoffice-calc-5.0.6.2-15.el7_4libreoffice-langpack-st-5.0.6.2-15.el7_4libreoffice-langpack-nr-5.0.6.2-15.el7_4libreoffice-langpack-nso-5.0.6.2-15.el7_4libreoffice-langpack-ts-5.0.6.2-15.el7_4libreoffice-langpack-et-5.0.6.2-15.el7_4libreoffice-langpack-da-5.0.6.2-15.el7_4libreoffice-langpack-hi-5.0.6.2-15.el7_4libreoffice-langpack-si-5.0.6.2-15.el7_4libreoffice-5.0.6.2-15.el7_4libreoffice-langpack-sv-5.0.6.2-15.el7_4libreofficekit-5.0.6.2-15.el7_4libreoffice-langpack-cy-5.0.6.2-15.el7_4libreoffice-langpack-uk-5.0.6.2-15.el7_4libreoffice-langpack-tr-5.0.6.2-15.el7_4

Page 42: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

libreoffice-langpack-cs-5.0.6.2-15.el7_4libreoffice-langpack-sk-5.0.6.2-15.el7_4libreoffice-langpack-kn-5.0.6.2-15.el7_4libreoffice-langpack-as-5.0.6.2-15.el7_4libreoffice-langpack-gl-5.0.6.2-15.el7_4libreoffice-ure-5.0.6.2-15.el7_4libreoffice-langpack-zh-Hant-5.0.6.2-15.el7_4libreoffice-langpack-ja-5.0.6.2-15.el7_4libreoffice-langpack-zh-Hans-5.0.6.2-15.el7_4libreoffice-glade-5.0.6.2-15.el7_4libreoffice-langpack-af-5.0.6.2-15.el7_4libreoffice-langpack-he-5.0.6.2-15.el7_4libreoffice-langpack-sl-5.0.6.2-15.el7_4libreoffice-bsh-5.0.6.2-15.el7_4libreoffice-langpack-te-5.0.6.2-15.el7_4libreoffice-sdk-5.0.6.2-15.el7_4libreoffice-langpack-pa-5.0.6.2-15.el7_4libreoffice-langpack-fi-5.0.6.2-15.el7_4libreoffice-pdfimport-5.0.6.2-15.el7_4libreoffice-langpack-xh-5.0.6.2-15.el7_4libreoffice-base-5.0.6.2-15.el7_4libreoffice-langpack-hr-5.0.6.2-15.el7_4libreoffice-langpack-sr-5.0.6.2-15.el7_4libreoffice-langpack-nn-5.0.6.2-15.el7_4libreoffice-langpack-ve-5.0.6.2-15.el7_4libreoffice-langpack-el-5.0.6.2-15.el7_4libreoffice-gdb-debug-support-5.0.6.2-15.el7_4libreoffice-pyuno-5.0.6.2-15.el7_4libreoffice-core-5.0.6.2-15.el7_4libreoffice-langpack-mr-5.0.6.2-15.el7_4libreoffice-langpack-fr-5.0.6.2-15.el7_4libreoffice-langpack-ru-5.0.6.2-15.el7_4libreoffice-emailmerge-5.0.6.2-15.el7_4libreoffice-langpack-ko-5.0.6.2-15.el7_4libreoffice-sdk-doc-5.0.6.2-15.el7_4libreoffice-langpack-tn-5.0.6.2-15.el7_4libreoffice-langpack-it-5.0.6.2-15.el7_4libreoffice-langpack-mai-5.0.6.2-15.el7_4libreoffice-langpack-lt-5.0.6.2-15.el7_4libreoffice-langpack-pt-PT-5.0.6.2-15.el7_4libreoffice-langpack-pl-5.0.6.2-15.el7_4libreoffice-nlpsolver-5.0.6.2-15.el7_4

175336 - Scientific Linux Security ERRATA Moderate: libreoffice on SL7.x x86_64 (1803-752)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2018-6871

DescriptionThe scan detected that the host is missing the following update:Security ERRATA Moderate: libreoffice on SL7.x x86_64 (1803-752)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://listserv.fnal.gov/scripts/wa.exe?A2=ind1803&L=scientific-linux-errata&F=&S=&P=752

Page 43: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

SL7x86_64libreoffice-writer-5.0.6.2-15.el7_4libreoffice-langpack-ta-5.0.6.2-15.el7_4libreoffice-langpack-ro-5.0.6.2-15.el7_4libreoffice-filters-5.0.6.2-15.el7_4libreoffice-langpack-en-5.0.6.2-15.el7_4libreoffice-graphicfilter-5.0.6.2-15.el7_4libreoffice-langpack-gu-5.0.6.2-15.el7_4libreoffice-ogltrans-5.0.6.2-15.el7_4libreoffice-langpack-fa-5.0.6.2-15.el7_4libreoffice-langpack-eu-5.0.6.2-15.el7_4libreoffice-langpack-ml-5.0.6.2-15.el7_4libreoffice-langpack-de-5.0.6.2-15.el7_4libreoffice-langpack-ga-5.0.6.2-15.el7_4libreoffice-librelogo-5.0.6.2-15.el7_4libreoffice-langpack-nb-5.0.6.2-15.el7_4libreoffice-officebean-5.0.6.2-15.el7_4libreoffice-langpack-ss-5.0.6.2-15.el7_4libreoffice-langpack-bg-5.0.6.2-15.el7_4libreoffice-langpack-dz-5.0.6.2-15.el7_4libreoffice-langpack-ca-5.0.6.2-15.el7_4libreoffice-langpack-br-5.0.6.2-15.el7_4libreoffice-langpack-zu-5.0.6.2-15.el7_4libreoffice-langpack-lv-5.0.6.2-15.el7_4libreoffice-langpack-or-5.0.6.2-15.el7_4libreoffice-math-5.0.6.2-15.el7_4libreoffice-langpack-kk-5.0.6.2-15.el7_4libreoffice-langpack-ar-5.0.6.2-15.el7_4libreoffice-langpack-th-5.0.6.2-15.el7_4libreoffice-postgresql-5.0.6.2-15.el7_4libreoffice-langpack-st-5.0.6.2-15.el7_4libreoffice-langpack-nl-5.0.6.2-15.el7_4libreoffice-langpack-bn-5.0.6.2-15.el7_4libreoffice-draw-5.0.6.2-15.el7_4libreoffice-langpack-es-5.0.6.2-15.el7_4libreoffice-langpack-hu-5.0.6.2-15.el7_4libreoffice-xsltfilter-5.0.6.2-15.el7_4libreoffice-rhino-5.0.6.2-15.el7_4libreofficekit-devel-5.0.6.2-15.el7_4libreoffice-impress-5.0.6.2-15.el7_4libreoffice-calc-5.0.6.2-15.el7_4libreoffice-langpack-nr-5.0.6.2-15.el7_4libreoffice-langpack-nso-5.0.6.2-15.el7_4libreoffice-langpack-ts-5.0.6.2-15.el7_4libreoffice-langpack-et-5.0.6.2-15.el7_4libreoffice-langpack-da-5.0.6.2-15.el7_4libreoffice-langpack-hi-5.0.6.2-15.el7_4libreoffice-langpack-si-5.0.6.2-15.el7_4libreoffice-langpack-pt-BR-5.0.6.2-15.el7_4libreoffice-langpack-sv-5.0.6.2-15.el7_4libreofficekit-5.0.6.2-15.el7_4libreoffice-langpack-cy-5.0.6.2-15.el7_4libreoffice-langpack-uk-5.0.6.2-15.el7_4libreoffice-langpack-tr-5.0.6.2-15.el7_4libreoffice-langpack-cs-5.0.6.2-15.el7_4libreoffice-langpack-sk-5.0.6.2-15.el7_4libreoffice-langpack-kn-5.0.6.2-15.el7_4libreoffice-langpack-as-5.0.6.2-15.el7_4libreoffice-gdb-debug-support-5.0.6.2-15.el7_4

Page 44: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

libreoffice-langpack-gl-5.0.6.2-15.el7_4libreoffice-langpack-zh-Hant-5.0.6.2-15.el7_4libreoffice-langpack-ja-5.0.6.2-15.el7_4libreoffice-langpack-zh-Hans-5.0.6.2-15.el7_4libreoffice-glade-5.0.6.2-15.el7_4libreoffice-langpack-af-5.0.6.2-15.el7_4libreoffice-langpack-he-5.0.6.2-15.el7_4libreoffice-langpack-sl-5.0.6.2-15.el7_4libreoffice-bsh-5.0.6.2-15.el7_4libreoffice-langpack-te-5.0.6.2-15.el7_4libreoffice-ure-5.0.6.2-15.el7_4libreoffice-langpack-pa-5.0.6.2-15.el7_4libreoffice-langpack-fi-5.0.6.2-15.el7_4libreoffice-pdfimport-5.0.6.2-15.el7_4libreoffice-langpack-xh-5.0.6.2-15.el7_4libreoffice-base-5.0.6.2-15.el7_4libreoffice-langpack-hr-5.0.6.2-15.el7_4libreoffice-langpack-sr-5.0.6.2-15.el7_4libreoffice-langpack-nn-5.0.6.2-15.el7_4libreoffice-langpack-ve-5.0.6.2-15.el7_4libreoffice-langpack-el-5.0.6.2-15.el7_4libreoffice-wiki-publisher-5.0.6.2-15.el7_4libreoffice-pyuno-5.0.6.2-15.el7_4libreoffice-core-5.0.6.2-15.el7_4libreoffice-debuginfo-5.0.6.2-15.el7_4libreoffice-langpack-mr-5.0.6.2-15.el7_4libreoffice-sdk-5.0.6.2-15.el7_4libreoffice-langpack-fr-5.0.6.2-15.el7_4libreoffice-langpack-ru-5.0.6.2-15.el7_4libreoffice-emailmerge-5.0.6.2-15.el7_4libreoffice-langpack-ko-5.0.6.2-15.el7_4libreoffice-sdk-doc-5.0.6.2-15.el7_4libreoffice-langpack-tn-5.0.6.2-15.el7_4libreoffice-langpack-it-5.0.6.2-15.el7_4libreoffice-langpack-mai-5.0.6.2-15.el7_4libreoffice-langpack-lt-5.0.6.2-15.el7_4libreoffice-langpack-pt-PT-5.0.6.2-15.el7_4libreoffice-langpack-pl-5.0.6.2-15.el7_4libreoffice-nlpsolver-5.0.6.2-15.el7_4libreoffice-5.0.6.2-15.el7_4

noarchautocorr-cs-5.0.6.2-15.el7_4autocorr-is-5.0.6.2-15.el7_4autocorr-hu-5.0.6.2-15.el7_4autocorr-fi-5.0.6.2-15.el7_4autocorr-nl-5.0.6.2-15.el7_4autocorr-af-5.0.6.2-15.el7_4autocorr-sk-5.0.6.2-15.el7_4autocorr-ko-5.0.6.2-15.el7_4autocorr-de-5.0.6.2-15.el7_4autocorr-zh-5.0.6.2-15.el7_4autocorr-vi-5.0.6.2-15.el7_4autocorr-tr-5.0.6.2-15.el7_4autocorr-fr-5.0.6.2-15.el7_4autocorr-hr-5.0.6.2-15.el7_4autocorr-it-5.0.6.2-15.el7_4autocorr-fa-5.0.6.2-15.el7_4libreoffice-opensymbol-fonts-5.0.6.2-15.el7_4autocorr-en-5.0.6.2-15.el7_4

Page 45: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

autocorr-sr-5.0.6.2-15.el7_4autocorr-ro-5.0.6.2-15.el7_4autocorr-mn-5.0.6.2-15.el7_4autocorr-sl-5.0.6.2-15.el7_4autocorr-es-5.0.6.2-15.el7_4autocorr-bg-5.0.6.2-15.el7_4autocorr-pl-5.0.6.2-15.el7_4autocorr-ga-5.0.6.2-15.el7_4autocorr-lt-5.0.6.2-15.el7_4autocorr-ca-5.0.6.2-15.el7_4autocorr-da-5.0.6.2-15.el7_4autocorr-ja-5.0.6.2-15.el7_4autocorr-lb-5.0.6.2-15.el7_4autocorr-pt-5.0.6.2-15.el7_4autocorr-sv-5.0.6.2-15.el7_4autocorr-ru-5.0.6.2-15.el7_4

178590 - Gentoo Linux GLSA-201803-05 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: MediumCVE: CVE-MAP-NOMATCH

DescriptionThe scan detected that the host is missing the following update:GLSA-201803-05

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://security.gentoo.org/glsa/201803-05

Affected packages: www-client/chromium < 65.0.3325.146www-client/google-chrome < 65.0.3325.146

178592 - Gentoo Linux GLSA-201803-04 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Gentoo Linux Patches and HotFixesRisk Level: MediumCVE: CVE-MAP-NOMATCH

DescriptionThe scan detected that the host is missing the following update:GLSA-201803-04

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://security.gentoo.org/glsa/201803-04

Affected packages: net-news/newsbeuter <= 2.9-r3

Page 46: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

186131 - Ubuntu Linux 17.10 USN-3579-3 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: MediumCVE: CVE-2018-6871

DescriptionThe scan detected that the host is missing the following update:USN-3579-3

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.ubuntu.com/archives/ubuntu-security-announce/2018-March/004308.html

Ubuntu 17.10

libreoffice-common_5.4.5-0ubuntu0.17.10.5

141885 - Red Hat Enterprise Linux RHSA-2018-0505 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2018-5950

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0505

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00027.html

RHEL7Sx86_64mailman-2.1.15-26.el7_4.1mailman-debuginfo-2.1.15-26.el7_4.1

RHEL7WSx86_64mailman-2.1.15-26.el7_4.1mailman-debuginfo-2.1.15-26.el7_4.1

141886 - Red Hat Enterprise Linux RHSA-2018-0515 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-15135, CVE-2018-1054

DescriptionThe scan detected that the host is missing the following update:

Page 47: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

RHSA-2018-0515

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00030.html

RHEL6Sx86_64389-ds-base-1.2.11.15-94.el6_9389-ds-base-libs-1.2.11.15-94.el6_9389-ds-base-debuginfo-1.2.11.15-94.el6_9389-ds-base-devel-1.2.11.15-94.el6_9

i386389-ds-base-1.2.11.15-94.el6_9389-ds-base-libs-1.2.11.15-94.el6_9389-ds-base-debuginfo-1.2.11.15-94.el6_9389-ds-base-devel-1.2.11.15-94.el6_9

RHEL6WSx86_64389-ds-base-1.2.11.15-94.el6_9389-ds-base-libs-1.2.11.15-94.el6_9389-ds-base-debuginfo-1.2.11.15-94.el6_9

i386389-ds-base-1.2.11.15-94.el6_9389-ds-base-libs-1.2.11.15-94.el6_9389-ds-base-debuginfo-1.2.11.15-94.el6_9

RHEL6Dx86_64389-ds-base-1.2.11.15-94.el6_9389-ds-base-libs-1.2.11.15-94.el6_9389-ds-base-debuginfo-1.2.11.15-94.el6_9389-ds-base-devel-1.2.11.15-94.el6_9

i386389-ds-base-1.2.11.15-94.el6_9389-ds-base-libs-1.2.11.15-94.el6_9389-ds-base-debuginfo-1.2.11.15-94.el6_9389-ds-base-devel-1.2.11.15-94.el6_9

141891 - Red Hat Enterprise Linux RHSA-2018-0464 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-5753, CVE-2017-5754

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0464

ObservationUpdates often remediate critical security problems that should be quickly addressed.

Page 48: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00011.html

RHEL5_9Si386kernel-PAE-2.6.18-348.35.1.el5kernel-xen-2.6.18-348.35.1.el5kernel-xen-debuginfo-2.6.18-348.35.1.el5kernel-debuginfo-2.6.18-348.35.1.el5kernel-debuginfo-common-2.6.18-348.35.1.el5kernel-PAE-devel-2.6.18-348.35.1.el5kernel-2.6.18-348.35.1.el5kernel-debug-2.6.18-348.35.1.el5kernel-debug-devel-2.6.18-348.35.1.el5kernel-debug-debuginfo-2.6.18-348.35.1.el5kernel-xen-devel-2.6.18-348.35.1.el5kernel-PAE-debuginfo-2.6.18-348.35.1.el5kernel-devel-2.6.18-348.35.1.el5kernel-headers-2.6.18-348.35.1.el5

noarchkernel-doc-2.6.18-348.35.1.el5

x86_64kernel-xen-debuginfo-2.6.18-348.35.1.el5kernel-debug-devel-2.6.18-348.35.1.el5kernel-debuginfo-common-2.6.18-348.35.1.el5kernel-debug-debuginfo-2.6.18-348.35.1.el5kernel-xen-devel-2.6.18-348.35.1.el5kernel-debuginfo-2.6.18-348.35.1.el5kernel-xen-2.6.18-348.35.1.el5kernel-headers-2.6.18-348.35.1.el5kernel-devel-2.6.18-348.35.1.el5kernel-debug-2.6.18-348.35.1.el5kernel-2.6.18-348.35.1.el5

141892 - Red Hat Enterprise Linux RHSA-2018-0496 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0496

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00023.html

RHEL6_7Si386kernel-debug-devel-2.6.32-573.53.1.el6perf-2.6.32-573.53.1.el6kernel-headers-2.6.32-573.53.1.el6

Page 49: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

kernel-debuginfo-2.6.32-573.53.1.el6kernel-2.6.32-573.53.1.el6perf-debuginfo-2.6.32-573.53.1.el6kernel-debuginfo-common-i686-2.6.32-573.53.1.el6kernel-devel-2.6.32-573.53.1.el6kernel-debug-debuginfo-2.6.32-573.53.1.el6python-perf-2.6.32-573.53.1.el6kernel-debug-2.6.32-573.53.1.el6python-perf-debuginfo-2.6.32-573.53.1.el6

noarchkernel-firmware-2.6.32-573.53.1.el6kernel-abi-whitelists-2.6.32-573.53.1.el6kernel-doc-2.6.32-573.53.1.el6

x86_64kernel-debug-devel-2.6.32-573.53.1.el6kernel-headers-2.6.32-573.53.1.el6kernel-debug-debuginfo-2.6.32-573.53.1.el6kernel-debuginfo-common-x86_64-2.6.32-573.53.1.el6perf-2.6.32-573.53.1.el6perf-debuginfo-2.6.32-573.53.1.el6kernel-2.6.32-573.53.1.el6kernel-debug-2.6.32-573.53.1.el6kernel-devel-2.6.32-573.53.1.el6python-perf-2.6.32-573.53.1.el6python-perf-debuginfo-2.6.32-573.53.1.el6kernel-debuginfo-2.6.32-573.53.1.el6kernel-debuginfo-common-i686-2.6.32-573.53.1.el6

141894 - Red Hat Enterprise Linux RHSA-2018-0512 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0512

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00031.html

RHEL6Di386python-perf-debuginfo-2.6.32-696.23.1.el6python-perf-2.6.32-696.23.1.el6kernel-debuginfo-common-i686-2.6.32-696.23.1.el6perf-2.6.32-696.23.1.el6kernel-debug-debuginfo-2.6.32-696.23.1.el6kernel-debuginfo-2.6.32-696.23.1.el6kernel-debug-devel-2.6.32-696.23.1.el6kernel-debug-2.6.32-696.23.1.el6kernel-2.6.32-696.23.1.el6kernel-devel-2.6.32-696.23.1.el6

Page 50: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

perf-debuginfo-2.6.32-696.23.1.el6kernel-headers-2.6.32-696.23.1.el6

noarchkernel-firmware-2.6.32-696.23.1.el6kernel-abi-whitelists-2.6.32-696.23.1.el6kernel-doc-2.6.32-696.23.1.el6

x86_64kernel-debug-devel-2.6.32-696.23.1.el6kernel-debuginfo-common-i686-2.6.32-696.23.1.el6perf-2.6.32-696.23.1.el6kernel-2.6.32-696.23.1.el6kernel-debug-2.6.32-696.23.1.el6kernel-devel-2.6.32-696.23.1.el6perf-debuginfo-2.6.32-696.23.1.el6python-perf-2.6.32-696.23.1.el6kernel-debug-debuginfo-2.6.32-696.23.1.el6kernel-debuginfo-common-x86_64-2.6.32-696.23.1.el6kernel-debuginfo-2.6.32-696.23.1.el6kernel-headers-2.6.32-696.23.1.el6python-perf-debuginfo-2.6.32-696.23.1.el6

RHEL6Si386python-perf-debuginfo-2.6.32-696.23.1.el6python-perf-2.6.32-696.23.1.el6kernel-debuginfo-common-i686-2.6.32-696.23.1.el6perf-2.6.32-696.23.1.el6kernel-debug-debuginfo-2.6.32-696.23.1.el6kernel-debuginfo-2.6.32-696.23.1.el6kernel-debug-devel-2.6.32-696.23.1.el6kernel-debug-2.6.32-696.23.1.el6kernel-2.6.32-696.23.1.el6kernel-devel-2.6.32-696.23.1.el6perf-debuginfo-2.6.32-696.23.1.el6kernel-headers-2.6.32-696.23.1.el6

noarchkernel-firmware-2.6.32-696.23.1.el6kernel-abi-whitelists-2.6.32-696.23.1.el6kernel-doc-2.6.32-696.23.1.el6

x86_64kernel-debug-devel-2.6.32-696.23.1.el6kernel-debuginfo-common-i686-2.6.32-696.23.1.el6perf-2.6.32-696.23.1.el6kernel-2.6.32-696.23.1.el6kernel-debug-2.6.32-696.23.1.el6kernel-devel-2.6.32-696.23.1.el6perf-debuginfo-2.6.32-696.23.1.el6python-perf-2.6.32-696.23.1.el6kernel-debug-debuginfo-2.6.32-696.23.1.el6kernel-debuginfo-common-x86_64-2.6.32-696.23.1.el6kernel-debuginfo-2.6.32-696.23.1.el6kernel-headers-2.6.32-696.23.1.el6python-perf-debuginfo-2.6.32-696.23.1.el6

RHEL6WSi386

Page 51: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

python-perf-debuginfo-2.6.32-696.23.1.el6kernel-debuginfo-common-i686-2.6.32-696.23.1.el6perf-2.6.32-696.23.1.el6kernel-debug-debuginfo-2.6.32-696.23.1.el6kernel-debuginfo-2.6.32-696.23.1.el6kernel-debug-devel-2.6.32-696.23.1.el6kernel-debug-2.6.32-696.23.1.el6kernel-2.6.32-696.23.1.el6kernel-devel-2.6.32-696.23.1.el6perf-debuginfo-2.6.32-696.23.1.el6kernel-headers-2.6.32-696.23.1.el6

noarchkernel-firmware-2.6.32-696.23.1.el6kernel-abi-whitelists-2.6.32-696.23.1.el6kernel-doc-2.6.32-696.23.1.el6

x86_64kernel-debuginfo-common-x86_64-2.6.32-696.23.1.el6python-perf-debuginfo-2.6.32-696.23.1.el6kernel-debuginfo-common-i686-2.6.32-696.23.1.el6perf-2.6.32-696.23.1.el6kernel-debug-debuginfo-2.6.32-696.23.1.el6kernel-debuginfo-2.6.32-696.23.1.el6kernel-debug-devel-2.6.32-696.23.1.el6kernel-debug-2.6.32-696.23.1.el6kernel-2.6.32-696.23.1.el6kernel-devel-2.6.32-696.23.1.el6perf-debuginfo-2.6.32-696.23.1.el6kernel-headers-2.6.32-696.23.1.el6

141896 - Red Hat Enterprise Linux RHSA-2018-0504 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2018-5950

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0504

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00026.html

RHEL6Si386mailman-2.1.12-26.el6_9.3mailman-debuginfo-2.1.12-26.el6_9.3

x86_64mailman-2.1.12-26.el6_9.3mailman-debuginfo-2.1.12-26.el6_9.3

RHEL6WSx86_64

Page 52: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

mailman-2.1.12-26.el6_9.3mailman-debuginfo-2.1.12-26.el6_9.3

i386mailman-2.1.12-26.el6_9.3mailman-debuginfo-2.1.12-26.el6_9.3

146460 - SuSE SLED 12 SP2, 12 SP3 SUSE-SU-2018:0631-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2017-5950

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0631-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003791.html

SuSE SLED 12 SP3x86_64libyaml-cpp0_5-0.5.3-3.3.2libyaml-cpp0_5-debuginfo-0.5.3-3.3.2yaml-cpp-debugsource-0.5.3-3.3.2

SuSE SLED 12 SP2x86_64libyaml-cpp0_5-0.5.3-3.3.2libyaml-cpp0_5-debuginfo-0.5.3-3.3.2yaml-cpp-debugsource-0.5.3-3.3.2

146464 - SuSE SLES 11 SP4 SUSE-SU-2018:0639-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2017-1000159

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0639-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003796.html

SuSE SLES 11 SP4i586evince-doc-2.28.2-0.7.3.1evince-lang-2.28.2-0.7.3.1evince-2.28.2-0.7.3.1

Page 53: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

x86_64evince-doc-2.28.2-0.7.3.1evince-lang-2.28.2-0.7.3.1evince-2.28.2-0.7.3.1

146475 - SuSE Linux 42.3 openSUSE-SU-2018:0668-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2017-12133

DescriptionThe scan detected that the host is missing the following update:openSUSE-SU-2018:0668-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.opensuse.org/opensuse-updates/2018-03/msg00037.html

SuSE Linux 42.3i586glibc-extra-debuginfo-2.22-16.3glibc-profile-2.22-16.3glibc-devel-static-2.22-16.3glibc-utils-debugsource-2.22-16.3glibc-locale-2.22-16.3glibc-devel-2.22-16.3glibc-2.22-16.3glibc-extra-2.22-16.3glibc-utils-2.22-16.3glibc-utils-debuginfo-2.22-16.3glibc-debuginfo-2.22-16.3nscd-2.22-16.3glibc-locale-debuginfo-2.22-16.3nscd-debuginfo-2.22-16.3glibc-debugsource-2.22-16.3glibc-devel-debuginfo-2.22-16.3

i686glibc-locale-debuginfo-2.22-16.3glibc-debugsource-2.22-16.3glibc-devel-static-2.22-16.3glibc-devel-2.22-16.3glibc-debuginfo-2.22-16.3glibc-profile-2.22-16.3glibc-2.22-16.3glibc-devel-debuginfo-2.22-16.3glibc-locale-2.22-16.3

noarchglibc-info-2.22-16.3glibc-html-2.22-16.3glibc-i18ndata-2.22-16.3

x86_64

Page 54: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

glibc-devel-static-32bit-2.22-16.3glibc-utils-32bit-2.22-16.3glibc-extra-debuginfo-2.22-16.3glibc-32bit-2.22-16.3glibc-profile-2.22-16.3glibc-devel-debuginfo-32bit-2.22-16.3glibc-devel-static-2.22-16.3glibc-debuginfo-32bit-2.22-16.3glibc-devel-32bit-2.22-16.3glibc-utils-debugsource-2.22-16.3glibc-locale-2.22-16.3glibc-devel-2.22-16.3glibc-2.22-16.3glibc-extra-2.22-16.3glibc-utils-2.22-16.3glibc-utils-debuginfo-2.22-16.3glibc-debuginfo-2.22-16.3nscd-2.22-16.3glibc-locale-debuginfo-2.22-16.3glibc-locale-32bit-2.22-16.3glibc-profile-32bit-2.22-16.3nscd-debuginfo-2.22-16.3glibc-locale-debuginfo-32bit-2.22-16.3glibc-utils-debuginfo-32bit-2.22-16.3glibc-debugsource-2.22-16.3glibc-devel-debuginfo-2.22-16.3

146480 - SuSE SLES 12 SP2, 12 SP3, SLED 12 SP2, 12 SP3 SUSE-SU-2018:0655-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2017-12133

DescriptionThe scan detected that the host is missing the following update:SUSE-SU-2018:0655-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.suse.com/pipermail/sle-security-updates/2018-March/003802.html

SuSE SLES 12 SP2noarchglibc-i18ndata-2.22-62.10.1glibc-html-2.22-62.10.1glibc-info-2.22-62.10.1

x86_64glibc-devel-32bit-2.22-62.10.1glibc-debuginfo-32bit-2.22-62.10.1nscd-debuginfo-2.22-62.10.1glibc-profile-32bit-2.22-62.10.1glibc-locale-debuginfo-2.22-62.10.1glibc-profile-2.22-62.10.1glibc-devel-debuginfo-32bit-2.22-62.10.1glibc-debugsource-2.22-62.10.1

Page 55: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

nscd-2.22-62.10.1glibc-locale-2.22-62.10.1glibc-devel-debuginfo-2.22-62.10.1glibc-32bit-2.22-62.10.1glibc-debuginfo-2.22-62.10.1glibc-devel-2.22-62.10.1glibc-locale-debuginfo-32bit-2.22-62.10.1glibc-2.22-62.10.1glibc-locale-32bit-2.22-62.10.1

SuSE SLED 12 SP3x86_64glibc-debuginfo-32bit-2.22-62.10.1nscd-2.22-62.10.1nscd-debuginfo-2.22-62.10.1glibc-locale-debuginfo-2.22-62.10.1glibc-locale-2.22-62.10.1glibc-devel-debuginfo-32bit-2.22-62.10.1glibc-debugsource-2.22-62.10.1glibc-devel-32bit-2.22-62.10.1glibc-devel-debuginfo-2.22-62.10.1glibc-32bit-2.22-62.10.1glibc-debuginfo-2.22-62.10.1glibc-devel-2.22-62.10.1glibc-locale-debuginfo-32bit-2.22-62.10.1glibc-2.22-62.10.1glibc-locale-32bit-2.22-62.10.1

noarchglibc-i18ndata-2.22-62.10.1

SuSE SLED 12 SP2x86_64glibc-debuginfo-32bit-2.22-62.10.1nscd-2.22-62.10.1nscd-debuginfo-2.22-62.10.1glibc-locale-debuginfo-2.22-62.10.1glibc-locale-2.22-62.10.1glibc-devel-debuginfo-32bit-2.22-62.10.1glibc-debugsource-2.22-62.10.1glibc-devel-32bit-2.22-62.10.1glibc-devel-debuginfo-2.22-62.10.1glibc-32bit-2.22-62.10.1glibc-debuginfo-2.22-62.10.1glibc-devel-2.22-62.10.1glibc-locale-debuginfo-32bit-2.22-62.10.1glibc-2.22-62.10.1glibc-locale-32bit-2.22-62.10.1

noarchglibc-i18ndata-2.22-62.10.1

SuSE SLES 12 SP3noarchglibc-i18ndata-2.22-62.10.1glibc-html-2.22-62.10.1glibc-info-2.22-62.10.1

x86_64glibc-devel-32bit-2.22-62.10.1

Page 56: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

glibc-debuginfo-32bit-2.22-62.10.1nscd-debuginfo-2.22-62.10.1glibc-profile-32bit-2.22-62.10.1glibc-locale-debuginfo-2.22-62.10.1glibc-profile-2.22-62.10.1glibc-devel-debuginfo-32bit-2.22-62.10.1glibc-debugsource-2.22-62.10.1nscd-2.22-62.10.1glibc-locale-2.22-62.10.1glibc-devel-debuginfo-2.22-62.10.1glibc-32bit-2.22-62.10.1glibc-debuginfo-2.22-62.10.1glibc-devel-2.22-62.10.1glibc-locale-debuginfo-32bit-2.22-62.10.1glibc-2.22-62.10.1glibc-locale-32bit-2.22-62.10.1

160362 - CentOS 7 CESA-2018-0414 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: MediumCVE: CVE-2017-15135, CVE-2018-1054

DescriptionThe scan detected that the host is missing the following update:CESA-2018-0414

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.centos.org/pipermail/centos-announce/2018-March/022784.html

CentOS 7x86_64389-ds-base-libs-1.3.6.1-28.el7_4389-ds-base-1.3.6.1-28.el7_4389-ds-base-devel-1.3.6.1-28.el7_4389-ds-base-snmp-1.3.6.1-28.el7_4

160364 - CentOS 7 CESA-2018-0406 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: MediumCVE: CVE-2017-7890

DescriptionThe scan detected that the host is missing the following update:CESA-2018-0406

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://lists.centos.org/pipermail/centos-announce/2018-March/022772.html

Page 57: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

CentOS 7x86_64php-ldap-5.4.16-43.el7_4.1php-intl-5.4.16-43.el7_4.1php-embedded-5.4.16-43.el7_4.1php-recode-5.4.16-43.el7_4.1php-mysql-5.4.16-43.el7_4.1php-process-5.4.16-43.el7_4.1php-fpm-5.4.16-43.el7_4.1php-devel-5.4.16-43.el7_4.1php-soap-5.4.16-43.el7_4.1php-pgsql-5.4.16-43.el7_4.1php-pspell-5.4.16-43.el7_4.1php-dba-5.4.16-43.el7_4.1php-cli-5.4.16-43.el7_4.1php-5.4.16-43.el7_4.1php-xml-5.4.16-43.el7_4.1php-enchant-5.4.16-43.el7_4.1php-gd-5.4.16-43.el7_4.1php-pdo-5.4.16-43.el7_4.1php-xmlrpc-5.4.16-43.el7_4.1php-mysqlnd-5.4.16-43.el7_4.1php-snmp-5.4.16-43.el7_4.1php-common-5.4.16-43.el7_4.1php-odbc-5.4.16-43.el7_4.1php-bcmath-5.4.16-43.el7_4.1php-mbstring-5.4.16-43.el7_4.1

163553 - Oracle Enterprise Linux ELSA-2018-0515 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-15135, CVE-2018-1054

DescriptionThe scan detected that the host is missing the following update:ELSA-2018-0515

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/el-errata/2018-March/007577.html

OEL6x86_64389-ds-base-1.2.11.15-94.el6_9389-ds-base-libs-1.2.11.15-94.el6_9389-ds-base-devel-1.2.11.15-94.el6_9

i386389-ds-base-1.2.11.15-94.el6_9389-ds-base-libs-1.2.11.15-94.el6_9389-ds-base-devel-1.2.11.15-94.el6_9

163554 - Oracle Enterprise Linux ELSA-2018-0505 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes

Page 58: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Risk Level: MediumCVE: CVE-2018-5950

DescriptionThe scan detected that the host is missing the following update:ELSA-2018-0505

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/el-errata/2018-March/007573.html

OEL7x86_64mailman-2.1.15-26.el7_4.1

163557 - Oracle Enterprise Linux ELSA-2018-0504 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2018-5950

DescriptionThe scan detected that the host is missing the following update:ELSA-2018-0504

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/el-errata/2018-March/007572.html

OEL6x86_64mailman-2.1.12-26.el6_9.3

i386mailman-2.1.12-26.el6_9.3

163560 - Oracle Enterprise Linux ELSA-2018-0414 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-15135, CVE-2018-1054

DescriptionThe scan detected that the host is missing the following update:ELSA-2018-0414

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

Page 59: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

http://oss.oracle.com/pipermail/el-errata/2018-March/007556.html

OEL7x86_64389-ds-base-libs-1.3.6.1-28.el7_4389-ds-base-1.3.6.1-28.el7_4389-ds-base-devel-1.3.6.1-28.el7_4389-ds-base-snmp-1.3.6.1-28.el7_4

163561 - Oracle Enterprise Linux ELSA-2018-0406 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2017-7890

DescriptionThe scan detected that the host is missing the following update:ELSA-2018-0406

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/el-errata/2018-March/007558.html

OEL7x86_64php-ldap-5.4.16-43.el7_4.1php-intl-5.4.16-43.el7_4.1php-embedded-5.4.16-43.el7_4.1php-recode-5.4.16-43.el7_4.1php-mysql-5.4.16-43.el7_4.1php-process-5.4.16-43.el7_4.1php-fpm-5.4.16-43.el7_4.1php-devel-5.4.16-43.el7_4.1php-soap-5.4.16-43.el7_4.1php-pgsql-5.4.16-43.el7_4.1php-pspell-5.4.16-43.el7_4.1php-dba-5.4.16-43.el7_4.1php-cli-5.4.16-43.el7_4.1php-5.4.16-43.el7_4.1php-xml-5.4.16-43.el7_4.1php-enchant-5.4.16-43.el7_4.1php-gd-5.4.16-43.el7_4.1php-pdo-5.4.16-43.el7_4.1php-xmlrpc-5.4.16-43.el7_4.1php-mysqlnd-5.4.16-43.el7_4.1php-snmp-5.4.16-43.el7_4.1php-common-5.4.16-43.el7_4.1php-odbc-5.4.16-43.el7_4.1php-bcmath-5.4.16-43.el7_4.1php-mbstring-5.4.16-43.el7_4.1

175330 - Scientific Linux Security ERRATA Moderate: php on SL7.x x86_64 (1803-437)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: Medium

Page 60: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

CVE: CVE-2017-7890

DescriptionThe scan detected that the host is missing the following update:Security ERRATA Moderate: php on SL7.x x86_64 (1803-437)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://listserv.fnal.gov/scripts/wa.exe?A2=ind1803&L=scientific-linux-errata&F=&S=&P=437

SL7x86_64php-ldap-5.4.16-43.el7_4.1php-intl-5.4.16-43.el7_4.1php-embedded-5.4.16-43.el7_4.1php-recode-5.4.16-43.el7_4.1php-mysql-5.4.16-43.el7_4.1php-process-5.4.16-43.el7_4.1php-fpm-5.4.16-43.el7_4.1php-devel-5.4.16-43.el7_4.1php-soap-5.4.16-43.el7_4.1php-pgsql-5.4.16-43.el7_4.1php-pspell-5.4.16-43.el7_4.1php-dba-5.4.16-43.el7_4.1php-cli-5.4.16-43.el7_4.1php-5.4.16-43.el7_4.1php-xml-5.4.16-43.el7_4.1php-enchant-5.4.16-43.el7_4.1php-mysqlnd-5.4.16-43.el7_4.1php-gd-5.4.16-43.el7_4.1php-pdo-5.4.16-43.el7_4.1php-xmlrpc-5.4.16-43.el7_4.1php-debuginfo-5.4.16-43.el7_4.1php-snmp-5.4.16-43.el7_4.1php-common-5.4.16-43.el7_4.1php-odbc-5.4.16-43.el7_4.1php-bcmath-5.4.16-43.el7_4.1php-mbstring-5.4.16-43.el7_4.1

175331 - Scientific Linux Security ERRATA Moderate: mailman on SL7.x x86_64 (1803-7532)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2018-5950

DescriptionThe scan detected that the host is missing the following update:Security ERRATA Moderate: mailman on SL7.x x86_64 (1803-7532)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://listserv.fnal.gov/scripts/wa.exe?A2=ind1803&L=scientific-linux-errata&F=&S=&P=7532

Page 61: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

SL7x86_64mailman-2.1.15-26.el7_4.1mailman-debuginfo-2.1.15-26.el7_4.1

175333 - Scientific Linux Security ERRATA Moderate: mailman on SL6.x i386/x86_64 (1803-7853)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2018-5950

DescriptionThe scan detected that the host is missing the following update:Security ERRATA Moderate: mailman on SL6.x i386/x86_64 (1803-7853)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://listserv.fnal.gov/scripts/wa.exe?A2=ind1803&L=scientific-linux-errata&F=&S=&P=7853

SL6x86_64mailman-2.1.12-26.el6_9.3mailman-debuginfo-2.1.12-26.el6_9.3

i386mailman-2.1.12-26.el6_9.3mailman-debuginfo-2.1.12-26.el6_9.3

175335 - Scientific Linux Security ERRATA Important: 389-ds-base on SL7.x x86_64 (1803-76)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2017-15135, CVE-2018-1054

DescriptionThe scan detected that the host is missing the following update:Security ERRATA Important: 389-ds-base on SL7.x x86_64 (1803-76)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://listserv.fnal.gov/scripts/wa.exe?A2=ind1803&L=scientific-linux-errata&F=&S=&P=76

SL7x86_64389-ds-base-libs-1.3.6.1-28.el7_4389-ds-base-1.3.6.1-28.el7_4389-ds-base-devel-1.3.6.1-28.el7_4389-ds-base-snmp-1.3.6.1-28.el7_4389-ds-base-debuginfo-1.3.6.1-28.el7_4

186132 - Ubuntu Linux 14.04 USN-3594-1 Update Is Not Installed

Page 62: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: MediumCVE: CVE-2017-5715

DescriptionThe scan detected that the host is missing the following update:USN-3594-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.ubuntu.com/archives/ubuntu-security-announce/2018-March/004312.html

Ubuntu 14.04

linux-image-generic-lpae_3.13.0.143.153linux-image-3.13.0-143-generic_3.13.0-143.192linux-image-lowlatency_3.13.0.143.153linux-image-3.13.0-143-generic-lpae_3.13.0-143.192linux-image-3.13.0-143-lowlatency_3.13.0-143.192linux-image-generic_3.13.0.143.153

88922 - Slackware Linux 14.0, 14.1, 14.2 SSA:2018-067-02 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and HotfixesRisk Level: LowCVE: CVE-2018-7584

DescriptionThe scan detected that the host is missing the following update:SSA:2018-067-02

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.415836

Slackware 14.0x86_64php-5.6.34-x86_64-1

Slackware 14.2x86_64php-5.6.34-x86_64-1

i586php-5.6.34-i586-1

Slackware 14.1x86_64php-5.6.34-x86_64-1

88923 - Slackware Linux 14.2 SSA:2018-072-01 Update Is Not Installed

Page 63: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Category: SSH Module -> NonIntrusive -> Slackware Patches and HotfixesRisk Level: LowCVE: CVE-MAP-NOMATCH

DescriptionThe scan detected that the host is missing the following update:SSA:2018-072-01

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.360459

Slackware 14.2x86_64mozilla-firefox-52.7.0esr-x86_64-1

i586mozilla-firefox-52.7.0esr-i586-1

88924 - Slackware Linux 14.0, 14.1, 14.2 SSA:2018-072-02 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Slackware Patches and HotfixesRisk Level: LowCVE: CVE-2018-1057

DescriptionThe scan detected that the host is missing the following update:SSA:2018-072-02

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.449448

Slackware 14.0x86_64samba-4.4.16-x86_64-3

Slackware 14.2x86_64samba-4.4.16-x86_64-3

i586samba-4.4.16-i586-3

Slackware 14.1x86_64samba-4.4.16-x86_64-3

131041 - Debian Linux 9.0 DSA-4135-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and Hotfixes

Page 64: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Risk Level: LowCVE: CVE-2018-1050, CVE-2018-1057

DescriptionThe scan detected that the host is missing the following update:DSA-4135-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.debian.org/security/2018/dsa-4135

Debian 9.0allsamba_2:4.5.12+dfsg-2+deb9u2

131042 - Debian Linux 8.0, 9.0 DSA-4133-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and HotfixesRisk Level: LowCVE: CVE-2017-3144, CVE-2018-5732, CVE-2018-5733

DescriptionThe scan detected that the host is missing the following update:DSA-4133-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.debian.org/security/2018/dsa-4133

Debian 8.0allisc-dhcp-client_4.3.1-6+deb8u3isc-dhcp-server-ldap_4.3.1-6+deb8u3isc-dhcp-common_4.3.1-6+deb8u3isc-dhcp-server_4.3.1-6+deb8u3isc-dhcp-client-dbg_4.3.1-6+deb8u3isc-dhcp-dev_4.3.1-6+deb8u3isc-dhcp-client-udeb_4.3.1-6+deb8u3isc-dhcp-relay-dbg_4.3.1-6+deb8u3isc-dhcp-relay_4.3.1-6+deb8u3isc-dhcp-dbg_4.3.1-6+deb8u3isc-dhcp-server-dbg_4.3.1-6+deb8u3

Debian 9.0allisc-dhcp-client-ddns_4.3.5-3+deb9u1isc-dhcp-server_4.3.5-3+deb9u1isc-dhcp-client_4.3.5-3+deb9u1isc-dhcp-server-ldap_4.3.5-3+deb9u1isc-dhcp-common_4.3.5-3+deb9u1isc-dhcp-client-udeb_4.3.5-3+deb9u1isc-dhcp-dev_4.3.5-3+deb9u1isc-dhcp-relay_4.3.5-3+deb9u1

Page 65: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

131043 - Debian Linux 9.0 DSA-4134-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Debian Patches and HotfixesRisk Level: LowCVE: CVE-2018-7738

DescriptionThe scan detected that the host is missing the following update:DSA-4134-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.debian.org/security/2018/dsa-4134

Debian 9.0allutil-linux_2.29.2-1+deb9u1

182639 - FreeBSD samba Multiple Vulnerabilities (fb26f78a-26a9-11e8-a1c2-00505689d4ae)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: LowCVE: CVE-2018-1050, CVE-2018-1057

DescriptionThe scan detected that the host is missing the following update:samba -- multiple vulnerabilities (fb26f78a-26a9-11e8-a1c2-00505689d4ae)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.vuxml.org/freebsd/fb26f78a-26a9-11e8-a1c2-00505689d4ae.html

Affected packages: samba44 < 4.4.17samba45 < 4.5.16samba46 < 4.6.14samba47 < 4.7.6

182640 - FreeBSD Flash Player Multiple Vulnerabilities (313078e3-26e2-11e8-9920-6451062f0f7a)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: LowCVE: CVE-2018-4919, CVE-2018-4920

DescriptionThe scan detected that the host is missing the following update:Flash Player -- multiple vulnerabilities (313078e3-26e2-11e8-9920-6451062f0f7a)

Observation

Page 66: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Updates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.vuxml.org/freebsd/313078e3-26e2-11e8-9920-6451062f0f7a.html

Affected packages: linux-flashplayer < 29.0.0.113

182641 - FreeBSD mozilla Multiple Vulnerabilities (c71cdc95-3c18-45b7-866a-af28b59aabb5)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: LowCVE: CVE-2018-5125, CVE-2018-5126, CVE-2018-5127, CVE-2018-5128, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5132, CVE-2018-5133, CVE-2018-5134, CVE-2018-5135, CVE-2018-5136, CVE-2018-5137, CVE-2018-5138, CVE-2018-5140,CVE-2018-5141, CVE-2018-5142, CVE-2018-5143

DescriptionThe scan detected that the host is missing the following update:mozilla -- multiple vulnerabilities (c71cdc95-3c18-45b7-866a-af28b59aabb5)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.vuxml.org/freebsd/c71cdc95-3c18-45b7-866a-af28b59aabb5.html

Affected packages: firefox < 59.0_1,1waterfox < 56.0.4.36_1seamonkey < 2.49.3linux-seamonkey < 2.49.3firefox-esr < 52.7.0,1linux-firefox < 52.7.0,2libxul < 52.7.0thunderbird < 52.7.0linux-thunderbird < 52.7.0

182642 - FreeBSD mbed TLS (PolarSSL) Remote Code Execution (c2f107e1-2493-11e8-b3e8-001cc0382b2f)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: LowCVE: CVE-2018-0487, CVE-2018-0488

DescriptionThe scan detected that the host is missing the following update:mbed TLS (PolarSSL) -- remote code execution (c2f107e1-2493-11e8-b3e8-001cc0382b2f)

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.vuxml.org/freebsd/c2f107e1-2493-11e8-b3e8-001cc0382b2f.html

Affected packages: mbedtls < 2.7.0polarssl13 < 1.3.22

Page 67: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

186133 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3592-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: LowCVE: CVE-2018-0202, CVE-2018-1000085

DescriptionThe scan detected that the host is missing the following update:USN-3592-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.ubuntu.com/archives/ubuntu-security-announce/2018-March/004309.html

Ubuntu 16.04

clamav_0.99.4+addedllvm-0ubuntu0.16.04.1

Ubuntu 14.04

clamav_0.99.4+addedllvm-0ubuntu0.14.04.1

Ubuntu 17.10

clamav_0.99.4+addedllvm-0ubuntu0.17.10.1

186134 - Ubuntu Linux 14.04, 16.04, 17.10 USN-3595-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: LowCVE: CVE-2018-1050, CVE-2018-1057

DescriptionThe scan detected that the host is missing the following update:USN-3595-1

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.ubuntu.com/archives/ubuntu-security-announce/2018-March/004313.html

Ubuntu 16.04

samba_4.3.11+dfsg-0ubuntu0.16.04.13samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.13

Ubuntu 14.04

samba_4.3.11+dfsg-0ubuntu0.14.04.14samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.14.04.14

Ubuntu 17.10

Page 68: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

samba_4.6.7+dfsg-1ubuntu3.2samba-dsdb-modules_4.6.7+dfsg-1ubuntu3.2

193368 - Fedora Linux 26 FEDORA-2017-8d369659cb Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2017-2624

DescriptionThe scan detected that the host is missing the following update:FEDORA-2017-8d369659cb

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=2

Fedora Core 26

nx-libs-3.5.0.33-4.fc26x2goserver-4.0.1.22-2.fc26

193370 - Fedora Linux 26 FEDORA-2018-18a0cf206b Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-MAP-NOMATCH

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-18a0cf206b

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=2

Fedora Core 26

tor-0.3.1.10-1.fc26

193372 - Fedora Linux 27 FEDORA-2018-8b33bd7abf Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-MAP-NOMATCH

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-8b33bd7abf

Page 69: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=2

Fedora Core 27

tor-0.3.1.10-1.fc27

193373 - Fedora Linux 27 FEDORA-2018-d64806ca1d Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2018-1000116

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-d64806ca1d

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=1

Fedora Core 27

net-snmp-5.7.3-27.fc27

193374 - Fedora Linux 26 FEDORA-2018-c1b8e0176c Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2018-6942

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-c1b8e0176c

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=2

Fedora Core 26

freetype-2.7.1-10.fc26

193376 - Fedora Linux 26 FEDORA-2018-e8bc8d2784 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: Low

Page 70: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

CVE: CVE-2018-7584

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-e8bc8d2784

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=3

Fedora Core 26

php-7.1.15-1.fc26

193378 - Fedora Linux 27 FEDORA-2018-668664ba84 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2018-7738

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-668664ba84

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=1

Fedora Core 27

util-linux-2.30.2-2.fc27

193382 - Fedora Linux 27 FEDORA-2018-019a32a468 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: LowCVE: CVE-2018-7548, CVE-2018-7549

DescriptionThe scan detected that the host is missing the following update:FEDORA-2018-019a32a468

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

https://lists.fedoraproject.org/archives/list/[email protected]/2018/3/?count=200&page=1

Fedora Core 27

zsh-5.4.1-2.fc27

Page 71: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

141895 - Red Hat Enterprise Linux RHSA-2018-0516 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: LowCVE: CVE-2017-15289

DescriptionThe scan detected that the host is missing the following update:RHSA-2018-0516

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://www.redhat.com/archives/rhsa-announce/2018-March/msg00028.html

RHEL6Dx86_64qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.5qemu-kvm-tools-0.12.1.2-2.503.el6_9.5qemu-kvm-0.12.1.2-2.503.el6_9.5qemu-img-0.12.1.2-2.503.el6_9.5qemu-guest-agent-0.12.1.2-2.503.el6_9.5

i386qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.5qemu-guest-agent-0.12.1.2-2.503.el6_9.5

RHEL6Si386qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.5qemu-guest-agent-0.12.1.2-2.503.el6_9.5

x86_64qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.5qemu-kvm-tools-0.12.1.2-2.503.el6_9.5qemu-kvm-0.12.1.2-2.503.el6_9.5qemu-img-0.12.1.2-2.503.el6_9.5qemu-guest-agent-0.12.1.2-2.503.el6_9.5

RHEL6WSx86_64qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.5qemu-kvm-tools-0.12.1.2-2.503.el6_9.5qemu-kvm-0.12.1.2-2.503.el6_9.5qemu-img-0.12.1.2-2.503.el6_9.5qemu-guest-agent-0.12.1.2-2.503.el6_9.5

i386qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.5qemu-guest-agent-0.12.1.2-2.503.el6_9.5

163555 - Oracle Enterprise Linux ELSA-2018-0516 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: Low

Page 72: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

CVE: CVE-2017-15289

DescriptionThe scan detected that the host is missing the following update:ELSA-2018-0516

ObservationUpdates often remediate critical security problems that should be quickly addressed.For more information see:

http://oss.oracle.com/pipermail/el-errata/2018-March/007578.html

OEL6x86_64qemu-kvm-tools-0.12.1.2-2.503.el6_9.5qemu-kvm-0.12.1.2-2.503.el6_9.5qemu-img-0.12.1.2-2.503.el6_9.5qemu-guest-agent-0.12.1.2-2.503.el6_9.5

i386qemu-guest-agent-0.12.1.2-2.503.el6_9.5

23267 - Microsoft Office 2016 Click-To-Run March 2018 Updates

Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS)Risk Level: InformationalCVE: CVE-MAP-NOMATCH

DescriptionMultiple issues are present in some versions of Microsoft Office 2016 Click-to-Run.

ObservationMicrosoft Office 2016 Click-to-Run is an alternative to the Windows Installer-based (MSI) installation method of the popular office suite.

Multiple issues are present in some versions of Microsoft Office 2016 Click-to-Run. The flaws are present in multiple components. Such defects could lead the product to software vulnerabilities, malfunction or unexpected behavior in some of its affected components.

ENHANCED CHECKS

The following checks have been updated. Enhancements may include optimizations, changes that reflect new information on avulnerability and anything else that improves upon an existing FSL check.

182049 - FreeBSD FreeBSD Shell Injection Vulnerability In Patch (1) (0d090952-600a-11e6-a6c3-14dae9d210b8)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: HighCVE: CVE-2015-1418

Update DetailsRisk is updated

Page 73: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

193350 - Fedora Linux 26 FEDORA-2018-b3e985489b Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: HighCVE: CVE-2018-5378, CVE-2018-5379, CVE-2018-5380, CVE-2018-5381

Update DetailsRisk is updated CVE is updated

146445 - SuSE SLES 12 SP2, 12 SP3, SLED 12 SP2, 12 SP3 SUSE-SU-2018:0604-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2017-18190

Update DetailsRisk is updated

146457 - SuSE Linux 42.3 openSUSE-SU-2018:0618-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> SuSE Patches and HotfixesRisk Level: MediumCVE: CVE-2017-18190

Update DetailsRisk is updated

186107 - Ubuntu Linux 14.04, 16.04 USN-3577-1 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Ubuntu Patches and HotfixesRisk Level: MediumCVE: CVE-2017-18190

Update DetailsRisk is updated

193310 - Fedora Linux 27 FEDORA-2018-913c225b49 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2018-6594

Update DetailsRisk is updated

193330 - Fedora Linux 26 FEDORA-2018-0c75cc72bc Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and HotfixesRisk Level: MediumCVE: CVE-2018-6594

Page 74: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Update DetailsRisk is updated

141864 - Red Hat Enterprise Linux RHSA-2018-0260 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2018-1049

Update DetailsRisk is updated

160358 - CentOS 7 CESA-2018-0260 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Cent OS Patches and HotfixesRisk Level: MediumCVE: CVE-2018-1049

Update DetailsRisk is updated

163544 - Oracle Enterprise Linux ELSA-2018-0260 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and HotfixesRisk Level: MediumCVE: CVE-2018-1049

Update DetailsRisk is updated

175324 - Scientific Linux Security ERRATA Moderate: systemd on SL7.x x86_64 (1801-10196)

Category: SSH Module -> NonIntrusive -> Scientific Linux Patches and HotFixesRisk Level: MediumCVE: CVE-2018-1049

Update DetailsRisk is updated

182079 - FreeBSD FreeBSD Routed (8) remote denial of service vulnerability (0d584493-600a-11e6-a6c3-14dae9d210b8)

Category: SSH Module -> NonIntrusive -> FreeBSD Patches and HotfixesRisk Level: MediumCVE: CVE-2015-5674

Update DetailsRisk is updated

193351 - Fedora Linux 27 FEDORA-2018-30a8492364 Update Is Not Installed

Category: SSH Module -> NonIntrusive -> Fedora Patches and Hotfixes

Page 75: McAfee Foundstone FSL Update · 23242 - (K38243073) F5 BIG-IP BIG-IP ASM Data Processing Vulnerability Category: SSH Module -> NonIntrusive -> F5 Risk Level: High CVE: CVE-2017-6154

Risk Level: MediumCVE: CVE-2017-18198, CVE-2017-18199, CVE-2017-18201

Update DetailsRisk is updated

HOW TO UPDATE

FS1000 APPLIANCE customers should follow the instructions for Enterprise/Professional customers, below. In addition, we stronglyurge all appliance customers to authorize and install any Windows Update critical patches. The appliance will auto-download anycritical updates but will wait for your explicit authorization before installing.

FOUNDSTONE ENTERPRISE and PROFESSIONAL customers may obtain these new scripts using the FSUpdate Utility by selecting"FoundScan Update" on the help menu. Make sure that you have a valid FSUpdate username and password. The new vulnerabilityscripts will be automatically included in your scans if you have selected that option by right-clicking the selected vulnerability categoryand checking the "Run New Checks" checkbox.

MANAGED SERVICE CUSTOMERS already have the newest update applied to their environment. The new vulnerability scripts willbe automatically included when your scans are next scheduled, provided the Run New Scripts option has been turned on.

MCAFEE TECHNICAL SUPPORT

ServicePortal: https://mysupport.mcafee.comMulti-National Phone Support available here:

http://www.mcafee.com/us/about/contact/index.htmlNon-US customers - Select your country from the list of Worldwide Offices.

This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution byothers is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.

Copyright 2018 McAfee, Inc.McAfee is a registered trademark of McAfee, Inc. and/or its affiliates