Nessus Report

Report generated by Nessus™

singa

Tue, 26 Jun 2018 09:11:47 WIB

TABLE OF CONTENTS
Vulnerabilities by Host
172.16.0.3
32
149
141
15
153
Critical
High
Medium
Low
Info
Scan Information
Start time: Tue Jun 26 08:48:58 2018
End time: Tue Jun 26 09:11:47 2018
Host Information
DNS Name: blog.poltekom.ac.id
Netbios Name: SINGA
IP: 172.16.0.3
MAC Address: 00:23:8b:64:87:46 00:23:8b:64:87:44 00:23:8b:64:87:45 00:23:8b:64:87:47
OS: Linux Kernel 3.13.0-62-generic on Ubuntu 14.04
Vulnerabilities

10114 - ICMP Timestamp Request Remote Date Disclosure
Synopsis
It is possible to determine the exact time set on the remote host.
Description
The remote host answers to an ICMP timestamp request. This allows an attacker to know the date that is set on the targeted machine, which may assist an unauthenticated, remote attacker in defeating time-based authentication protocols.

Timestamps returned from machines running Windows Vista / 7 / 2008 / 2008 R2 are deliberately incorrect, but usually within 1000 seconds of the actual system time.
Solution
Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).
Risk Factor
None
References
CVE CVE-1999-0524
XREF OSVDB:94
XREF CWE:200
Plugin Information:
Published: 1999/08/01, Modified: 2012/06/18
Plugin Output

icmp/0

The difference between the local and remote clocks is 34 seconds.

86650 - Ubuntu 14.04 LTS / 15.04 / 15.10 : openjdk-7 vulnerabilities (USN-2784-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-4805, CVE-2015-4835, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4868, CVE-2015-4881, CVE-2015-4883)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2015-4806)

A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this expose sensitive data over the network. (CVE-2015-4872)

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2015-4734, CVE-2015-4840, CVE-2015-4842, CVE-2015-4903)

Multiple vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2015-4803, CVE-2015-4882, CVE-2015-4893, CVE-2015-4911).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-4734
CVE CVE-2015-4803
CVE CVE-2015-4805
CVE CVE-2015-4806
CVE CVE-2015-4835
CVE CVE-2015-4840
CVE CVE-2015-4842
CVE CVE-2015-4843
CVE CVE-2015-4844
CVE CVE-2015-4860
CVE CVE-2015-4868
CVE CVE-2015-4872
CVE CVE-2015-4881
CVE CVE-2015-4882
CVE CVE-2015-4883
CVE CVE-2015-4893
CVE CVE-2015-4903
CVE CVE-2015-4911
XREF OSVDB:129119
XREF OSVDB:129120
XREF OSVDB:129121
XREF OSVDB:129122
XREF OSVDB:129123
XREF OSVDB:129124
XREF OSVDB:129125
XREF OSVDB:129127
XREF OSVDB:129129
XREF OSVDB:129132
XREF OSVDB:129133
XREF OSVDB:129134
XREF OSVDB:129135
XREF OSVDB:129136
XREF OSVDB:129137
XREF OSVDB:129138
XREF OSVDB:129139
XREF OSVDB:129140
XREF USN:2784-1
Plugin Information:
Published: 2015/10/29, Modified: 2017/12/13
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u85-2.6.1-5ubuntu0.14.04.1

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u85-2.6.1-5ubuntu0.14.04.1

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u85-2.6.1-5ubuntu0.14.04.1
87239 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libsndfile vulnerabilities (USN-2832-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libsndfile incorrectly handled memory when parsing malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-9496)

Joshua Rogers discovered that libsndfile incorrectly handled division when parsing malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service.
(CVE-2014-9756)

Marco Romano discovered that libsndfile incorrectly handled certain malformed AIFF files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7805).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libsndfile1 package.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2014-9496
CVE CVE-2014-9756
CVE CVE-2015-7805
XREF OSVDB:116278
XREF OSVDB:116355
XREF OSVDB:128868
XREF USN:2832-1
Plugin Information:
Published: 2015/12/08, Modified: 2016/05/24
Plugin Output

tcp/0


- Installed package : libsndfile1_1.0.25-7ubuntu2
Fixed package : libsndfile1_1.0.25-7ubuntu2.1
88516 - Ubuntu 14.04 LTS / 15.04 / 15.10 : openjdk-7 vulnerabilities (USN-2884-1) (SLOTH)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code.
(CVE-2016-0483, CVE-2016-0494)

A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this to expose sensitive data over the network or possibly execute arbitrary code. (CVE-2016-0402)

It was discovered that OpenJDK 7 incorrectly allowed MD5 to be used for TLS connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to expose sensitive information. (CVE-2015-7575)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2016-0448)

A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2016-0466).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.2 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-7575
CVE CVE-2016-0402
CVE CVE-2016-0448
CVE CVE-2016-0466
CVE CVE-2016-0483
CVE CVE-2016-0494
XREF OSVDB:132305
XREF OSVDB:133156
XREF OSVDB:133157
XREF OSVDB:133159
XREF OSVDB:133160
XREF OSVDB:133161
XREF USN:2884-1
Plugin Information:
Published: 2016/02/02, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u95-2.6.4-0ubuntu0.14.04.1

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u95-2.6.4-0ubuntu0.14.04.1

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u95-2.6.4-0ubuntu0.14.04.1
88806 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : eglibc, glibc vulnerability (USN-2900-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that the GNU C Library incorrectly handled receiving responses while performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
Update the affected libc6 package.
Risk Factor
Critical
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
8.3 (CVSS2#E:F/RL:OF/RC:ND)
STIG Severity
I
References
CVE CVE-2015-7547
XREF OSVDB:134584
XREF TRA:TRA-2017-08
XREF IAVA:2016-A-0053
XREF USN:2900-1
Plugin Information:
Published: 2016/02/17, Modified: 2017/01/27
Plugin Output

tcp/0


- Installed package : libc6_2.19-0ubuntu6.6
Fixed package : libc6_2.19-0ubuntu6.7
88838 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : nss vulnerability (USN-2903-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Hanno Bock discovered that NSS incorrectly handled certain division functions, possibly leading to cryptographic weaknesses.
(CVE-2015-1938)

This update also refreshes the NSS package to version 3.21 which includes the latest CA certificate bundle, and removes the SPI CA.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnss3 package.
Risk Factor
Critical
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-1938
CVE CVE-2016-1938
XREF OSVDB:133669
XREF USN:2903-1
Plugin Information:
Published: 2016/02/18, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libnss3_2:3.19.2.1-0ubuntu0.14.04.1
Fixed package : libnss3_2:3.21-0ubuntu0.14.04.1
89078 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : openssl vulnerabilities (USN-2914-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Yuval Yarom, Daniel Genkin, and Nadia Heninger discovered that OpenSSL was vulnerable to a side-channel attack on modular exponentiation. On certain CPUs, a local attacker could possibly use this issue to recover RSA keys. This flaw is known as CacheBleed. (CVE-2016-0702)

Adam Langley discovered that OpenSSL incorrectly handled memory when parsing DSA private keys. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-0705)

Guido Vranken discovered that OpenSSL incorrectly handled hex digit calculation in the BN_hex2bn function. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-0797)

Emilia Kasper discovered that OpenSSL incorrectly handled memory when performing SRP user database lookups. A remote attacker could possibly use this issue to cause OpenSSL to consume memory, resulting in a denial of service. (CVE-2016-0798)

Guido Vranken discovered that OpenSSL incorrectly handled memory when printing very long strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-0799).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-0702
CVE CVE-2016-0705
CVE CVE-2016-0797
CVE CVE-2016-0798
CVE CVE-2016-0799
XREF OSVDB:134973
XREF OSVDB:135095
XREF OSVDB:135096
XREF OSVDB:135121
XREF OSVDB:135150
XREF OSVDB:135151
XREF USN:2914-1
Plugin Information:
Published: 2016/03/02, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.18
90095 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : git vulnerabilities (USN-2938-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Lael Cellier discovered that Git incorrectly handled path strings in crafted Git repositories. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking Git. (CVE-2016-2315, CVE-2016-2324).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected git package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2315
CVE CVE-2016-2324
XREF OSVDB:135893
XREF OSVDB:135894
XREF USN:2938-1
Plugin Information:
Published: 2016/03/22, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : git_1:1.9.1-1ubuntu0.1
Fixed package : git_1:1.9.1-1ubuntu0.3
90400 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2946-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2015-8812)

Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)

David Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)

It was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).
(CVE-2016-2847).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-8812
CVE CVE-2016-2085
CVE CVE-2016-2550
CVE CVE-2016-2847
XREF OSVDB:134512
XREF OSVDB:134764
XREF OSVDB:134898
XREF OSVDB:135194
XREF USN:2946-1
Plugin Information:
Published: 2016/04/07, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-85-generic_3.13.0-85.129
90677 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : php5 vulnerabilities (USN-2952-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories.
(CVE-2014-9767)

It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-8835, CVE-2016-3185)

It was discovered that the PHP MySQL native driver incorrectly handled TLS connections to MySQL databases. A man in the middle attacker could possibly use this issue to downgrade and snoop on TLS connections.
This vulnerability is known as BACKRONYM. (CVE-2015-8838)

It was discovered that PHP incorrectly handled the imagerotate function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-1903)

Hans Jerry Illikainen discovered that the PHP phar extension incorrectly handled certain tar archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-2554)

It was discovered that the PHP WDDX extension incorrectly handled certain malformed XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-3141)

It was discovered that the PHP phar extension incorrectly handled certain zip files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2016-3142)

It was discovered that the PHP libxml_disable_entity_loader() setting was shared between threads. When running under PHP-FPM, this could result in XML external entity injection and entity expansion issues.
This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (No CVE number)

It was discovered that the PHP openssl_random_pseudo_bytes() function did not return cryptographically strong pseudo-random bytes. (No CVE number)

It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending)

It was discovered that the PHP php_snmp_error() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE number pending)

It was discovered that the PHP rawurlencode() function incorrectly handled large strings. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE number pending)

It was discovered that the PHP phar extension incorrectly handled certain filenames in archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending)

It was discovered that the PHP mb_strcut() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2014-9767
CVE CVE-2015-8835
CVE CVE-2015-8838
CVE CVE-2016-1903
CVE CVE-2016-2554
CVE CVE-2016-3141
CVE CVE-2016-3142
CVE CVE-2016-3185
XREF OSVDB:125855
XREF OSVDB:127122
XREF OSVDB:132661
XREF OSVDB:134034
XREF OSVDB:135224
XREF OSVDB:135225
XREF OSVDB:135227
XREF OSVDB:137454
XREF USN:2952-1
Plugin Information:
Published: 2016/04/22, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.14
Fixed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.16

- Installed package : php5-cli_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-cli_5.5.9+dfsg-1ubuntu4.16

- Installed package : php5-gd_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-gd_5.5.9+dfsg-1ubuntu4.16
90678 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : mysql-5.5, mysql-5.6 vulnerabilities (USN-2953-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.49 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.10 has been updated to MySQL 5.6.30.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-48.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-49.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-29.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-30.html http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-29857 53.html.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.6 packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-0639
CVE CVE-2016-0640
CVE CVE-2016-0641
CVE CVE-2016-0642
CVE CVE-2016-0643
CVE CVE-2016-0644
CVE CVE-2016-0646
CVE CVE-2016-0647
CVE CVE-2016-0648
CVE CVE-2016-0649
CVE CVE-2016-0650
CVE CVE-2016-0655
CVE CVE-2016-0661
CVE CVE-2016-0665
CVE CVE-2016-0666
CVE CVE-2016-0668
CVE CVE-2016-2047
XREF OSVDB:133627
XREF OSVDB:137322
XREF OSVDB:137324
XREF OSVDB:137325
XREF OSVDB:137326
XREF OSVDB:137328
XREF OSVDB:137336
XREF OSVDB:137337
XREF OSVDB:137339
XREF OSVDB:137340
XREF OSVDB:137341
XREF OSVDB:137342
XREF OSVDB:137343
XREF OSVDB:137344
XREF OSVDB:137345
XREF OSVDB:137348
XREF OSVDB:137349
XREF USN:2953-1
Plugin Information:
Published: 2016/04/22, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.49-0ubuntu0.14.04.1
90887 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : openssl vulnerabilities (USN-2959-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Huzaifa Sidhpurwala, Hanno Bock, and David Benjamin discovered that OpenSSL incorrectly handled memory when decoding ASN.1 structures. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-2108)

Juraj Somorovsky discovered that OpenSSL incorrectly performed padding when the connection uses the AES CBC cipher and the server supports AES-NI. A remote attacker could possibly use this issue to perform a padding oracle attack and decrypt traffic. (CVE-2016-2107)

Guido Vranken discovered that OpenSSL incorrectly handled large amounts of input data to the EVP_EncodeUpdate() function. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-2105)

Guido Vranken discovered that OpenSSL incorrectly handled large amounts of input data to the EVP_EncryptUpdate() function. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-2106)

Brian Carpenter discovered that OpenSSL incorrectly handled memory when ASN.1 data is read from a BIO. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. (CVE-2016-2109)

As a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 1024 bits, preventing a possible downgrade attack.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2105
CVE CVE-2016-2106
CVE CVE-2016-2107
CVE CVE-2016-2108
CVE CVE-2016-2109
XREF OSVDB:137577
XREF OSVDB:137896
XREF OSVDB:137898
XREF OSVDB:137899
XREF OSVDB:137900
XREF USN:2959-1
Plugin Information:
Published: 2016/05/04, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.19
90916 - Ubuntu 14.04 LTS : lcms2 vulnerability (USN-2961-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that a double free() could occur when the intent handling code in the Little CMS library detected an error. An attacker could use this to specially craft a file that caused an application using the Little CMS library to crash or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected liblcms2-2 and / or liblcms2-utils packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2013-7455
XREF OSVDB:105462
XREF USN:2961-1
Plugin Information:
Published: 2016/05/05, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : liblcms2-2_2.5-0ubuntu4
Fixed package : liblcms2-2_2.5-0ubuntu4.1
90918 - Ubuntu 14.04 LTS / 15.10 : openjdk-7 vulnerabilities (USN-2964-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code.
(CVE-2016-0686, CVE-2016-0687, CVE-2016-3427)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2016-0695)

A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2016-3425).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.3 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-0686
CVE CVE-2016-0687
CVE CVE-2016-0695
CVE CVE-2016-3425
CVE CVE-2016-3427
XREF OSVDB:137301
XREF OSVDB:137302
XREF OSVDB:137303
XREF OSVDB:137305
XREF OSVDB:137306
XREF USN:2964-1
Plugin Information:
Published: 2016/05/05, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u101-2.6.6-0ubuntu0.14.04.1

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u101-2.6.6-0ubuntu0.14.04.1

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u101-2.6.6-0ubuntu0.14.04.1
91425 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2989-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117)

Jason A. Donenfeld discovered multiple out-of-bounds reads in the OZMO USB over wifi device drivers in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or obtain potentially sensitive information from kernel memory. (CVE-2015-4004)

Andy Lutomirski discovered a race condition in the Linux kernel's translation lookaside buffer (TLB) handling of flush events. A local attacker could use this to cause a denial of service or possibly leak sensitive information. (CVE-2016-2069)

Ralf Spenneberg discovered that the Linux kernel's GTCO digitizer USB device driver did not properly validate endpoint descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2187)

Hector Marco and Ismael Ripoll discovered that the Linux kernel would improperly disable Address Space Layout Randomization (ASLR) for x86 processes running in 32 bit mode if stack-consumption resource limits were disabled. A local attacker could use this to make it easier to exploit an existing vulnerability in a setuid/setgid program.
(CVE-2016-3672)

Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3951)

It was discovered that an out-of-bounds write could occur when handling incoming packets in the USB/IP implementation in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-3955)

Kangjie Lu discovered an information leak in the ANSI/IEEE 802.2 LLC type 2 Support implementations in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-4485)

Kangjie Lu discovered an information leak in the routing netlink socket interface (rtnetlink) implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-4486)

It was discovered that in some situations the Linux kernel did not handle propagated mounts correctly. A local unprivileged attacker could use this to cause a denial of service (system crash).
(CVE-2016-4581).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-4004
CVE CVE-2016-2069
CVE CVE-2016-2117
CVE CVE-2016-2187
CVE CVE-2016-3672
CVE CVE-2016-3951
CVE CVE-2016-3955
CVE CVE-2016-4485
CVE CVE-2016-4486
CVE CVE-2016-4581
XREF OSVDB:123155
XREF OSVDB:133625
XREF OSVDB:135961
XREF OSVDB:136761
XREF OSVDB:136805
XREF OSVDB:137359
XREF OSVDB:137841
XREF OSVDB:138086
XREF OSVDB:138093
XREF OSVDB:138446
XREF USN:2989-1
Plugin Information:
Published: 2016/06/01, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-87-generic_3.13.0-87.133
91499 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : libxml2 vulnerabilities (USN-2994-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447)

It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-1762, CVE-2016-1834)

Mateusz Jurczyk discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1833, CVE-2016-1838, CVE-2016-1839)

Wei Lei and Liu Yang discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1835, CVE-2016-1837)

Wei Lei and Liu Yang discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-1836)

Kostya Serebryany discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1840)

It was discovered that libxml2 would load certain XML external entities. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly obtain access to arbitrary files or cause resource consumption. (CVE-2016-4449)

Gustavo Grieco discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2016-4483).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxml2 package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.6 (CVSS:3.0/E:U/RL:X/RC:R)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
8.1 (CVSS2#E:U/RL:ND/RC:UR)
References
CVE CVE-2015-8806
CVE CVE-2016-1762
CVE CVE-2016-1833
CVE CVE-2016-1834
CVE CVE-2016-1835
CVE CVE-2016-1836
CVE CVE-2016-1837
CVE CVE-2016-1838
CVE CVE-2016-1839
CVE CVE-2016-1840
CVE CVE-2016-2073
CVE CVE-2016-3627
CVE CVE-2016-3705
CVE CVE-2016-4447
CVE CVE-2016-4449
CVE CVE-2016-4483
XREF OSVDB:130651
XREF OSVDB:130653
XREF OSVDB:133549
XREF OSVDB:134096
XREF OSVDB:134833
XREF OSVDB:136114
XREF OSVDB:136194
XREF OSVDB:137962
XREF OSVDB:137965
XREF OSVDB:138566
XREF OSVDB:138567
XREF OSVDB:138568
XREF OSVDB:138569
XREF OSVDB:138570
XREF OSVDB:138572
XREF OSVDB:138926
XREF OSVDB:138928
XREF USN:2994-1
Plugin Information:
Published: 2016/06/07, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libxml2_2.9.1+dfsg1-3ubuntu4.5
Fixed package : libxml2_2.9.1+dfsg1-3ubuntu4.8
91758 - Ubuntu 14.04 LTS / 15.10 / 16.04 LTS : spice vulnerabilities (USN-3014-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Jing Zhao discovered that the Spice smartcard support incorrectly handled memory. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-0749)

Frediano Ziglio discovered that Spice incorrectly handled certain primary surface parameters. A malicious guest operating system could potentially exploit this issue to escape virtualization.
(CVE-2016-2150).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libspice-server1 package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.6 (CVSS:3.0/E:U/RL:X/RC:R)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
8.1 (CVSS2#E:U/RL:ND/RC:UR)
References
CVE CVE-2016-0749
CVE CVE-2016-2150
XREF OSVDB:139486
XREF OSVDB:139487
XREF USN:3014-1
Plugin Information:
Published: 2016/06/22, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libspice-server1_0.12.4-0nocelt2ubuntu1.2
Fixed package : libspice-server1_0.12.4-0nocelt2ubuntu1.3
93510 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : mysql-5.5, mysql-5.7 vulnerability (USN-3078-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Dawid Golunski discovered that MySQL incorrectly handled configuration files. A remote attacker could possibly use this issue to execute arbitrary code with root privileges.

MySQL has been updated to 5.5.52 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS has been updated to MySQL 5.7.15.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-51.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-14.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages.
Risk Factor
Critical
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:F/RL:U/RC:X)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
9.5 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2016-6662
XREF OSVDB:143530
XREF OSVDB:144086
XREF OSVDB:144092
XREF USN:3078-1
Plugin Information:
Published: 2016/09/15, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.52-0ubuntu0.14.04.1
94069 - Ubuntu 12.04 LTS / 14.04 LTS : libdbd-mysql-perl vulnerabilities (USN-3103-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that DBD::mysql incorrectly handled certain memory operations. A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-9906)

Hanno Bock discovered that DBD::mysql incorrectly handled certain memory operations. A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8949)

Pali Rohar discovered that DBD::mysql incorrectly handled certain user supplied data. A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1246).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libdbd-mysql-perl package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2014-9906
CVE CVE-2015-8949
CVE CVE-2016-1246
XREF OSVDB:142288
XREF OSVDB:142289
XREF OSVDB:145047
XREF USN:3103-1
Plugin Information:
Published: 2016/10/14, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libdbd-mysql-perl_4.025-1
Fixed package : libdbd-mysql-perl_4.025-1ubuntu0.1
94669 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : qemu, qemu-kvm vulnerabilities (USN-3125-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service.
(CVE-2016-5403)

Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network card emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-6833, CVE-2016-6834, CVE-2016-6888)

Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network card emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-6835)

Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network card emulation support. A privileged attacker inside the guest could use this issue to possibly to obtain sensitive host memory. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-6836)

Felix Wilhelm discovered that QEMU incorrectly handled Plan 9 File System (9pfs) support. A privileged attacker inside the guest could use this issue to possibly to obtain sensitive host files.
(CVE-2016-7116)

Li Qiang and Tom Victor discovered that QEMU incorrectly handled VMWARE PVSCSI paravirtual SCSI bus emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7155)

Li Qiang discovered that QEMU incorrectly handled VMWARE PVSCSI paravirtual SCSI bus emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7156, CVE-2016-7421)

Tom Victor discovered that QEMU incorrectly handled LSI SAS1068 host bus emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.10. (CVE-2016-7157)

Hu Chaojian discovered that QEMU incorrectly handled xlnx.xps-ethernetlite emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2016-7161)

Qinghao Tang and Li Qiang discovered that QEMU incorrectly handled the VMware VGA module. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-7170)

Qinghao Tang and Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.10. (CVE-2016-7422)

Li Qiang discovered that QEMU incorrectly handled LSI SAS1068 host bus emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.10. (CVE-2016-7423)

Li Qiang discovered that QEMU incorrectly handled USB xHCI controller emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-7466)

Li Qiang discovered that QEMU incorrectly handled ColdFire Fast Ethernet Controller emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-7908)

Li Qiang discovered that QEMU incorrectly handled AMD PC-Net II emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-7909)

Li Qiang discovered that QEMU incorrectly handled the Virtio GPU support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service.
This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-7994)

Li Qiang discovered that QEMU incorrectly handled USB EHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service.
This issue only affected Ubuntu 16.10. (CVE-2016-7995)

Li Qiang discovered that QEMU incorrectly handled USB xHCI controller support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-8576)

Li Qiang discovered that QEMU incorrectly handled Plan 9 File System (9pfs) support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-8577, CVE-2016-8578)

It was discovered that QEMU incorrectly handled Rocker switch emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-8668)

It was discovered that QEMU incorrectly handled Intel HDA controller emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. (CVE-2016-8909)

Andrew Henderson discovered that QEMU incorrectly handled RTL8139 ethernet controller emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. (CVE-2016-8910)

Li Qiang discovered that QEMU incorrectly handled Intel i8255x ethernet controller emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. (CVE-2016-9101)

Li Qiang discovered that QEMU incorrectly handled Plan 9 File System (9pfs) support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. (CVE-2016-9102, CVE-2016-9104, CVE-2016-9105)

Li Qiang discovered that QEMU incorrectly handled Plan 9 File System (9pfs) support. A privileged attacker inside the guest could use this issue to possibly to obtain sensitive host memory. (CVE-2016-9103)

Li Qiang discovered that QEMU incorrectly handled Plan 9 File System (9pfs) support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9106).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-5403
CVE CVE-2016-6833
CVE CVE-2016-6834
CVE CVE-2016-6835
CVE CVE-2016-6836
CVE CVE-2016-6888
CVE CVE-2016-7116
CVE CVE-2016-7155
CVE CVE-2016-7156
CVE CVE-2016-7157
CVE CVE-2016-7161
CVE CVE-2016-7170
CVE CVE-2016-7421
CVE CVE-2016-7422
CVE CVE-2016-7423
CVE CVE-2016-7466
CVE CVE-2016-7908
CVE CVE-2016-7909
CVE CVE-2016-7994
CVE CVE-2016-7995
CVE CVE-2016-8576
CVE CVE-2016-8577
CVE CVE-2016-8578
CVE CVE-2016-8668
CVE CVE-2016-8909
CVE CVE-2016-8910
CVE CVE-2016-9101
CVE CVE-2016-9102
CVE CVE-2016-9103
CVE CVE-2016-9104
CVE CVE-2016-9105
CVE CVE-2016-9106
XREF OSVDB:142178
XREF OSVDB:142870
XREF OSVDB:142871
XREF OSVDB:142872
XREF OSVDB:142873
XREF OSVDB:143254
XREF OSVDB:143611
XREF OSVDB:143827
XREF OSVDB:143828
XREF OSVDB:143829
XREF OSVDB:144061
XREF OSVDB:144405
XREF OSVDB:144406
XREF OSVDB:144407
XREF OSVDB:144641
XREF OSVDB:144787
XREF OSVDB:145043
XREF OSVDB:145163
XREF OSVDB:145315
XREF OSVDB:145316
XREF OSVDB:145362
XREF OSVDB:145385
XREF OSVDB:145397
XREF OSVDB:145696
XREF OSVDB:146244
XREF OSVDB:146245
XREF OSVDB:146387
XREF OSVDB:146388
XREF OSVDB:146389
XREF OSVDB:146390
XREF OSVDB:146391
XREF OSVDB:146392
XREF USN:3125-1
Plugin Information:
Published: 2016/11/10, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.30
95284 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : python2.7, python3.2, python3.4, python3.5 vulnerabilities (USN-3134-1) (httpoxy)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. (CVE-2016-0772)

Remi Rampin discovered that Python would not protect CGI applications from contents of the HTTP_PROXY environment variable when based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this to cause a CGI application to redirect outgoing HTTP requests. (CVE-2016-1000110)

Insu Yun discovered an integer overflow in the zipimporter module in Python that could lead to a heap-based overflow. An attacker could use this to craft a special zip file that when read by Python could possibly execute arbitrary code. (CVE-2016-5636)

Guido Vranken discovered that the urllib modules in Python did not properly handle carriage return line feed (CRLF) in headers. A remote attacker could use this to craft URLs that inject arbitrary HTTP headers. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5699).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-0772
CVE CVE-2016-1000110
CVE CVE-2016-5636
CVE CVE-2016-5699
XREF OSVDB:115884
XREF OSVDB:140038
XREF OSVDB:140125
XREF OSVDB:141671
XREF USN:3134-1
Plugin Information:
Published: 2016/11/23, Modified: 2016/12/07
Plugin Output

tcp/0


- Installed package : libpython2.7_2.7.6-8ubuntu0.2
Fixed package : libpython2.7_2.7.6-8ubuntu0.3

- Installed package : libpython2.7-minimal_2.7.6-8ubuntu0.2
Fixed package : libpython2.7-minimal_2.7.6-8ubuntu0.3

- Installed package : libpython2.7-stdlib_2.7.6-8ubuntu0.2
Fixed package : libpython2.7-stdlib_2.7.6-8ubuntu0.3

- Installed package : libpython3.4_3.4.3-1ubuntu1~14.04.3
Fixed package : libpython3.4_3.4.3-1ubuntu1~14.04.5

- Installed package : libpython3.4-minimal_3.4.3-1ubuntu1~14.04.3
Fixed package : libpython3.4-minimal_3.4.3-1ubuntu1~14.04.5

- Installed package : libpython3.4-stdlib_3.4.3-1ubuntu1~14.04.3
Fixed package : libpython3.4-stdlib_3.4.3-1ubuntu1~14.04.5

- Installed package : python2.7_2.7.6-8ubuntu0.2
Fixed package : python2.7_2.7.6-8ubuntu0.3

- Installed package : python2.7-minimal_2.7.6-8ubuntu0.2
Fixed package : python2.7-minimal_2.7.6-8ubuntu0.3

- Installed package : python3.4_3.4.3-1ubuntu1~14.04.3
Fixed package : python3.4_3.4.3-1ubuntu1~14.04.5

- Installed package : python3.4-minimal_3.4.3-1ubuntu1~14.04.3
Fixed package : python3.4-minimal_3.4.3-1ubuntu1~14.04.5
96980 - Ubuntu 14.04 LTS : linux vulnerability (USN-3188-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Andrey Konovalov discovered that the SCTP implementation in the Linux kernel improperly handled validation of incoming data. A remote attacker could use this to cause a denial of service (system crash).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-9555
XREF OSVDB:147698
XREF USN:3188-1
Plugin Information:
Published: 2017/02/03, Modified: 2017/02/07
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-108-generic_3.13.0-108.155

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.108.116
97720 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : icu vulnerabilities (USN-3227-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2014-9911
CVE CVE-2015-4844
CVE CVE-2016-0494
CVE CVE-2016-6293
CVE CVE-2016-7415
XREF OSVDB:108185
XREF OSVDB:129125
XREF OSVDB:133156
XREF OSVDB:141943
XREF OSVDB:144259
XREF USN:3227-1
Plugin Information:
Published: 2017/03/14, Modified: 2017/12/13
Plugin Output

tcp/0


- Installed package : libicu52_52.1-3ubuntu0.4
Fixed package : libicu52_52.1-3ubuntu0.5
97793 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libxml2 vulnerabilities (USN-3235-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 16.04 LTS. (CVE-2016-4448)

It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-4658)

Nick Wellnhofer discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-5131).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxml2 package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-4448
CVE CVE-2016-4658
CVE CVE-2016-5131
XREF OSVDB:138966
XREF OSVDB:141934
XREF OSVDB:144561
XREF USN:3235-1
Plugin Information:
Published: 2017/03/17, Modified: 2017/03/28
Plugin Output

tcp/0


- Installed package : libxml2_2.9.1+dfsg1-3ubuntu4.5
Fixed package : libxml2_2.9.1+dfsg1-3ubuntu4.9
100411 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : samba vulnerability (USN-3296-1) (SambaCry)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.4 (CVSS:3.0/E:H/RL:O/RC:X)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
8.7 (CVSS2#E:H/RL:OF/RC:ND)
References
CVE CVE-2017-7494
XREF OSVDB:158063
XREF USN:3296-1
Exploitable With
CANVAS (true) Core Impact (true) Metasploit (true)
Plugin Information:
Published: 2017/05/25, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.11+dfsg-0ubuntu0.14.04.8
100933 - Ubuntu 14.04 LTS : linux, linux-meta vulnerabilities (USN-3335-1) (Stack Clash)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364)

It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2014-9940)

It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code. (CVE-2017-0605)

Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363)

Li Qiang discovered that an integer overflow vulnerability existed in the Direct Rendering Manager (DRM) driver for VMware devices in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2017-7294)

A double free bug was discovered in the IPv4 stack of the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack. A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the Linux kernel's IPv6 stack. A local user could exploit this issue to cause a denial of service or possibly other unspecified problems.
(CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance. A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems.
(CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance. A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077)

It was discovered that the IPv6 stack was doing over write consistency check after the data was actually overwritten. A local attacker could exploit this flaw to cause a denial of service (system crash).
(CVE-2017-9242).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
8.3 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2014-9940
CVE CVE-2017-0605
CVE CVE-2017-1000363
CVE CVE-2017-1000364
CVE CVE-2017-7294
CVE CVE-2017-8890
CVE CVE-2017-9074
CVE CVE-2017-9075
CVE CVE-2017-9076
CVE CVE-2017-9077
CVE CVE-2017-9242
XREF OSVDB:154548
XREF OSVDB:156817
XREF OSVDB:157027
XREF OSVDB:157334
XREF OSVDB:157813
XREF OSVDB:157814
XREF OSVDB:157815
XREF OSVDB:157876
XREF OSVDB:158030
XREF OSVDB:158171
XREF OSVDB:159367
XREF USN:3335-1
Plugin Information:
Published: 2017/06/20, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-121-generic_3.13.0-121.170

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.121.131
101152 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3343-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN 3335-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience.

It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2014-9940)

It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code. (CVE-2017-0605)

Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363)

Li Qiang discovered that an integer overflow vulnerability existed in the Direct Rendering Manager (DRM) driver for VMware devices in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2017-7294)

It was discovered that a double-free vulnerability existed in the IPv4 stack of the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack. A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the Linux kernel's IPv6 stack. A local user could exploit this issue to cause a denial of service or possibly other unspecified problems.
(CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance. A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems.
(CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance. A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077)

It was discovered that the IPv6 stack in the Linux kernel was performing its over write consistency check after the data was actually overwritten. A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2014-9940
CVE CVE-2017-0605
CVE CVE-2017-1000363
CVE CVE-2017-7294
CVE CVE-2017-8890
CVE CVE-2017-9074
CVE CVE-2017-9075
CVE CVE-2017-9076
CVE CVE-2017-9077
CVE CVE-2017-9242
XREF OSVDB:154548
XREF OSVDB:156817
XREF OSVDB:157027
XREF OSVDB:157334
XREF OSVDB:157813
XREF OSVDB:157814
XREF OSVDB:157815
XREF OSVDB:157876
XREF OSVDB:158030
XREF OSVDB:158171
XREF USN:3343-1
Plugin Information:
Published: 2017/06/30, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-123-generic_3.13.0-123.172

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.123.133
101928 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3360-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2014-9900)

It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. (CVE-2015-8944)

It was discovered that a use-after-free vulnerability existed in the performance events and counters subsystem of the Linux kernel for ARM64. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2015-8955)

It was discovered that the SCSI generic (sg) driver in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-8962)

Sasha Levin discovered that a race condition existed in the performance events and counters subsystem of the Linux kernel when handling CPU unplug events. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2015-8963)

Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory).
(CVE-2015-8964)

It was discovered that the fcntl64() system call in the Linux kernel did not properly set memory limits when returning on 32-bit ARM processors. A local attacker could use this to gain administrative privileges. (CVE-2015-8966)

It was discovered that the system call table for ARM 64-bit processors in the Linux kernel was not write-protected. An attacker could use this in conjunction with another kernel vulnerability to execute arbitrary code. (CVE-2015-8967)

It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.
(CVE-2016-10088)

Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-1000380)

Li Qiang discovered that the DRM driver for VMware Virtual GPUs in the Linux kernel did not properly validate some ioctl arguments. A local attacker could use this to cause a denial of service (system crash).
(CVE-2017-7346)

Tuomas Haanpaa and Ari Kauppi discovered that the NFSv2 and NFSv3 server implementations in the Linux kernel did not properly check for the end of buffer. A remote attacker could use this to craft requests that cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7895)

It was discovered that an integer underflow existed in the Edgeport USB Serial Converter device driver of the Linux kernel. An attacker with physical access could use this to expose sensitive information (kernel memory). (CVE-2017-8924)

It was discovered that the USB ZyXEL omni.net LCD PLUS driver in the Linux kernel did not properly perform reference counting. A local attacker could use this to cause a denial of service (tty exhaustion).
(CVE-2017-8925)

Murray McAllister discovered that the DRM driver for VMware Virtual GPUs in the Linux kernel did not properly initialize memory. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-9605).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2014-9900
CVE CVE-2015-8944
CVE CVE-2015-8955
CVE CVE-2015-8962
CVE CVE-2015-8963
CVE CVE-2015-8964
CVE CVE-2015-8966
CVE CVE-2015-8967
CVE CVE-2016-10088
CVE CVE-2017-1000380
CVE CVE-2017-7346
CVE CVE-2017-7895
CVE CVE-2017-8924
CVE CVE-2017-8925
CVE CVE-2017-9605
XREF OSVDB:142398
XREF OSVDB:142399
XREF OSVDB:145118
XREF OSVDB:147000
XREF OSVDB:147058
XREF OSVDB:147059
XREF OSVDB:148265
XREF OSVDB:148443
XREF OSVDB:148445
XREF OSVDB:154709
XREF OSVDB:156529
XREF OSVDB:156530
XREF OSVDB:157489
XREF OSVDB:157492
XREF OSVDB:159015
XREF OSVDB:159145
XREF USN:3360-1
Plugin Information:
Published: 2017/07/24, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-125-generic_3.13.0-125.174

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.125.135
103327 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : libxml2 vulnerabilities (USN-3424-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code.
(CVE-2017-0663)

It was discovered that libxml2 did not properly validate parsed entity references. An attacker could use this to specially construct XML data that could expose sensitive information. (CVE-2017-7375)

It was discovered that a buffer overflow existed in libxml2 when handling HTTP redirects. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. (CVE-2017-7376)

Marcel Bohme and Van-Thuan Pham discovered a buffer overflow in libxml2 when handling elements. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. (CVE-2017-9047)

Marcel Bohme and Van-Thuan Pham discovered a buffer overread in libxml2 when handling elements. An attacker could use this to specially construct XML data that could cause a denial of service.
(CVE-2017-9048)

Marcel Bohme and Van-Thuan Pham discovered multiple buffer overreads in libxml2 when handling parameter-entity references. An attacker could use these to specially construct XML data that could cause a denial of service. (CVE-2017-9049, CVE-2017-9050).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxml2 package.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-0663
CVE CVE-2017-7375
CVE CVE-2017-7376
CVE CVE-2017-9047
CVE CVE-2017-9048
CVE CVE-2017-9049
CVE CVE-2017-9050
XREF OSVDB:134833
XREF OSVDB:138568
XREF OSVDB:155169
XREF OSVDB:157714
XREF OSVDB:157715
XREF OSVDB:157735
XREF OSVDB:158584
XREF USN:3424-1
Plugin Information:
Published: 2017/09/19, Modified: 2018/03/27
Plugin Output

tcp/0


- Installed package : libxml2_2.9.1+dfsg1-3ubuntu4.5
Fixed package : libxml2_2.9.1+dfsg1-3ubuntu4.10
104322 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3470-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Qian Zhang discovered a heap-based buffer overflow in the tipc_msg_build() function in the Linux kernel. A local attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-8632)

Dmitry Vyukov discovered that a race condition existed in the timerfd subsystem of the Linux kernel when handling might_cancel queuing. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-10661)

It was discovered that the Flash-Friendly File System (f2fs) implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2017-10662, CVE-2017-10663)

Anthony Perard discovered that the Xen virtual block driver did not properly initialize some data structures before passing them to user space. A local attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
(CVE-2017-10911)

It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-11176)

Dave Chinner discovered that the XFS filesystem did not enforce that the realtime inode flag was settable only on filesystems on a realtime device. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-14340).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-8632
CVE CVE-2017-10661
CVE CVE-2017-10662
CVE CVE-2017-10663
CVE CVE-2017-10911
CVE CVE-2017-11176
CVE CVE-2017-14340
XREF OSVDB:146777
XREF OSVDB:159516
XREF OSVDB:160817
XREF OSVDB:162596
XREF OSVDB:162597
XREF OSVDB:162598
XREF OSVDB:165380
XREF USN:3470-1
Plugin Information:
Published: 2017/11/01, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-135-generic_3.13.0-135.184

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.135.144
107003 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3583-1) (Meltdown)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System (f2fs) in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-0750)

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-0861)

It was discovered that the KVM implementation in the Linux kernel allowed passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2017-1000407)

Bo Zhang discovered that the netlink wireless configuration interface in the Linux kernel did not properly validate attributes when handling certain requests. A local attacker with the CAP_NET_ADMIN could use this to cause a denial of service (system crash). (CVE-2017-12153)

Vitaly Mayatskikh discovered that the SCSI subsystem in the Linux kernel did not properly track reference counts when merging buffers. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2017-12190)

It was discovered that the key management subsystem in the Linux kernel did not properly restrict key reads on negatively instantiated keys. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-12192)

It was discovered that an integer overflow existed in the sysfs interface for the QLogic 24xx+ series SCSI driver in the Linux kernel.
A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2017-14051)

Otto Ebeling discovered that the memory manager in the Linux kernel did not properly check the effective UID in some situations. A local attacker could use this to expose sensitive information.
(CVE-2017-14140)

It was discovered that the ATI Radeon framebuffer driver in the Linux kernel did not properly initialize a data structure returned to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-14156)

ChunYu Wang discovered that the iSCSI transport implementation in the Linux kernel did not properly validate data structures. A local attacker could use this to cause a denial of service (system crash).
(CVE-2017-14489)

James Patrick-Evans discovered a race condition in the LEGO USB Infrared Tower driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-15102)

ChunYu Wang discovered that a use-after-free vulnerability existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code, (CVE-2017-15115)

It was discovered that the key management subsystem in the Linux kernel did not properly handle NULL payloads with non-zero length values. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-15274)

It was discovered that the Bluebooth Network Encapsulation Protocol (BNEP) implementation in the Linux kernel did not validate the type of socket passed in the BNEPCONNADD ioctl(). A local attacker with the CAP_NET_ADMIN privilege could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-15868)

Andrey Konovalov discovered a use-after-free vulnerability in the USB serial console driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16525)

It was discovered that the netfilter passive OS fingerprinting (xt_osf) module did not properly perform access control checks. A local attacker could improperly modify the systemwide OS fingerprint list. (CVE-2017-17450)

It was discovered that the HMAC implementation did not validate the state of the underlying cryptographic hash algorithm. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-17806)

Denys Fedoryshchenko discovered a use-after-free vulnerability in the netfilter xt_TCPMSS filter of the Linux kernel. A remote attacker could use this to cause a denial of service (system crash).
(CVE-2017-18017)

Gareth Evans discovered that the shm IPC subsystem in the Linux kernel did not properly restrict mapping page zero. A local privileged attacker could use this to execute arbitrary code. (CVE-2017-5669)

It was discovered that an integer overflow vulnerability existing in the IPv6 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (infinite loop). (CVE-2017-7542)

Tommi Rantala and Brad Spengler discovered that the memory manager in the Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism. A local attacker with access to /dev/mem could use this to expose sensitive information or possibly execute arbitrary code. (CVE-2017-7889)

Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-8824)

Mohamed Ghannam discovered a NULL pointer dereference in the RDS (Reliable Datagram Sockets) protocol implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-5333)

Fan Long Fei discovered that a race condition existed in loop block device implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-5344)

USN-3524-1 mitigated CVE-2017-5754 (Meltdown) for the amd64 architecture in Ubuntu 14.04 LTS. This update provides the corresponding mitigations for the ppc64el architecture. Original advisory details :

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.8 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2017-0750
CVE CVE-2017-0861
CVE CVE-2017-1000407
CVE CVE-2017-12153
CVE CVE-2017-12190
CVE CVE-2017-12192
CVE CVE-2017-14051
CVE CVE-2017-14140
CVE CVE-2017-14156
CVE CVE-2017-14489
CVE CVE-2017-15102
CVE CVE-2017-15115
CVE CVE-2017-15274
CVE CVE-2017-15868
CVE CVE-2017-16525
CVE CVE-2017-17450
CVE CVE-2017-17806
CVE CVE-2017-18017
CVE CVE-2017-5669
CVE CVE-2017-5754
CVE CVE-2017-7542
CVE CVE-2017-7889
CVE CVE-2017-8824
CVE CVE-2018-5333
CVE CVE-2018-5344
XREF OSVDB:152521
XREF OSVDB:155682
XREF OSVDB:161727
XREF OSVDB:162316
XREF OSVDB:162644
XREF OSVDB:164407
XREF OSVDB:164575
XREF OSVDB:165409
XREF OSVDB:165602
XREF OSVDB:167117
XREF OSVDB:167222
XREF OSVDB:167244
XREF OSVDB:168634
XREF OSVDB:168635
XREF OSVDB:168707
XREF OSVDB:168804
XREF OSVDB:169396
XREF OSVDB:170217
XREF OSVDB:170288
XREF OSVDB:170325
XREF OSVDB:170441
XREF OSVDB:171286
XREF OSVDB:171761
XREF OSVDB:171894
XREF OSVDB:172439
XREF OSVDB:172553
XREF USN:3583-1
XREF IAVA:2018-A-0019
Plugin Information:
Published: 2018/02/26, Modified: 2018/02/28
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-142-generic_3.13.0-142.191

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.142.152
108843 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3620-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker with the CAP_NET_ADMIN privilege could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-11089)

It was discovered that a buffer overflow existed in the ioctl handling code in the ISDN subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-12762)

It was discovered that the netfilter component of the Linux did not properly restrict access to the connection tracking helpers list. A local attacker could use this to bypass intended access restrictions.
(CVE-2017-17448)

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel contained an out-of-bounds read when handling memory-mapped I/O. A local attacker could use this to expose sensitive information.
(CVE-2017-17741)

It was discovered that the Salsa20 encryption algorithm implementations in the Linux kernel did not properly handle zero-length inputs. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-17805)

It was discovered that the keyring implementation in the Linux kernel did not properly check permissions when a key request was performed on a task's' default keyring. A local attacker could use this to add keys to unauthorized keyrings. (CVE-2017-17807)

It was discovered that the Broadcom NetXtremeII ethernet driver in the Linux kernel did not properly validate Generic Segment Offload (GSO) packet sizes. An attacker could use this to cause a denial of service (interface unavailability). (CVE-2018-1000026)

It was discovered that the Reliable Datagram Socket (RDS) implementation in the Linux kernel contained an out-of-bounds write during RDMA page allocation. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2018-5332).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
References
Plugin Information:
Published: 2018/04/05, Modified: 2018/04/05
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-144-generic_3.13.0-144.193

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.144.154
110124 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : spice, spice-protocol vulnerability (USN-3659-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Frediano Ziglio discovered that Spice incorrectly handled certain client messages. An attacker could possibly use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libspice-protocol-dev and / or libspice-server1 packages.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
References
CVE CVE-2017-12194
XREF USN:3659-1
Plugin Information:
Published: 2018/05/25, Modified: 2018/05/25
Plugin Output

tcp/0


- Installed package : libspice-server1_0.12.4-0nocelt2ubuntu1.2
Fixed package : libspice-server1_0.12.4-0nocelt2ubuntu1.6
86467 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2776-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service. (CVE-2015-0272)

It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges.
(CVE-2015-5156)

It was discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel did not verify sockets were properly bound before attempting to send a message, which could cause a NULL pointer dereference. An attacker could use this to cause a denial of service (system crash). (CVE-2015-6937)

Ben Hutchings discovered that the Advanced Union Filesystem (aufs) for the Linux kernel did not correctly handle references of memory mapped files from an aufs mount. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2015-7312).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-0272
CVE CVE-2015-5156
CVE CVE-2015-6937
CVE CVE-2015-7312
XREF OSVDB:125846
XREF OSVDB:127415
XREF OSVDB:127518
XREF OSVDB:127759
XREF USN:2776-1
Plugin Information:
Published: 2015/10/20, Modified: 2016/10/26
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-66-generic_3.13.0-66.108
87108 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : dpkg vulnerability (USN-2820-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain old style Debian binary packages. If a user or an automated system were tricked into unpacking a specially crafted binary package, a remote attacker could possibly use this issue to execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected dpkg package.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2015-0860
XREF OSVDB:130706
XREF USN:2820-1
Plugin Information:
Published: 2015/11/30, Modified: 2016/05/24
Plugin Output

tcp/0


- Installed package : dpkg_1.17.5ubuntu5.4
Fixed package : dpkg_1.17.5ubuntu5.5
87369 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2834-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Kostya Serebryany discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,CVE-2015-7500)

Hugh Davenport discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8241, CVE-2015-8242)

Hanno Boeck discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.
(CVE-2015-8317).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxml2 package.
Risk Factor
High
CVSS Base Score
7.1 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.6 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2015-5312
CVE CVE-2015-7497
CVE CVE-2015-7498
CVE CVE-2015-7499
CVE CVE-2015-7500
CVE CVE-2015-8241
CVE CVE-2015-8242
CVE CVE-2015-8317
XREF OSVDB:130292
XREF OSVDB:130435
XREF OSVDB:130535
XREF OSVDB:130536
XREF OSVDB:130538
XREF OSVDB:130539
XREF OSVDB:130543
XREF OSVDB:130641
XREF OSVDB:130642
XREF USN:2834-1
Plugin Information:
Published: 2015/12/15, Modified: 2016/05/24
Plugin Output

tcp/0


- Installed package : libxml2_2.9.1+dfsg1-3ubuntu4.5
Fixed package : libxml2_2.9.1+dfsg1-3ubuntu4.6
87407 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : git vulnerability (USN-2835-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitrary code by injecting commands via crafted URLs.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected git package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-7545
XREF OSVDB:128629
XREF USN:2835-1
Plugin Information:
Published: 2015/12/16, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : git_1:1.9.1-1ubuntu0.1
Fixed package : git_1:1.9.1-1ubuntu0.2
87774 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libpng vulnerabilities (USN-2861-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program. (CVE-2015-8472)

Qixue Xiao and Chen Yu discovered that libpng incorrectly handled certain malformed images. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. (CVE-2015-8540).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libpng12-0 package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-8472
CVE CVE-2015-8540
XREF OSVDB:130175
XREF OSVDB:131598
XREF USN:2861-1
Plugin Information:
Published: 2016/01/07, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libpng12-0_1.2.50-1ubuntu2.14.04.1
Fixed package : libpng12-0_1.2.50-1ubuntu2.14.04.2
88010 - Ubuntu 14.04 LTS : linux vulnerability (USN-2870-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-0728
XREF OSVDB:133126
XREF USN:2870-1
Exploitable With
Core Impact (true)
Plugin Information:
Published: 2016/01/20, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-76-generic_3.13.0-76.120
88019 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2875-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxml2 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2015-7499
CVE CVE-2015-8710
XREF OSVDB:121127
XREF OSVDB:130538
XREF USN:2875-1
Plugin Information:
Published: 2016/01/20, Modified: 2016/12/05
Plugin Output

tcp/0


- Installed package : libxml2_2.9.1+dfsg1-3ubuntu4.5
Fixed package : libxml2_2.9.1+dfsg1-3ubuntu4.7
88409 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : mysql-5.5, mysql-5.6 vulnerabilities (USN-2881-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.47 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.28.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.h tml.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.6 packages.
Risk Factor
High
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-0503
CVE CVE-2016-0504
CVE CVE-2016-0505
CVE CVE-2016-0546
CVE CVE-2016-0595
CVE CVE-2016-0596
CVE CVE-2016-0597
CVE CVE-2016-0598
CVE CVE-2016-0600
CVE CVE-2016-0606
CVE CVE-2016-0607
CVE CVE-2016-0608
CVE CVE-2016-0609
CVE CVE-2016-0610
CVE CVE-2016-0611
CVE CVE-2016-0616
XREF OSVDB:133169
XREF OSVDB:133170
XREF OSVDB:133171
XREF OSVDB:133173
XREF OSVDB:133174
XREF OSVDB:133175
XREF OSVDB:133177
XREF OSVDB:133178
XREF OSVDB:133179
XREF OSVDB:133180
XREF OSVDB:133181
XREF OSVDB:133182
XREF OSVDB:133185
XREF OSVDB:133186
XREF OSVDB:133187
XREF OSVDB:133190
XREF USN:2881-1
Plugin Information:
Published: 2016/01/27, Modified: 2016/05/24
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.47-0ubuntu0.14.04.1
88576 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : qemu, qemu-kvm vulnerabilities (USN-2891-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Qinghao Tang discovered that QEMU incorrectly handled PCI MSI-X support. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-7549)

Lian Yihan discovered that QEMU incorrectly handled the VNC server. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2015-8504)

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)

Qinghao Tang discovered that QEMU incorrectly handled USB EHCI emulation support. An attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service.
(CVE-2015-8558)

Qinghao Tang discovered that QEMU incorrectly handled the vmxnet3 device. An attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-8567, CVE-2015-8568)

Qinghao Tang discovered that QEMU incorrectly handled SCSI MegaRAID SAS HBA emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-8613)

Ling Liu discovered that QEMU incorrectly handled the Human Monitor Interface. A local attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-8619, CVE-2016-1922)

David Alan Gilbert discovered that QEMU incorrectly handled the Q35 chipset emulation when performing VM guest migrations. An attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10.
(CVE-2015-8666)

Ling Liu discovered that QEMU incorrectly handled the NE2000 device.
An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2015-8743)

It was discovered that QEMU incorrectly handled the vmxnet3 device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-8744, CVE-2015-8745)

Qinghao Tang discovered that QEMU incorrect handled IDE AHCI emulation. An attacker inside the guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2016-1568)

Donghai Zhu discovered that QEMU incorrect handled the firmware configuration device. An attacker inside the guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2016-1714)

It was discovered that QEMU incorrectly handled the e1000 device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-1981)

Zuozhi Fzz discovered that QEMU incorrectly handled IDE AHCI emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 15.10. (CVE-2016-2197)

Zuozhi Fzz discovered that QEMU incorrectly handled USB EHCI emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-2198).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.5 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.4 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-7549
CVE CVE-2015-8504
CVE CVE-2015-8550
CVE CVE-2015-8558
CVE CVE-2015-8567
CVE CVE-2015-8568
CVE CVE-2015-8613
CVE CVE-2015-8619
CVE CVE-2015-8666
CVE CVE-2015-8743
CVE CVE-2015-8744
CVE CVE-2015-8745
CVE CVE-2016-1568
CVE CVE-2016-1714
CVE CVE-2016-1922
CVE CVE-2016-1981
CVE CVE-2016-2197
CVE CVE-2016-2198
XREF OSVDB:131399
XREF OSVDB:131668
XREF OSVDB:131793
XREF OSVDB:131824
XREF OSVDB:132029
XREF OSVDB:132136
XREF OSVDB:132210
XREF OSVDB:132257
XREF OSVDB:132261
XREF OSVDB:132466
XREF OSVDB:132467
XREF OSVDB:132549
XREF OSVDB:132550
XREF OSVDB:132759
XREF OSVDB:132798
XREF OSVDB:133524
XREF OSVDB:133811
XREF OSVDB:133847
XREF USN:2891-1
Plugin Information:
Published: 2016/02/04, Modified: 2017/08/16
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.22
88805 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : libreoffice vulnerabilities (USN-2899-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that LibreOffice incorrectly handled LWP document files. If a user were tricked into opening a specially crafted LWP document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libreoffice-core package.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-0794
CVE CVE-2016-0795
XREF OSVDB:134627
XREF OSVDB:134628
XREF USN:2899-1
Plugin Information:
Published: 2016/02/17, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libreoffice-core_1:4.2.8-0ubuntu3
Fixed package : libreoffice-core_1:4.2.8-0ubuntu4
88837 - Ubuntu 14.04 LTS / 15.10 : graphite2 vulnerabilities (USN-2902-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libgraphite2-3 package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.4 (CVSS:3.0/E:U/RL:U/RC:U)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.1 (CVSS2#E:U/RL:U/RC:UC)
References
CVE CVE-2016-1521
CVE CVE-2016-1522
CVE CVE-2016-1523
CVE CVE-2016-1526
XREF OSVDB:134244
XREF OSVDB:134245
XREF OSVDB:134246
XREF USN:2902-1
Plugin Information:
Published: 2016/02/18, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libgraphite2-3_1.2.4-1ubuntu1
Fixed package : libgraphite2-3_1.2.4-1ubuntu1.1
88895 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2907-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges.
(CVE-2016-1576)

halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs.
A local unprivileged attacker could use this to gain privileges.
(CVE-2016-1575)

It was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7550)

Guoyong Gang discovered that the Linux kernel networking implementation did not validate protocol identifiers for certain protocol families, A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.
(CVE-2015-8543)

Dmitry Vyukov discovered that the pptp implementation in the Linux kernel did not verify an address length when setting up a socket. A local attacker could use this to craft an application that exposed sensitive information from kernel memory. (CVE-2015-8569)

David Miller discovered that the Bluetooth implementation in the Linux kernel did not properly validate the socket address length for Synchronous Connection-Oriented (SCO) sockets. A local attacker could use this to expose sensitive information. (CVE-2015-8575)

It was discovered that the Linux kernel's Filesystem in Userspace (FUSE) implementation did not handle initial zero length segments properly. A local attacker could use this to cause a denial of service (unkillable task). (CVE-2015-8785).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
References
Plugin Information:
Published: 2016/02/23, Modified: 2016/10/26
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-79-generic_3.13.0-79.123
88950 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : ca-certificates update (USN-2913-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, including the removal of the SPI CA and CA certificates with 1024-bit RSA keys.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected ca-certificates package.
Risk Factor
High
References
XREF USN:2913-1
Plugin Information:
Published: 2016/02/25, Modified: 2016/05/24
Plugin Output

tcp/0


- Installed package : ca-certificates_20141019ubuntu0.14.04.1
Fixed package : ca-certificates_20160104ubuntu0.14.04.1
88952 - Ubuntu 12.04 LTS / 14.04 LTS : openssl update (USN-2913-3)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the OpenSSL package to properly handle the removal.

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, including the removal of the SPI CA and CA certificates with 1024-bit RSA keys.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
High
References
XREF USN:2913-3
Plugin Information:
Published: 2016/02/25, Modified: 2016/05/24
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.17
89100 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : perl vulnerabilities (USN-2916-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-7422)

Markus Vervier discovered that Perl incorrectly handled nesting in the Data::Dumper module. An attacker could use this issue to cause Perl to consume memory and crash, resulting in a denial of service.
(CVE-2014-4330)

Stephane Chazelas discovered that Perl incorrectly handled duplicate environment variables. An attacker could possibly use this issue to bypass the taint protection mechanism. (CVE-2016-2381).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected perl package.
Risk Factor
High
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2013-7422
CVE CVE-2014-4330
CVE CVE-2016-2381
XREF OSVDB:111848
XREF OSVDB:117830
XREF OSVDB:135239
XREF USN:2916-1
Plugin Information:
Published: 2016/03/03, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : perl_5.18.2-2ubuntu1
Fixed package : perl_5.18.2-2ubuntu1.1
89659 - Ubuntu 12.04 LTS / 14.04 LTS : pixman vulnerability (USN-2918-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Vincent LE GARREC discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, a remote attacker could cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libpixman-1-0 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2014-9766
XREF OSVDB:135048
XREF USN:2918-1
Plugin Information:
Published: 2016/03/04, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libpixman-1-0_0.30.2-2ubuntu1
Fixed package : libpixman-1-0_0.30.2-2ubuntu1.1
89930 - Ubuntu 14.04 LTS / 15.10 : graphite2 vulnerabilities (USN-2927-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libgraphite2-3 package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-1977
CVE CVE-2016-2790
CVE CVE-2016-2791
CVE CVE-2016-2792
CVE CVE-2016-2793
CVE CVE-2016-2794
CVE CVE-2016-2795
CVE CVE-2016-2796
CVE CVE-2016-2797
CVE CVE-2016-2798
CVE CVE-2016-2799
CVE CVE-2016-2800
CVE CVE-2016-2801
CVE CVE-2016-2802
XREF OSVDB:135605
XREF OSVDB:135606
XREF OSVDB:135607
XREF OSVDB:135608
XREF OSVDB:135609
XREF OSVDB:135610
XREF OSVDB:135611
XREF OSVDB:135612
XREF OSVDB:135613
XREF OSVDB:135614
XREF OSVDB:135615
XREF OSVDB:135616
XREF OSVDB:135617
XREF OSVDB:135618
XREF USN:2927-1
Plugin Information:
Published: 2016/03/15, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libgraphite2-3_1.2.4-1ubuntu1
Fixed package : libgraphite2-3_1.3.6-1ubuntu0.14.04.1
89932 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2929-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events.
A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134)

It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. (CVE-2013-4312)

Ralf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)

Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)

It was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-2384)

Dmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework did not verify that a FIFO was attached to a client before attempting to clear it. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2543)

Dmitry Vyukov discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) framework between timer setup and closing of the client, resulting in a use-after-free. A local attacker could use this to cause a denial of service. (CVE-2016-2544)

Dmitry Vyukov discovered a race condition in the timer handling implementation of the Advanced Linux Sound Architecture (ALSA) framework, resulting in a use-after-free. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2545)

Dmitry Vyukov discovered race conditions in the Advanced Linux Sound Architecture (ALSA) framework's timer ioctls leading to a use-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2016-2546)

Dmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers did not properly manage its data structures. A local attacker could use this to cause a denial of service (system hang or crash) or possibly execute arbitrary code. (CVE-2016-2547, CVE-2016-2548)

Dmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers could lead to a deadlock condition. A local attacker could use this to cause a denial of service (system hang). (CVE-2016-2549)

Ralf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
8.4 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2013-4312
CVE CVE-2015-7566
CVE CVE-2015-7833
CVE CVE-2016-0723
CVE CVE-2016-2384
CVE CVE-2016-2543
CVE CVE-2016-2544
CVE CVE-2016-2545
CVE CVE-2016-2546
CVE CVE-2016-2547
CVE CVE-2016-2548
CVE CVE-2016-2549
CVE CVE-2016-2782
CVE CVE-2016-3134
XREF OSVDB:128557
XREF OSVDB:132748
XREF OSVDB:133379
XREF OSVDB:133409
XREF OSVDB:134538
XREF OSVDB:134915
XREF OSVDB:134916
XREF OSVDB:134917
XREF OSVDB:134918
XREF OSVDB:134919
XREF OSVDB:134920
XREF OSVDB:135143
XREF OSVDB:135678
XREF USN:2929-1
Plugin Information:
Published: 2016/03/15, Modified: 2017/10/02
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-83-generic_3.13.0-83.127
90245 - Ubuntu 14.04 LTS / 15.10 : openjdk-7 vulnerability (USN-2942-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
A vulnerability was discovered in the JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.4 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.7 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-0636
XREF OSVDB:98536
XREF USN:2942-1
Plugin Information:
Published: 2016/03/28, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u95-2.6.4-0ubuntu0.14.04.2

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u95-2.6.4-0ubuntu0.14.04.2

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u95-2.6.4-0ubuntu0.14.04.2
90306 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : pcre3 vulnerabilities (USN-2943-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libpcre3 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
9.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C)
CVSS Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2014-9769
CVE CVE-2015-2325
CVE CVE-2015-2326
CVE CVE-2015-2327
CVE CVE-2015-2328
CVE CVE-2015-3210
CVE CVE-2015-5073
CVE CVE-2015-8380
CVE CVE-2015-8381
CVE CVE-2015-8382
CVE CVE-2015-8383
CVE CVE-2015-8384
CVE CVE-2015-8385
CVE CVE-2015-8386
CVE CVE-2015-8387
CVE CVE-2015-8388
CVE CVE-2015-8389
CVE CVE-2015-8390
CVE CVE-2015-8391
CVE CVE-2015-8392
CVE CVE-2015-8393
CVE CVE-2015-8394
CVE CVE-2015-8395
CVE CVE-2016-1283
CVE CVE-2016-3191
XREF OSVDB:109038
XREF OSVDB:109910
XREF OSVDB:119870
XREF OSVDB:119871
XREF OSVDB:122791
XREF OSVDB:123810
XREF OSVDB:125775
XREF OSVDB:125843
XREF OSVDB:126620
XREF OSVDB:130785
XREF OSVDB:131055
XREF OSVDB:131057
XREF OSVDB:131058
XREF OSVDB:131059
XREF OSVDB:131060
XREF OSVDB:131061
XREF OSVDB:131062
XREF OSVDB:131063
XREF OSVDB:131064
XREF OSVDB:131065
XREF OSVDB:131066
XREF OSVDB:131067
XREF OSVDB:131068
XREF OSVDB:132469
XREF OSVDB:134395
XREF USN:2943-1
Plugin Information:
Published: 2016/04/01, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libpcre3_1:8.31-2ubuntu2.1
Fixed package : libpcre3_1:8.31-2ubuntu2.2
90858 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : poppler vulnerabilities (USN-2958-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the poppler pdfseparate tool incorrectly handled certain filenames. A local attacker could use this issue to cause the tool to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS.
(CVE-2013-4473, CVE-2013-4474)

It was discovered that poppler incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. (CVE-2015-8868).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.7 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2013-4473
CVE CVE-2013-4474
CVE CVE-2015-8868
XREF OSVDB:99065
XREF OSVDB:99066
XREF OSVDB:132203
XREF USN:2958-1
Plugin Information:
Published: 2016/05/03, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libpoppler44_0.24.5-2ubuntu4.3
Fixed package : libpoppler44_0.24.5-2ubuntu4.4
91088 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2968-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7515)

Ben Hawkes discovered that the Linux kernel's AIO interface allowed single writes greater than 2GB, which could cause an integer overflow when writing to certain filesystems, socket or device types. A local attacker could this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2015-8830)

It was discovered that the Linux kernel did not keep accurate track of pipe buffer details when error conditions occurred, due to an incomplete fix for CVE-2015-1805. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-0774)

Zach Riggle discovered that the Linux kernel's list poison feature did not take into account the mmap_min_addr value. A local attacker could use this to bypass the kernel's poison-pointer protection mechanism while attempting to exploit an existing kernel vulnerability.
(CVE-2016-0821)

Ralf Spenneberg discovered that the USB sound subsystem in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2184)

Ralf Spenneberg discovered that the ATI Wonder Remote II USB driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2185)

Ralf Spenneberg discovered that the PowerMate USB driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2186)

Ralf Spenneberg discovered that the I/O-Warrior USB device driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-2188)

Sergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the MCT USB RS232 Converter device driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3136)

Sergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the Cypress M8 USB device driver in the Linux kernel did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash).
(CVE-2016-3137)

Sergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the USB abstract device control driver for modems and ISDN adapters did not validate endpoint descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3138)

Sergej Schumilo, Hendrik Schwartke, and Ralf Spenneberg discovered that the Linux kernel's USB driver for Digi AccelePort serial converters did not properly validate USB device descriptors. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3140)

It was discovered that the IPv4 implementation in the Linux kernel did not perform the destruction of inet device objects properly. An attacker in a guest OS could use this to cause a denial of service (networking outage) in the host OS. (CVE-2016-3156)

Andy Lutomirski discovered that the Linux kernel did not properly context- switch IOPL on 64-bit PV Xen guests. An attacker in a guest OS could use this to cause a denial of service (guest OS crash), gain privileges, or obtain sensitive information. (CVE-2016-3157)

It was discovered that the Linux kernel's USB driver for IMS Passenger Control Unit devices did not properly validate the device's interfaces. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3689).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:H/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.3 (CVSS2#E:H/RL:OF/RC:ND)
References
CVE CVE-2015-1805
CVE CVE-2015-7515
CVE CVE-2015-8830
CVE CVE-2016-0774
CVE CVE-2016-0821
CVE CVE-2016-2184
CVE CVE-2016-2185
CVE CVE-2016-2186
CVE CVE-2016-2188
CVE CVE-2016-3136
CVE CVE-2016-3137
CVE CVE-2016-3138
CVE CVE-2016-3140
CVE CVE-2016-3156
CVE CVE-2016-3157
CVE CVE-2016-3689
XREF OSVDB:122968
XREF OSVDB:130648
XREF OSVDB:135157
XREF OSVDB:135482
XREF OSVDB:135871
XREF OSVDB:135872
XREF OSVDB:135873
XREF OSVDB:135874
XREF OSVDB:135875
XREF OSVDB:135876
XREF OSVDB:135878
XREF OSVDB:135879
XREF OSVDB:135943
XREF OSVDB:135947
XREF OSVDB:136533
XREF USN:2968-1
Plugin Information:
Published: 2016/05/12, Modified: 2017/12/04
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-86-generic_3.13.0-86.130
91122 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : qemu, qemu-kvm vulnerabilities (USN-2974-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-2391)

Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-2392)

Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak host memory bytes. (CVE-2016-2538)

Hongke Yang discovered that QEMU incorrectly handled NE2000 emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-2841)

Ling Liu discovered that QEMU incorrectly handled IP checksum routines. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak host memory bytes. (CVE-2016-2857)

It was discovered that QEMU incorrectly handled the PRNG back-end support. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS.
(CVE-2016-2858)

Wei Xiao and Qinghao Tang discovered that QEMU incorrectly handled access in the VGA module. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2016-3710)

Zuozhi Fzz discovered that QEMU incorrectly handled access in the VGA module. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2016-3712)

Oleksandr Bazhaniuk discovered that QEMU incorrectly handled Luminary Micro Stellaris ethernet controller emulation. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-4001)

Oleksandr Bazhaniuk discovered that QEMU incorrectly handled MIPSnet controller emulation. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-4002)

Donghai Zdh discovered that QEMU incorrectly handled the Task Priority Register(TPR). A privileged attacker inside the guest could use this issue to possibly leak host memory bytes. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-4020)

Du Shaobo discovered that QEMU incorrectly handled USB EHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service.
(CVE-2016-4037).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.0 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2391
CVE CVE-2016-2392
CVE CVE-2016-2538
CVE CVE-2016-2841
CVE CVE-2016-2857
CVE CVE-2016-2858
CVE CVE-2016-3710
CVE CVE-2016-3712
CVE CVE-2016-4001
CVE CVE-2016-4002
CVE CVE-2016-4020
CVE CVE-2016-4037
XREF OSVDB:134630
XREF OSVDB:134631
XREF OSVDB:134888
XREF OSVDB:135279
XREF OSVDB:135305
XREF OSVDB:135338
XREF OSVDB:136948
XREF OSVDB:136949
XREF OSVDB:137159
XREF OSVDB:137352
XREF OSVDB:138373
XREF OSVDB:138374
XREF USN:2974-1
Plugin Information:
Published: 2016/05/13, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.24
91181 - Ubuntu 14.04 LTS : linux vulnerability (USN-2975-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-0758).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-0758
XREF OSVDB:138431
XREF USN:2975-1
Plugin Information:
Published: 2016/05/17, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-86-generic_3.13.0-86.131
91259 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : expat vulnerability (USN-2983-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Gustavo Grieco discovered that Expat incorrectly handled malformed XML data. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2016-0718).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected lib64expat1 and / or libexpat1 packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.4 (CVSS2#E:U/RL:U/RC:C)
References
CVE CVE-2016-0718
XREF OSVDB:138680
XREF USN:2983-1
Plugin Information:
Published: 2016/05/19, Modified: 2017/08/16
Plugin Output

tcp/0


- Installed package : libexpat1_2.1.0-4ubuntu1.1
Fixed package : libexpat1_2.1.0-4ubuntu1.2
91320 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : php5, php7.0 vulnerabilities (USN-2984-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8865)

Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly handled certain malformed Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-3078)

It was discovered that PHP incorrectly handled invalid indexes in the SplDoublyLinkedList class. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-3132)

It was discovered that the PHP rawurlencode() function incorrectly handled large strings. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4070)

It was discovered that the PHP php_snmp_error() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-4071)

It was discovered that the PHP phar extension incorrectly handled certain filenames in archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-4072)

It was discovered that the PHP mb_strcut() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-4073)

It was discovered that the PHP phar extension incorrectly handled certain archive files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-4342, CVE-2016-4343)

It was discovered that the PHP bcpowmod() function incorrectly handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-4537, CVE-2016-4538)

It was discovered that the PHP XML parser incorrectly handled certain malformed XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-4539)

It was discovered that certain PHP grapheme functions incorrectly handled negative offsets. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service.
(CVE-2016-4540, CVE-2016-4541)

It was discovered that PHP incorrectly handled certain malformed EXIF tags. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2016-4542, CVE-2016-4543, CVE-2016-4544).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
8.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2015-8865
CVE CVE-2016-3078
CVE CVE-2016-3132
CVE CVE-2016-4070
CVE CVE-2016-4071
CVE CVE-2016-4072
CVE CVE-2016-4073
CVE CVE-2016-4342
CVE CVE-2016-4343
CVE CVE-2016-4537
CVE CVE-2016-4538
CVE CVE-2016-4539
CVE CVE-2016-4540
CVE CVE-2016-4541
CVE CVE-2016-4542
CVE CVE-2016-4543
CVE CVE-2016-4544
XREF OSVDB:122863
XREF OSVDB:134031
XREF OSVDB:134037
XREF OSVDB:136483
XREF OSVDB:136484
XREF OSVDB:136485
XREF OSVDB:136486
XREF OSVDB:137738
XREF OSVDB:137781
XREF OSVDB:137782
XREF OSVDB:137783
XREF OSVDB:137784
XREF OSVDB:138122
XREF USN:2984-1
Plugin Information:
Published: 2016/05/25, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.14
Fixed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.17

- Installed package : php5-cli_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-cli_5.5.9+dfsg-1ubuntu4.17
91334 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : eglibc, glibc vulnerabilities (USN-2985-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. (CVE-2013-2207, CVE-2016-2856)

Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). (CVE-2014-8121)

Joseph Myers discovered that the GNU C Library did not properly handle long arguments to functions returning a representation of Not a Number (NaN). An attacker could use this to cause a denial of service (stack exhaustion leading to an application crash) or possibly execute arbitrary code. (CVE-2014-9761)

Arjun Shankar discovered that in certain situations the nss_dns code in the GNU C Library did not properly account buffer sizes when passed an unaligned buffer. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1781)

Sumit Bose and Lukas Slebodnik discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not handle long lines in the files databases correctly. A local attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-5277)

Adam Nielsen discovered that the strftime function in the GNU C Library did not properly handle out-of-range argument data. An attacker could use this to cause a denial of service (application crash) or possibly expose sensitive information. (CVE-2015-8776)

Hector Marco and Ismael Ripoll discovered that the GNU C Library allowed the pointer-guarding protection mechanism to be disabled by honoring the LD_POINTER_GUARD environment variable across privilege boundaries. A local attacker could use this to exploit an existing vulnerability more easily. (CVE-2015-8777)

Szabolcs Nagy discovered that the hcreate functions in the GNU C Library did not properly check its size argument, leading to an integer overflow. An attacker could use to cause a denial of service (application crash) or possibly execute arbitrary code.
(CVE-2015-8778)

Maksymilian Arciemowicz discovered a stack-based buffer overflow in the catopen function in the GNU C Library when handling long catalog names. An attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code.
(CVE-2015-8779)

Florian Weimer discovered that the getnetbyname implementation in the GNU C Library did not properly handle long names passed as arguments.
An attacker could use to cause a denial of service (stack exhaustion leading to an application crash). (CVE-2016-3075).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libc6 and / or libc6-dev packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2013-2207
CVE CVE-2014-8121
CVE CVE-2014-9761
CVE CVE-2015-1781
CVE CVE-2015-5277
CVE CVE-2015-8776
CVE CVE-2015-8777
CVE CVE-2015-8778
CVE CVE-2015-8779
CVE CVE-2016-2856
CVE CVE-2016-3075
XREF OSVDB:98105
XREF OSVDB:119253
XREF OSVDB:121105
XREF OSVDB:127768
XREF OSVDB:133568
XREF OSVDB:133572
XREF OSVDB:133574
XREF OSVDB:133577
XREF OSVDB:133580
XREF OSVDB:134903
XREF OSVDB:135494
XREF OSVDB:137999
XREF USN:2985-1
Plugin Information:
Published: 2016/05/26, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libc6_2.19-0ubuntu6.6
Fixed package : libc6_2.19-0ubuntu6.8

- Installed package : libc6-dev_2.19-0ubuntu6.6
Fixed package : libc6-dev_2.19-0ubuntu6.8
91341 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : eglibc, glibc regression (USN-2985-2)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade.
This update removes the fix for CVE-2014-9761 and a future update will be provided to address this issue.

We apologize for the inconvenience.

Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. (CVE-2013-2207, CVE-2016-2856)

Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). (CVE-2014-8121)

Joseph Myers discovered that the GNU C Library did not properly handle long arguments to functions returning a representation of Not a Number (NaN). An attacker could use this to cause a denial of service (stack exhaustion leading to an application crash) or possibly execute arbitrary code.
(CVE-2014-9761)

Arjun Shankar discovered that in certain situations the nss_dns code in the GNU C Library did not properly account buffer sizes when passed an unaligned buffer. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1781)

Sumit Bose and Lukas Slebodnik discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not handle long lines in the files databases correctly. A local attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code.
(CVE-2015-5277)

Adam Nielsen discovered that the strftime function in the GNU C Library did not properly handle out-of-range argument data. An attacker could use this to cause a denial of service (application crash) or possibly expose sensitive information. (CVE-2015-8776)

Hector Marco and Ismael Ripoll discovered that the GNU C Library allowed the pointer-guarding protection mechanism to be disabled by honoring the LD_POINTER_GUARD environment variable across privilege boundaries. A local attacker could use this to exploit an existing vulnerability more easily.
(CVE-2015-8777)

Szabolcs Nagy discovered that the hcreate functions in the GNU C Library did not properly check its size argument, leading to an integer overflow. An attacker could use to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8778)

Maksymilian Arciemowicz discovered a stack-based buffer overflow in the catopen function in the GNU C Library when handling long catalog names. An attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8779)

Florian Weimer discovered that the getnetbyname implementation in the GNU C Library did not properly handle long names passed as arguments. An attacker could use to cause a denial of service (stack exhaustion leading to an application crash). (CVE-2016-3075).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libc-bin, libc6 and / or libc6-dev packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2013-2207
CVE CVE-2014-8121
CVE CVE-2014-9761
CVE CVE-2015-1781
CVE CVE-2015-5277
CVE CVE-2015-8776
CVE CVE-2015-8777
CVE CVE-2015-8778
CVE CVE-2015-8779
CVE CVE-2016-2856
CVE CVE-2016-3075
XREF OSVDB:98105
XREF OSVDB:119253
XREF OSVDB:121105
XREF OSVDB:127768
XREF OSVDB:133568
XREF OSVDB:133572
XREF OSVDB:133574
XREF OSVDB:133577
XREF OSVDB:133580
XREF OSVDB:134903
XREF OSVDB:135494
XREF OSVDB:137999
XREF USN:2985-2
Plugin Information:
Published: 2016/05/27, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libc-bin_2.19-0ubuntu6.6
Fixed package : libc-bin_2.19-0ubuntu6.9

- Installed package : libc6_2.19-0ubuntu6.6
Fixed package : libc6_2.19-0ubuntu6.9

- Installed package : libc6-dev_2.19-0ubuntu6.6
Fixed package : libc6-dev_2.19-0ubuntu6.9
91558 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : squid3 vulnerabilities (USN-2995-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Yuriy M. Kaminskiy discovered that the Squid pinger utility incorrectly handled certain ICMPv6 packets. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly cause Squid to leak information into log files.
(CVE-2016-3947)

Yuriy M. Kaminskiy discovered that the Squid cachemgr.cgi tool incorrectly handled certain crafted data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-4051)

It was discovered that Squid incorrectly handled certain Edge Side Includes (ESI) responses. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-4052, CVE-2016-4053, CVE-2016-4054)

Jianjun Chen discovered that Squid did not correctly ignore the Host header when absolute-URI is provided. A remote attacker could possibly use this issue to conduct cache-poisoning attacks. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS.
(CVE-2016-4553)

Jianjun Chen discovered that Squid incorrectly handled certain HTTP Host headers. A remote attacker could possibly use this issue to conduct cache-poisoning attacks. (CVE-2016-4554)

It was discovered that Squid incorrectly handled certain Edge Side Includes (ESI) responses. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service.
(CVE-2016-4555, CVE-2016-4556).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected squid-cgi and / or squid3 packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-3947
CVE CVE-2016-4051
CVE CVE-2016-4052
CVE CVE-2016-4053
CVE CVE-2016-4054
CVE CVE-2016-4553
CVE CVE-2016-4554
CVE CVE-2016-4555
CVE CVE-2016-4556
XREF OSVDB:136596
XREF OSVDB:137402
XREF OSVDB:137403
XREF OSVDB:137404
XREF OSVDB:137405
XREF OSVDB:138132
XREF OSVDB:138133
XREF OSVDB:138134
XREF USN:2995-1
Plugin Information:
Published: 2016/06/10, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : squid3_3.3.8-1ubuntu6.4
Fixed package : squid3_3.3.8-1ubuntu6.8
91561 - Ubuntu 14.04 LTS : linux vulnerability (USN-2999-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:F/RL:X/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.8 (CVSS2#E:F/RL:ND/RC:ND)
References
CVE CVE-2016-1583
XREF OSVDB:139987
XREF USN:2999-1
Plugin Information:
Published: 2016/06/10, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-88-generic_3.13.0-88.135
91726 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : expat vulnerabilities (USN-3010-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Expat unexpectedly called srand in certain circumstances. This could reduce the security of calling applications.
(CVE-2012-6702)

It was discovered that Expat incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-5300).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected lib64expat1 and / or libexpat1 packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2012-6702
CVE CVE-2016-5300
XREF OSVDB:80892
XREF OSVDB:139342
XREF USN:3010-1
Plugin Information:
Published: 2016/06/21, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libexpat1_2.1.0-4ubuntu1.1
Fixed package : libexpat1_2.1.0-4ubuntu1.3
91880 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3018-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997)

Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory.
(CVE-2016-4482)

Jann Horn discovered that the InfiniBand interfaces within the Linux kernel could be coerced into overwriting kernel memory. A local unprivileged attacker could use this to possibly gain administrative privileges on systems where InifiniBand related kernel modules are loaded. (CVE-2016-4565)

Kangjie Lu discovered an information leak in the timer handling implementation in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory.
(CVE-2016-4569, CVE-2016-4578)

Kangjie Lu discovered an information leak in the X.25 Call Request handling in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory.
(CVE-2016-4580)

It was discovered that an information leak exists in the Rock Ridge implementation in the Linux kernel. A local attacker who is able to mount a malicious iso9660 file system image could exploit this flaw to obtain potentially sensitive information from kernel memory.
(CVE-2016-4913)

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or obtain potentially sensitive information from kernel memory. (CVE-2016-4998).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-4482
CVE CVE-2016-4565
CVE CVE-2016-4569
CVE CVE-2016-4578
CVE CVE-2016-4580
CVE CVE-2016-4913
CVE CVE-2016-4997
CVE CVE-2016-4998
XREF OSVDB:137963
XREF OSVDB:138176
XREF OSVDB:138383
XREF OSVDB:138444
XREF OSVDB:138785
XREF OSVDB:140493
XREF OSVDB:140494
XREF USN:3018-1
Exploitable With
Metasploit (true)
Plugin Information:
Published: 2016/06/28, Modified: 2018/04/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-91-generic_3.13.0-91.138
91954 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : tomcat6, tomcat7 vulnerabilities (USN-3024-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Tomcat incorrectly handled pathnames used by web applications in a getResource, getResourceAsStream, or getResourcePaths call. A remote attacker could use this issue to possibly list a parent directory . This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-5174)

It was discovered that the Tomcat mapper component incorrectly handled redirects. A remote attacker could use this issue to determine the existence of a directory. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-5345)

It was discovered that Tomcat incorrectly handled different session settings when multiple versions of the same web application was deployed. A remote attacker could possibly use this issue to hijack web sessions. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-5346)

It was discovered that the Tomcat Manager and Host Manager applications incorrectly handled new requests. A remote attacker could possibly use this issue to bypass CSRF protection mechanisms. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-5351)

It was discovered that Tomcat did not place StatusManagerServlet on the RestrictedServlets list. A remote attacker could possibly use this issue to read arbitrary HTTP requests, including session ID values.
This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-0706)

It was discovered that the Tomcat session-persistence implementation incorrectly handled session attributes. A remote attacker could possibly use this issue to execute arbitrary code in a privileged context. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-0714)

It was discovered that the Tomcat setGlobalContext method incorrectly checked if callers were authorized. A remote attacker could possibly use this issue to read or wite to arbitrary application data, or cause a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-0763)

It was discovered that the Tomcat Fileupload library incorrectly handled certain upload requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-3092).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libtomcat6-java and / or libtomcat7-java packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.1 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
6.4 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2015-5174
CVE CVE-2015-5345
CVE CVE-2015-5346
CVE CVE-2015-5351
CVE CVE-2016-0706
CVE CVE-2016-0714
CVE CVE-2016-0763
CVE CVE-2016-3092
XREF OSVDB:134823
XREF OSVDB:134824
XREF OSVDB:134825
XREF OSVDB:134826
XREF OSVDB:134827
XREF OSVDB:134828
XREF OSVDB:134829
XREF OSVDB:140354
XREF USN:3024-1
Plugin Information:
Published: 2016/07/06, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libtomcat7-java_7.0.52-1ubuntu0.3
Fixed package : libtomcat7-java_7.0.52-1ubuntu0.6
92009 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : nspr vulnerability (USN-3028-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that NSPR incorrectly handled memory allocation. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnspr4 package.
Risk Factor
High
CVSS v3.0 Base Score
8.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-1951
XREF OSVDB:139631
XREF USN:3028-1
Plugin Information:
Published: 2016/07/12, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libnspr4_2:4.10.10-0ubuntu0.14.04.1
Fixed package : libnspr4_2:4.12-0ubuntu0.14.04.1
92010 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : nss vulnerability (USN-3029-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Tyson Smith and Jed Davis discovered that NSS incorrectly handled memory. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

This update refreshes the NSS package to version 3.23 which includes the latest CA certificate bundle. As a security improvement, this update also modifies NSS behaviour to reject DH key sizes below 1024 bits, preventing a possible downgrade attack.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnss3 package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
References
CVE CVE-2016-2834
XREF USN:3029-1
Plugin Information:
Published: 2016/07/12, Modified: 2016/10/14
Plugin Output

tcp/0


- Installed package : libnss3_2:3.19.2.1-0ubuntu0.14.04.1
Fixed package : libnss3_2:3.23-0ubuntu0.14.04.1
92699 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : php5, php7.0 vulnerabilities (USN-3045-1) (httpoxy)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-4116)

It was discovered that PHP incorrectly handled recursive method calls.
A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8873)

It was discovered that PHP incorrectly validated certain Exception objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8876)

It was discovered that PHP header() function performed insufficient filtering for Internet Explorer. A remote attacker could possibly use this issue to perform a XSS attack. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8935)

It was discovered that PHP incorrectly handled certain locale operations. An attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5093)

It was discovered that the PHP php_html_entities() function incorrectly handled certain string lengths. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5094, CVE-2016-5095)

It was discovered that the PHP fread() function incorrectly handled certain lengths. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2016-5096)

It was discovered that the PHP FastCGI Process Manager (FPM) SAPI incorrectly handled memory in the access logging feature. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly expose sensitive information. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5114)

It was discovered that PHP would not protect applications from contents of the HTTP_PROXY environment variable when based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with scripts that honour the HTTP_PROXY variable to redirect outgoing HTTP requests.
(CVE-2016-5385)

Hans Jerry Illikainen discovered that the PHP bzread() function incorrectly performed error handling. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-5399)

It was discovered that certain PHP multibyte string functions incorrectly handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.
(CVE-2016-5768)

It was discovered that the PHP Mcrypt extension incorrectly handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.
This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2016-5769)

It was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing malicious data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only addressed in Ubuntu Ubuntu 14.04 LTS. (CVE-2016-5771, CVE-2016-5773)

It was discovered that PHP incorrectly handled memory when unserializing malicious xml data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5772)

It was discovered that the PHP php_url_parse_ex() function incorrectly handled string termination. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-6288)

It was discovered that PHP incorrectly handled path lengths when extracting certain Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6289)

It was discovered that PHP incorrectly handled session deserialization. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6290)

It was discovered that PHP incorrectly handled exif headers when processing certain JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6291, CVE-2016-6292)

It was discovered that PHP incorrectly handled certain locale operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6294)

It was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing SNMP data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6295)

It was discovered that the PHP xmlrpc_encode_request() function incorrectly handled certain lengths. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6296)

It was discovered that the PHP php_stream_zip_opener() function incorrectly handled memory. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6297).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:ND)
References
CVE CVE-2015-4116
CVE CVE-2015-8873
CVE CVE-2015-8876
CVE CVE-2015-8935
CVE CVE-2016-5093
CVE CVE-2016-5094
CVE CVE-2016-5095
CVE CVE-2016-5096
CVE CVE-2016-5114
CVE CVE-2016-5385
CVE CVE-2016-5399
CVE CVE-2016-5768
CVE CVE-2016-5769
CVE CVE-2016-5771
CVE CVE-2016-5772
CVE CVE-2016-5773
CVE CVE-2016-6288
CVE CVE-2016-6289
CVE CVE-2016-6290
CVE CVE-2016-6291
CVE CVE-2016-6292
CVE CVE-2016-6294
CVE CVE-2016-6295
CVE CVE-2016-6296
CVE CVE-2016-6297
XREF OSVDB:122735
XREF OSVDB:125852
XREF OSVDB:125853
XREF OSVDB:132662
XREF OSVDB:138996
XREF OSVDB:138997
XREF OSVDB:139005
XREF OSVDB:140308
XREF OSVDB:140377
XREF OSVDB:140381
XREF OSVDB:140384
XREF OSVDB:140387
XREF OSVDB:140391
XREF OSVDB:141667
XREF OSVDB:141942
XREF OSVDB:141943
XREF OSVDB:141944
XREF OSVDB:141945
XREF OSVDB:141946
XREF OSVDB:141954
XREF OSVDB:141957
XREF OSVDB:141958
XREF OSVDB:142018
XREF OSVDB:142133
XREF USN:3045-1
Plugin Information:
Published: 2016/08/03, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.14
Fixed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.19

- Installed package : php5-cli_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-cli_5.5.9+dfsg-1ubuntu4.19
92751 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : qemu, qemu-kvm vulnerabilities (USN-3047-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-4439, CVE-2016-4441, CVE-2016-5238, CVE-2016-5338, CVE-2016-6351)

Li Qiang and Qinghao Tang discovered that QEMU incorrectly handled the VMware VGA module. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly to obtain sensitive host memory. (CVE-2016-4453, CVE-2016-4454)

Li Qiang discovered that QEMU incorrectly handled VMWARE PVSCSI paravirtual SCSI bus emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-4952)

Li Qiang discovered that QEMU incorrectly handled MegaRAID SAS 8708EM2 Host Bus Adapter emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly to obtain sensitive host memory. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-5105, CVE-2016-5106, CVE-2016-5107, CVE-2016-5337)

It was discovered that QEMU incorrectly handled certain iSCSI asynchronous I/O ioctl calls. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5126)

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-5403).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.2 (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-4439
CVE CVE-2016-4441
CVE CVE-2016-4453
CVE CVE-2016-4454
CVE CVE-2016-4952
CVE CVE-2016-5105
CVE CVE-2016-5106
CVE CVE-2016-5107
CVE CVE-2016-5126
CVE CVE-2016-5238
CVE CVE-2016-5337
CVE CVE-2016-5338
CVE CVE-2016-5403
CVE CVE-2016-6351
XREF OSVDB:138741
XREF OSVDB:138742
XREF OSVDB:138951
XREF OSVDB:139049
XREF OSVDB:139050
XREF OSVDB:139051
XREF OSVDB:139178
XREF OSVDB:139179
XREF OSVDB:139237
XREF OSVDB:139324
XREF OSVDB:139518
XREF OSVDB:139575
XREF OSVDB:139576
XREF OSVDB:142100
XREF OSVDB:142178
XREF USN:3047-1
Plugin Information:
Published: 2016/08/05, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.26
92815 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : curl vulnerabilities (USN-3048-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Bru Rom discovered that curl incorrectly handled client certificates when resuming a TLS session. (CVE-2016-5419)

It was discovered that curl incorrectly handled client certificates when reusing TLS connections. (CVE-2016-5420)

Marcelo Echeverria and Fernando Munoz discovered that curl incorrectly reused a connection struct, contrary to expectations. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-5421).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libcurl3, libcurl3-gnutls and / or libcurl3-nss packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-5419
CVE CVE-2016-5420
CVE CVE-2016-5421
XREF OSVDB:142492
XREF OSVDB:142493
XREF OSVDB:142494
XREF USN:3048-1
Plugin Information:
Published: 2016/08/09, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libcurl3-gnutls_7.35.0-1ubuntu2.5
Fixed package : libcurl3-gnutls_7.35.0-1ubuntu2.8
92966 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : qemu, qemu-kvm regression (USN-3047-2)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. We apologize for the inconvenience.

Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-4439, CVE-2016-4441, CVE-2016-5238, CVE-2016-5338, CVE-2016-6351)

Li Qiang and Qinghao Tang discovered that QEMU incorrectly handled the VMware VGA module. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly to obtain sensitive host memory. (CVE-2016-4453, CVE-2016-4454)

Li Qiang discovered that QEMU incorrectly handled VMWARE PVSCSI paravirtual SCSI bus emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-4952)

Li Qiang discovered that QEMU incorrectly handled MegaRAID SAS 8708EM2 Host Bus Adapter emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly to obtain sensitive host memory. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5105, CVE-2016-5106, CVE-2016-5107, CVE-2016-5337)

It was discovered that QEMU incorrectly handled certain iSCSI asynchronous I/O ioctl calls. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5126)

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-5403).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.2 (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-4439
CVE CVE-2016-4441
CVE CVE-2016-4453
CVE CVE-2016-4454
CVE CVE-2016-4952
CVE CVE-2016-5105
CVE CVE-2016-5106
CVE CVE-2016-5107
CVE CVE-2016-5126
CVE CVE-2016-5238
CVE CVE-2016-5337
CVE CVE-2016-5338
CVE CVE-2016-5403
CVE CVE-2016-6351
XREF OSVDB:138741
XREF OSVDB:138742
XREF OSVDB:138951
XREF OSVDB:139049
XREF OSVDB:139050
XREF OSVDB:139051
XREF OSVDB:139178
XREF OSVDB:139179
XREF OSVDB:139237
XREF OSVDB:139324
XREF OSVDB:139518
XREF OSVDB:139575
XREF OSVDB:139576
XREF OSVDB:142100
XREF OSVDB:142178
XREF USN:3047-2
Plugin Information:
Published: 2016/08/15, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.27
92999 - Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3062-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code.
(CVE-2016-3598, CVE-2016-3606, CVE-2016-3610)

A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this to expose sensitive data over the network or possibly execute arbitrary code. (CVE-2016-3458)

Multiple vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2016-3500, CVE-2016-3508)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2016-3550).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.3 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-3458
CVE CVE-2016-3500
CVE CVE-2016-3508
CVE CVE-2016-3550
CVE CVE-2016-3598
CVE CVE-2016-3606
CVE CVE-2016-3610
XREF OSVDB:141825
XREF OSVDB:141826
XREF OSVDB:141827
XREF OSVDB:141832
XREF OSVDB:141833
XREF OSVDB:141834
XREF OSVDB:141835
XREF USN:3062-1
Plugin Information:
Published: 2016/08/17, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u111-2.6.7-0ubuntu0.14.04.3

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u111-2.6.7-0ubuntu0.14.04.3

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u111-2.6.7-0ubuntu0.14.04.3
93106 - Ubuntu 14.04 LTS / 16.04 LTS : harfbuzz vulnerabilities (USN-3067-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Kostya Serebryany discovered that HarfBuzz incorrectly handled memory.
A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-8947)

It was discovered that HarfBuzz incorrectly handled certain length checks. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 16.04 LTS. (CVE-2016-2052).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libharfbuzz0b package.
Risk Factor
High
CVSS v3.0 Base Score
7.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2015-8947
CVE CVE-2016-2052
XREF OSVDB:133496
XREF OSVDB:141594
XREF USN:3067-1
Plugin Information:
Published: 2016/08/25, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libharfbuzz0b_0.9.27-1ubuntu1
Fixed package : libharfbuzz0b_0.9.27-1ubuntu1.1
93218 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3071-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-5244)

Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux kernel. A remote attacker could use this to cause a denial of service (reset connection) or inject content into an TCP stream. (CVE-2016-5696)

Pengfei Wang discovered a race condition in the MIC VOP driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or obtain potentially sensitive information from kernel memory. (CVE-2016-5728)

Cyril Bur discovered that on PowerPC platforms, the Linux kernel mishandled transactional memory state on exec(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-5828)

It was discovered that a heap based buffer overflow existed in the USB HID driver in the Linux kernel. A local attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2016-5829).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
References
Plugin Information:
Published: 2016/08/30, Modified: 2016/10/26
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-95-generic_3.13.0-95.142
93600 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : tomcat6, tomcat7, tomcat8 vulnerability (USN-3081-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. (CVE-2016-1240)

This update also reverts a change in behaviour introduced in USN-3024-1 by setting mapperContextRootRedirectEnabled to True by default.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-1240
XREF OSVDB:144341
XREF USN:3081-1
Plugin Information:
Published: 2016/09/20, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libtomcat7-java_7.0.52-1ubuntu0.3
Fixed package : libtomcat7-java_7.0.52-1ubuntu0.7

- Installed package : tomcat7_7.0.52-1ubuntu0.3
Fixed package : tomcat7_7.0.52-1ubuntu0.7
93602 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3083-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2016-3841)

It was discovered that a race condition existed when handling heartbeat- timeout events in the SCTP implementation of the Linux kernel. A remote attacker could use this to cause a denial of service.
(CVE-2015-8767).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-8767
CVE CVE-2016-3841
XREF OSVDB:132811
XREF OSVDB:142466
XREF USN:3083-1
Plugin Information:
Published: 2016/09/20, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-96-generic_3.13.0-96.143
93648 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : gdk-pixbuf vulnerabilities (USN-3085-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that the GDK-PixBuf library did not properly handle specially crafted bmp images, leading to a heap-based buffer overflow.
If a user or automated system were tricked into opening a specially crafted bmp file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-7552)

It was discovered that the GDK-PixBuf library contained an integer overflow when handling certain images. If a user or automated system were tricked into opening a crafted image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8875)

Franco Costantini discovered that the GDK-PixBuf library contained an out-of-bounds write error when parsing an ico file. If a user or automated system were tricked into opening a crafted ico file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6352).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libgdk-pixbuf2.0-0 package.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-7552
CVE CVE-2015-8875
CVE CVE-2016-6352
XREF OSVDB:133603
XREF OSVDB:138541
XREF OSVDB:142171
XREF USN:3085-1
Plugin Information:
Published: 2016/09/22, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libgdk-pixbuf2.0-0_2.30.7-0ubuntu1.2
Fixed package : libgdk-pixbuf2.0-0_2.30.7-0ubuntu1.6
93684 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : openssl vulnerabilities (USN-3087-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service.
(CVE-2016-6304)

Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2177)

Cesar Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL did not properly use constant-time operations when performing DSA signing. A remote attacker could possibly use this issue to perform a cache-timing attack and recover private DSA keys. (CVE-2016-2178)

Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. (CVE-2016-2179)

Shi Lei discovered that OpenSSL incorrectly handled memory in the TS_OBJ_print_bio() function. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2180)

It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay feature. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2181)

Shi Lei discovered that OpenSSL incorrectly validated division results. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2182)

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves DES from the HIGH cipher list to MEDIUM. (CVE-2016-2183)

Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. A remote attacker could use this issue to cause a denial of service. (CVE-2016-6302)

Shi Lei discovered that OpenSSL incorrectly handled memory in the MDC2_Update() function. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-6303)

Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-6306).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
6.4 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-2177
CVE CVE-2016-2178
CVE CVE-2016-2179
CVE CVE-2016-2180
CVE CVE-2016-2181
CVE CVE-2016-2182
CVE CVE-2016-2183
CVE CVE-2016-6302
CVE CVE-2016-6303
CVE CVE-2016-6304
CVE CVE-2016-6306
XREF OSVDB:139313
XREF OSVDB:139471
XREF OSVDB:142095
XREF OSVDB:143021
XREF OSVDB:143259
XREF OSVDB:143309
XREF OSVDB:143387
XREF OSVDB:143388
XREF OSVDB:143389
XREF OSVDB:143392
XREF OSVDB:144687
XREF OSVDB:144688
XREF USN:3087-1
Plugin Information:
Published: 2016/09/23, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.20
93715 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : openssl regression (USN-3087-2)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.

We apologize for the inconvenience.

Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service.
(CVE-2016-6304)

Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue has only been addressed in Ubuntu 16.04 LTS in this update.
(CVE-2016-2177)

Cesar Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL did not properly use constant-time operations when performing DSA signing. A remote attacker could possibly use this issue to perform a cache-timing attack and recover private DSA keys. (CVE-2016-2178)

Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. (CVE-2016-2179)

Shi Lei discovered that OpenSSL incorrectly handled memory in the TS_OBJ_print_bio() function. A remote attacker could possibly use this issue to cause a denial of service.
(CVE-2016-2180)

It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay feature. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2181)

Shi Lei discovered that OpenSSL incorrectly validated division results. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2182)

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks.
A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves DES from the HIGH cipher list to MEDIUM.
(CVE-2016-2183)

Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. A remote attacker could use this issue to cause a denial of service. (CVE-2016-6302)

Shi Lei discovered that OpenSSL incorrectly handled memory in the MDC2_Update() function. A remote attacker could possibly use this issue to cause a denial of service.
(CVE-2016-6303)

Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. A remote attacker could possibly use this issue to cause a denial of service.
(CVE-2016-6306).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
Plugin Information:
Published: 2016/09/26, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.21
93864 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : php5, php7.0 vulnerabilities (USN-3095-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Taoguang Chen discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7124)

Taoguang Chen discovered that PHP incorrectly handled invalid session names. A remote attacker could use this issue to inject arbitrary session data. (CVE-2016-7125)

It was discovered that PHP incorrectly handled certain gamma values in the imagegammacorrect function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7127)

It was discovered that PHP incorrectly handled certain crafted TIFF image thumbnails. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly expose sensitive information. (CVE-2016-7128)

It was discovered that PHP incorrectly handled unserializing certain wddxPacket XML documents. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7413)

It was discovered that PHP incorrectly handled certain memory operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-7133)

It was discovered that PHP incorrectly handled long strings in curl_escape calls. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-7134)

Taoguang Chen discovered that PHP incorrectly handled certain failures when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-7411)

It was discovered that PHP incorrectly handled certain flags in the MySQL driver. Malicious remote MySQL servers could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7412)

It was discovered that PHP incorrectly handled ZIP file signature verification when processing a PHAR archive. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7414)

It was discovered that PHP incorrectly handled certain locale operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7416)

It was discovered that PHP incorrectly handled SplArray unserializing.
A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-7417)

Ke Liu discovered that PHP incorrectly handled unserializing wddxPacket XML documents with incorrect boolean elements. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7418).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-7124
CVE CVE-2016-7125
CVE CVE-2016-7127
CVE CVE-2016-7128
CVE CVE-2016-7129
CVE CVE-2016-7130
CVE CVE-2016-7131
CVE CVE-2016-7132
CVE CVE-2016-7133
CVE CVE-2016-7134
CVE CVE-2016-7411
CVE CVE-2016-7412
CVE CVE-2016-7413
CVE CVE-2016-7414
CVE CVE-2016-7416
CVE CVE-2016-7417
CVE CVE-2016-7418
XREF OSVDB:143095
XREF OSVDB:143096
XREF OSVDB:143103
XREF OSVDB:143104
XREF OSVDB:143106
XREF OSVDB:143110
XREF OSVDB:143111
XREF OSVDB:143115
XREF OSVDB:143116
XREF OSVDB:143118
XREF OSVDB:144259
XREF OSVDB:144260
XREF OSVDB:144261
XREF OSVDB:144262
XREF OSVDB:144263
XREF OSVDB:144268
XREF OSVDB:144269
XREF USN:3095-1
Plugin Information:
Published: 2016/10/05, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.14
Fixed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.20

- Installed package : php5-cli_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-cli_5.5.9+dfsg-1ubuntu4.20

- Installed package : php5-curl_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-curl_5.5.9+dfsg-1ubuntu4.20

- Installed package : php5-gd_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-gd_5.5.9+dfsg-1ubuntu4.20
93954 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3098-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Vladimir Benes discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)

Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136)

Pengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash).
(CVE-2016-6480).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.3 (CVSS:3.0/E:U/RL:O/RC:R)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:UR)
References
CVE CVE-2016-6136
CVE CVE-2016-6480
CVE CVE-2016-6828
CVE CVE-2016-7039
XREF OSVDB:140971
XREF OSVDB:142610
XREF OSVDB:142992
XREF OSVDB:145388
XREF USN:3098-1
Plugin Information:
Published: 2016/10/11, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-98-generic_3.13.0-98.145
94153 - Ubuntu 14.04 LTS : linux vulnerability (USN-3105-1) (Dirty COW)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
STIG Severity
I
References
CVE CVE-2016-5195
XREF OSVDB:146061
XREF USN:3105-1
XREF IAVA:2016-A-0306
Exploitable With
CANVAS (true) Core Impact (true)
Plugin Information:
Published: 2016/10/20, Modified: 2017/01/16
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-100-generic_3.13.0-100.147
94574 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : curl vulnerabilities (USN-3123-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. (CVE-2016-7141)

Nguyen Vu Hoang discovered that curl incorrectly handled escaping certain strings. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7167)

It was discovered that curl incorrectly handled storing cookies. A remote attacker could possibly use this issue to inject cookies for arbitrary domains in the cookie jar. (CVE-2016-8615)

It was discovered that curl incorrect handled case when comparing user names and passwords. A remote attacker with knowledge of a case-insensitive version of the correct password could possibly use this issue to cause a connection to be reused. (CVE-2016-8616)

It was discovered that curl incorrect handled memory when encoding to base64. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-8617)

It was discovered that curl incorrect handled memory when preparing formatted output. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-8618)

It was discovered that curl incorrect handled memory when performing Kerberos authentication. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-8619)

Luat Nguyen discovered that curl incorrectly handled parsing globs. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-8620)

Luat Nguyen discovered that curl incorrectly handled converting dates. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service. (CVE-2016-8621)

It was discovered that curl incorrectly handled URL percent-encoding decoding. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-8622)

It was discovered that curl incorrectly handled shared cookies. A remote server could possibly obtain incorrect cookies or other sensitive information. (CVE-2016-8623)

Fernando Munoz discovered that curl incorrect parsed certain URLs. A remote attacker could possibly use this issue to trick curl into connecting to a different host. (CVE-2016-8624).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libcurl3, libcurl3-gnutls and / or libcurl3-nss packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-7141
CVE CVE-2016-7167
CVE CVE-2016-8615
CVE CVE-2016-8616
CVE CVE-2016-8617
CVE CVE-2016-8618
CVE CVE-2016-8619
CVE CVE-2016-8620
CVE CVE-2016-8621
CVE CVE-2016-8622
CVE CVE-2016-8623
CVE CVE-2016-8624
XREF OSVDB:142493
XREF OSVDB:144213
XREF OSVDB:146565
XREF OSVDB:146567
XREF OSVDB:146568
XREF OSVDB:146569
XREF OSVDB:146570
XREF OSVDB:146571
XREF OSVDB:146572
XREF OSVDB:146573
XREF OSVDB:146574
XREF OSVDB:146575
XREF USN:3123-1
Plugin Information:
Published: 2016/11/04, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libcurl3-gnutls_7.35.0-1ubuntu2.5
Fixed package : libcurl3-gnutls_7.35.0-1ubuntu2.10
94731 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3127-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the compression handling code in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service (system crash). (CVE-2014-9904)

Kirill A. Shutemov discovered that memory manager in the Linux kernel did not properly handle anonymous pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2015-3288)

Vitaly Kuznetsov discovered that the Linux kernel did not properly suppress hugetlbfs support in X86 paravirtualized guests. An attacker in the guest OS could cause a denial of service (guest system crash).
(CVE-2016-3961)

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2014-9904
CVE CVE-2015-3288
CVE CVE-2016-3961
CVE CVE-2016-7042
XREF OSVDB:137140
XREF OSVDB:140680
XREF OSVDB:142044
XREF OSVDB:145585
XREF USN:3127-1
Plugin Information:
Published: 2016/11/11, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-101-generic_3.13.0-101.148

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.101.109
94954 - Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3130-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. (CVE-2016-5542)

It was discovered that the JMX component of OpenJDK did not sufficiently perform classloader consistency checks. An attacker could use this to bypass Java sandbox restrictions. (CVE-2016-5554)

It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could use this to send debugging commands to a Java application with debugging enabled. (CVE-2016-5573)

It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An attacker could use this to bypass Java sandbox restrictions.
(CVE-2016-5582)

It was discovered that OpenJDK did not properly handle HTTP proxy authentication. An attacker could use this to expose HTTPS server authentication credentials. (CVE-2016-5597).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.6 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-5542
CVE CVE-2016-5554
CVE CVE-2016-5573
CVE CVE-2016-5582
CVE CVE-2016-5597
XREF OSVDB:145946
XREF OSVDB:145947
XREF OSVDB:145948
XREF OSVDB:145949
XREF OSVDB:145950
XREF USN:3130-1
Plugin Information:
Published: 2016/11/18, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u121-2.6.8-1ubuntu0.14.04.1

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u121-2.6.8-1ubuntu0.14.04.1

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u121-2.6.8-1ubuntu0.14.04.1
95428 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : c-ares vulnerability (USN-3143-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Gzob Qq discovered that c-ares incorrectly handled certain hostnames.
A remote attacker could use this issue to cause applications using c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libc-ares2 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-5180
XREF OSVDB:144918
XREF USN:3143-1
Plugin Information:
Published: 2016/12/01, Modified: 2016/12/05
Plugin Output

tcp/0


- Installed package : libc-ares2_1.10.0-2
Fixed package : libc-ares2_1.10.0-2ubuntu0.1
95430 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3145-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service (system crash) or possibly gain privileges. (CVE-2016-7425)

Daxing Guo discovered a stack-based buffer overflow in the Broadcom IEEE802.11n FullMAC driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain privileges. (CVE-2016-8658).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-7425
CVE CVE-2016-8658
XREF OSVDB:144411
XREF OSVDB:145586
XREF USN:3145-1
Plugin Information:
Published: 2016/12/01, Modified: 2016/12/05
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-103-generic_3.13.0-103.150

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.103.111
95566 - Ubuntu 14.04 LTS : linux vulnerability (USN-3149-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-8655
XREF OSVDB:148164
XREF USN:3149-1
Exploitable With
Core Impact (true) Metasploit (true)
Plugin Information:
Published: 2016/12/06, Modified: 2018/05/23
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-105-generic_3.13.0-105.152

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.105.113
95873 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : apport vulnerabilities (USN-3157-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Donncha O Cearbhaill discovered that the crash file parser in Apport improperly treated the CrashDB field as python code. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-9949)

Donncha O Cearbhaill discovered that Apport did not properly sanitize the Package and SourcePackage fields in crash files before processing package specific hooks. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. (CVE-2016-9950)

Donncha O Cearbhaill discovered that Apport would offer to restart an application based on the contents of the RespawnCommand or ProcCmdline fields in a crash file. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. (CVE-2016-9951).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.7 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-9949
CVE CVE-2016-9950
CVE CVE-2016-9951
XREF OSVDB:148859
XREF OSVDB:148860
XREF OSVDB:148965
XREF USN:3157-1
Exploitable With
CANVAS (true)
Plugin Information:
Published: 2016/12/15, Modified: 2017/03/21
Plugin Output

tcp/0


- Installed package : apport_2.14.1-0ubuntu3.19
Fixed package : apport_2.14.1-0ubuntu3.23

- Installed package : python3-apport_2.14.1-0ubuntu3.19
Fixed package : python3-apport_2.14.1-0ubuntu3.23
96437 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3168-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment (CS) in certain error cases. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2016-9756)

Andrey Konovalov discovered that signed integer overflows existed in the setsockopt() system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service (system crash or memory corruption). (CVE-2016-9793)

Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-9794)

Baozeng Ding discovered a double free in the netlink_dump() function in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-9806).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-9756
CVE CVE-2016-9793
CVE CVE-2016-9794
CVE CVE-2016-9806
XREF OSVDB:148132
XREF OSVDB:148137
XREF OSVDB:148388
XREF OSVDB:148409
XREF USN:3168-1
Exploitable With
Core Impact (true)
Plugin Information:
Published: 2017/01/12, Modified: 2017/09/08
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-107-generic_3.13.0-107.154

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.107.115
96445 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libvncserver vulnerabilities (USN-3171-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Josef Gajdusek discovered that the LibVNCServer client library incorrectly handled certain FrameBufferUpdate messages. If a user were tricked into connecting to a malicious server, an attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-9941, CVE-2016-9942).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libvncclient1, libvncserver0 and / or libvncserver1 packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-9941
CVE CVE-2016-9942
XREF OSVDB:149427
XREF OSVDB:149428
XREF USN:3171-1
Plugin Information:
Published: 2017/01/12, Modified: 2017/01/16
Plugin Output

tcp/0


- Installed package : libvncserver0_0.9.9+dfsg-1ubuntu1.1
Fixed package : libvncserver0_0.9.9+dfsg-1ubuntu1.2
96720 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : tomcat6, tomcat7, tomcat8 vulnerabilities (USN-3177-1) (httpoxy)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-0762)

Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5018)

It was discovered that Tomcat did not protect applications from untrusted data in the HTTP_PROXY environment variable. A remote attacker could possibly use this issue to redirect outbound traffic to an arbitrary proxy server. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5388)

It was discovered that Tomcat incorrectly controlled reading system properties. A malicious application could possibly use this to bypass Security Manager restrictions. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6794)

It was discovered that Tomcat incorrectly controlled certain configuration parameters. A malicious application could possibly use this to bypass Security Manager restrictions. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-6796)

It was discovered that Tomcat incorrectly limited access to global JNDI resources. A malicious application could use this to access any global JNDI resource without an explicit ResourceLink. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-6797)

Regis Leroy discovered that Tomcat incorrectly filtered certain invalid characters from the HTTP request line. A remote attacker could possibly use this issue to inject data into HTTP responses.
(CVE-2016-6816)

Pierre Ernst discovered that the Tomcat JmxRemoteLifecycleListener did not implement a recommended fix. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2016-8735)

It was discovered that Tomcat incorrectly handled error handling in the send file code. A remote attacker could possibly use this issue to access information from other requests. (CVE-2016-8745)

Paul Szabo discovered that the Tomcat package incorrectly handled upgrades and removals. A local attacker could possibly use this issue to obtain root privileges. (CVE-2016-9774, CVE-2016-9775).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-0762
CVE CVE-2016-5018
CVE CVE-2016-5388
CVE CVE-2016-6794
CVE CVE-2016-6796
CVE CVE-2016-6797
CVE CVE-2016-6816
CVE CVE-2016-8735
CVE CVE-2016-8745
CVE CVE-2016-9774
CVE CVE-2016-9775
XREF OSVDB:141670
XREF OSVDB:144341
XREF OSVDB:146348
XREF OSVDB:146354
XREF OSVDB:146355
XREF OSVDB:146356
XREF OSVDB:146357
XREF OSVDB:147617
XREF OSVDB:147619
XREF OSVDB:148477
XREF USN:3177-1
Plugin Information:
Published: 2017/01/24, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libtomcat7-java_7.0.52-1ubuntu0.3
Fixed package : libtomcat7-java_7.0.52-1ubuntu0.8

- Installed package : tomcat7_7.0.52-1ubuntu0.3
Fixed package : tomcat7_7.0.52-1ubuntu0.8
96927 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : openssl vulnerabilities (USN-3181-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were fixed in a previous security update.
(CVE-2016-2177)

It was discovered that OpenSSL did not properly handle Montgomery multiplication, resulting in incorrect results leading to transient failures. This issue only applied to Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7055)

It was discovered that OpenSSL did not properly use constant-time operations when performing ECDSA P-256 signing. A remote attacker could possibly use this issue to perform a timing attack and recover private ECDSA keys. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-7056)

Shi Lei discovered that OpenSSL incorrectly handled certain warning alerts. A remote attacker could possibly use this issue to cause OpenSSL to stop responding, resulting in a denial of service.
(CVE-2016-8610)

Robert Swiecki discovered that OpenSSL incorrectly handled certain truncated packets. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service.
(CVE-2017-3731)

It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery squaring procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys. This issue only applied to Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2017-3732).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2177
CVE CVE-2016-7055
CVE CVE-2016-7056
CVE CVE-2016-8610
CVE CVE-2017-3731
CVE CVE-2017-3732
XREF OSVDB:139313
XREF OSVDB:146198
XREF OSVDB:147021
XREF OSVDB:149425
XREF OSVDB:151018
XREF OSVDB:151020
XREF USN:3181-1
Plugin Information:
Published: 2017/02/01, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.22
96954 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libxpm vulnerability (USN-3185-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libXpm incorrectly handled certain XPM files.
If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could use this issue to cause libXpm to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxpm4 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-10164
XREF OSVDB:150786
XREF OSVDB:150787
XREF USN:3185-1
Plugin Information:
Published: 2017/02/02, Modified: 2017/02/27
Plugin Output

tcp/0


- Installed package : libxpm4_1:3.5.10-1
Fixed package : libxpm4_1:3.5.10-1ubuntu0.1
96978 - Ubuntu 12.04 LTS / 14.04 LTS : tomcat6, tomcat7 regression (USN-3177-2) (httpoxy)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3177-1 fixed vulnerabilities in Tomcat. The update introduced a regression in environments where Tomcat is started with a security manager. This update fixes the problem.

We apologize for the inconvenience.

It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-0762)

Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-5018)

It was discovered that Tomcat did not protect applications from untrusted data in the HTTP_PROXY environment variable.
A remote attacker could possibly use this issue to redirect outbound traffic to an arbitrary proxy server. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5388)

It was discovered that Tomcat incorrectly controlled reading system properties. A malicious application could possibly use this to bypass Security Manager restrictions. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6794)

It was discovered that Tomcat incorrectly controlled certain configuration parameters. A malicious application could possibly use this to bypass Security Manager restrictions.
This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6796)

It was discovered that Tomcat incorrectly limited access to global JNDI resources. A malicious application could use this to access any global JNDI resource without an explicit ResourceLink. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6797)

Regis Leroy discovered that Tomcat incorrectly filtered certain invalid characters from the HTTP request line. A remote attacker could possibly use this issue to inject data into HTTP responses. (CVE-2016-6816)

Pierre Ernst discovered that the Tomcat JmxRemoteLifecycleListener did not implement a recommended fix. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2016-8735)

It was discovered that Tomcat incorrectly handled error handling in the send file code. A remote attacker could possibly use this issue to access information from other requests. (CVE-2016-8745)

Paul Szabo discovered that the Tomcat package incorrectly handled upgrades and removals. A local attacker could possibly use this issue to obtain root privileges.
(CVE-2016-9774, CVE-2016-9775).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-0762
CVE CVE-2016-5018
CVE CVE-2016-5388
CVE CVE-2016-6794
CVE CVE-2016-6796
CVE CVE-2016-6797
CVE CVE-2016-6816
CVE CVE-2016-8735
CVE CVE-2016-8745
CVE CVE-2016-9774
CVE CVE-2016-9775
XREF OSVDB:141670
XREF OSVDB:144341
XREF OSVDB:146348
XREF OSVDB:146354
XREF OSVDB:146355
XREF OSVDB:146356
XREF OSVDB:146357
XREF OSVDB:147617
XREF OSVDB:147619
XREF OSVDB:148477
XREF USN:3177-2
Plugin Information:
Published: 2017/02/03, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libtomcat7-java_7.0.52-1ubuntu0.3
Fixed package : libtomcat7-java_7.0.52-1ubuntu0.9

- Installed package : tomcat7_7.0.52-1ubuntu0.3
Fixed package : tomcat7_7.0.52-1ubuntu0.9
97190 - Ubuntu 12.04 LTS / 14.04 LTS : php5 vulnerabilities (USN-3196-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that PHP incorrectly handled certain arguments to the locale_get_display_name function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-9912)

It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to hang, resulting in a denial of service. (CVE-2016-7478)

It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7479)

It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS.
(CVE-2016-9137)

It was discovered that PHP incorrectly handled unserializing certain wddxPacket XML documents. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2016-9934)

It was discovered that PHP incorrectly handled unserializing certain wddxPacket XML documents. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9935)

It was discovered that PHP incorrectly handled certain EXIF data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2016-10158)

It was discovered that PHP incorrectly handled certain PHAR archives.
A remote attacker could use this issue to cause PHP to crash or consume resources, resulting in a denial of service. (CVE-2016-10159)

It was discovered that PHP incorrectly handled certain PHAR archives.
A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-10160)

It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2016-10161).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2014-9912
CVE CVE-2016-10158
CVE CVE-2016-10159
CVE CVE-2016-10160
CVE CVE-2016-10161
CVE CVE-2016-7478
CVE CVE-2016-7479
CVE CVE-2016-9137
CVE CVE-2016-9934
CVE CVE-2016-9935
XREF OSVDB:108185
XREF OSVDB:145606
XREF OSVDB:147407
XREF OSVDB:148281
XREF OSVDB:149441
XREF OSVDB:149442
XREF OSVDB:149623
XREF OSVDB:149629
XREF OSVDB:149665
XREF OSVDB:149666
XREF USN:3196-1
Plugin Information:
Published: 2017/02/15, Modified: 2017/02/27
Plugin Output

tcp/0


- Installed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.14
Fixed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.21

- Installed package : php5-cli_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-cli_5.5.9+dfsg-1ubuntu4.21
97208 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libgc vulnerability (USN-3197-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Kuang-che Wu discovered that multiple integer overflow vulnerabilities existed in libgc. An attacker could use these to cause a denial of service (application crash) or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libgc1c2 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-9427
XREF OSVDB:147523
XREF USN:3197-1
Plugin Information:
Published: 2017/02/16, Modified: 2017/02/21
Plugin Output

tcp/0


- Installed package : libgc1c2_1:7.2d-5ubuntu2
Fixed package : libgc1c2_1:7.2d-5ubuntu2.1
97221 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : Python Crypto vulnerability (USN-3199-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the ALGnew function in block_templace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected python-crypto and / or python3-crypto packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2013-7459
XREF OSVDB:149336
XREF USN:3199-1
Plugin Information:
Published: 2017/02/17, Modified: 2017/02/28
Plugin Output

tcp/0


- Installed package : python-crypto_2.6.1-4build1
Fixed package : python-crypto_2.6.1-4ubuntu0.1
97301 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : Python Crypto regression (USN-3199-2)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit.
Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This update retains the fix for the vulnerability but issues a warning rather than throwing an exception. Code which produces this warning should be updated because future versions of the Python Cryptography Toolkit re-introduce the exception.

We apologize for the inconvenience.

It was discovered that the ALGnew function in block_template.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected python-crypto and / or python3-crypto packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2013-7459
XREF OSVDB:149336
XREF USN:3199-2
Plugin Information:
Published: 2017/02/21, Modified: 2017/02/28
Plugin Output

tcp/0


- Installed package : python-crypto_2.6.1-4build1
Fixed package : python-crypto_2.6.1-4ubuntu0.2
97302 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : spice vulnerabilities (USN-3202-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Frediano Ziglio discovered that Spice incorrectly handled certain client messages. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libspice-server1 package.
Risk Factor
High
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
6.4 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-9577
CVE CVE-2016-9578
XREF OSVDB:151470
XREF OSVDB:151473
XREF USN:3202-1
Plugin Information:
Published: 2017/02/21, Modified: 2017/02/23
Plugin Output

tcp/0


- Installed package : libspice-server1_0.12.4-0nocelt2ubuntu1.2
Fixed package : libspice-server1_0.12.4-0nocelt2ubuntu1.4
97318 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : tcpdump vulnerabilities (USN-3205-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that tcpdump incorrectly handled certain packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code.

In the default installation, attackers would be isolated by the tcpdump AppArmor profile.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected tcpdump package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-7922
CVE CVE-2016-7923
CVE CVE-2016-7924
CVE CVE-2016-7925
CVE CVE-2016-7926
CVE CVE-2016-7927
CVE CVE-2016-7928
CVE CVE-2016-7929
CVE CVE-2016-7930
CVE CVE-2016-7931
CVE CVE-2016-7932
CVE CVE-2016-7933
CVE CVE-2016-7934
CVE CVE-2016-7935
CVE CVE-2016-7936
CVE CVE-2016-7937
CVE CVE-2016-7938
CVE CVE-2016-7939
CVE CVE-2016-7940
CVE CVE-2016-7973
CVE CVE-2016-7974
CVE CVE-2016-7975
CVE CVE-2016-7983
CVE CVE-2016-7984
CVE CVE-2016-7985
CVE CVE-2016-7986
CVE CVE-2016-7992
CVE CVE-2016-7993
CVE CVE-2016-8574
CVE CVE-2016-8575
CVE CVE-2017-5202
CVE CVE-2017-5203
CVE CVE-2017-5204
CVE CVE-2017-5205
CVE CVE-2017-5341
CVE CVE-2017-5342
CVE CVE-2017-5482
CVE CVE-2017-5483
CVE CVE-2017-5484
CVE CVE-2017-5485
CVE CVE-2017-5486
XREF OSVDB:151088
XREF OSVDB:151089
XREF OSVDB:151090
XREF OSVDB:151091
XREF OSVDB:151092
XREF OSVDB:151093
XREF OSVDB:151094
XREF OSVDB:151095
XREF OSVDB:151096
XREF OSVDB:151097
XREF OSVDB:151098
XREF OSVDB:151099
XREF OSVDB:151100
XREF OSVDB:151103
XREF OSVDB:151104
XREF OSVDB:151105
XREF OSVDB:151106
XREF OSVDB:151107
XREF OSVDB:151108
XREF OSVDB:151109
XREF OSVDB:151110
XREF OSVDB:151111
XREF OSVDB:151112
XREF OSVDB:151113
XREF OSVDB:151114
XREF OSVDB:151115
XREF OSVDB:151116
XREF OSVDB:151117
XREF OSVDB:151119
XREF OSVDB:151120
XREF OSVDB:151121
XREF OSVDB:151122
XREF OSVDB:151123
XREF OSVDB:151124
XREF OSVDB:151125
XREF OSVDB:151126
XREF OSVDB:151128
XREF OSVDB:151129
XREF OSVDB:151130
XREF OSVDB:151131
XREF OSVDB:151132
XREF USN:3205-1
Plugin Information:
Published: 2017/02/22, Modified: 2017/02/24
Plugin Output

tcp/0


- Installed package : tcpdump_4.5.1-2ubuntu1.2
Fixed package : tcpdump_4.9.0-1ubuntu1~ubuntu14.04.1
97320 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3207-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2016-7910)

Dmitry Vyukov discovered a use-after-free vulnerability in the sys_ioprio_get() function in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2016-7911)

Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2017-6074).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.7 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-7910
CVE CVE-2016-7911
CVE CVE-2017-6074
XREF OSVDB:147033
XREF OSVDB:147034
XREF OSVDB:152302
XREF USN:3207-1
Exploitable With
Core Impact (true)
Plugin Information:
Published: 2017/02/22, Modified: 2017/06/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-110-generic_3.13.0-110.157

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.110.118
97434 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : tiff vulnerabilities (USN-3212-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libtiff-tools and / or libtiff5 packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.8 (CVSS:3.0/E:U/RL:O/RC:U)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:UC)
References
CVE CVE-2015-7554
CVE CVE-2015-8668
CVE CVE-2016-10092
CVE CVE-2016-10093
CVE CVE-2016-10094
CVE CVE-2016-3622
CVE CVE-2016-3623
CVE CVE-2016-3624
CVE CVE-2016-3632
CVE CVE-2016-3658
CVE CVE-2016-3945
CVE CVE-2016-3990
CVE CVE-2016-3991
CVE CVE-2016-5314
CVE CVE-2016-5315
CVE CVE-2016-5316
CVE CVE-2016-5317
CVE CVE-2016-5320
CVE CVE-2016-5321
CVE CVE-2016-5322
CVE CVE-2016-5323
CVE CVE-2016-5652
CVE CVE-2016-5875
CVE CVE-2016-6223
CVE CVE-2016-8331
CVE CVE-2016-9273
CVE CVE-2016-9297
CVE CVE-2016-9448
CVE CVE-2016-9453
CVE CVE-2016-9532
CVE CVE-2016-9533
CVE CVE-2016-9534
CVE CVE-2016-9535
CVE CVE-2016-9536
CVE CVE-2016-9537
CVE CVE-2016-9538
CVE CVE-2016-9539
CVE CVE-2016-9540
CVE CVE-2017-5225
XREF OSVDB:117693
XREF OSVDB:117750
XREF OSVDB:132278
XREF OSVDB:132279
XREF OSVDB:136741
XREF OSVDB:136836
XREF OSVDB:136837
XREF OSVDB:136838
XREF OSVDB:136839
XREF OSVDB:137083
XREF OSVDB:137084
XREF OSVDB:140006
XREF OSVDB:140007
XREF OSVDB:140008
XREF OSVDB:140009
XREF OSVDB:140016
XREF OSVDB:140117
XREF OSVDB:140118
XREF OSVDB:141537
XREF OSVDB:141540
XREF OSVDB:145021
XREF OSVDB:145022
XREF OSVDB:145023
XREF OSVDB:145728
XREF OSVDB:145751
XREF OSVDB:145752
XREF OSVDB:145753
XREF OSVDB:146185
XREF OSVDB:146273
XREF OSVDB:147159
XREF OSVDB:147303
XREF OSVDB:147314
XREF OSVDB:147758
XREF OSVDB:147779
XREF OSVDB:148165
XREF OSVDB:148170
XREF OSVDB:149138
XREF OSVDB:149991
XREF USN:3212-1
Plugin Information:
Published: 2017/02/28, Modified: 2017/06/05
Plugin Output

tcp/0


- Installed package : libtiff5_4.0.3-7ubuntu0.3
Fixed package : libtiff5_4.0.3-7ubuntu0.6
97603 - Ubuntu 14.04 LTS : linux vulnerability (USN-3219-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Alexander Popov discovered that the N_HDLC line discipline implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:F/RL:U/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.8 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2017-2636
XREF OSVDB:153186
XREF USN:3219-1
Plugin Information:
Published: 2017/03/08, Modified: 2017/08/16
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-112-generic_3.13.0-112.159

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.112.120
97721 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libevent vulnerabilities (USN-3228-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Guido Vranken discovered that libevent incorrectly handled memory when processing certain data. A remote attacker could possibly use this issue with an application that uses libevent to cause a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libevent-2.0-5 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-10195
CVE CVE-2016-10196
CVE CVE-2016-10197
XREF OSVDB:151245
XREF OSVDB:151246
XREF OSVDB:151247
XREF OSVDB:151765
XREF OSVDB:152955
XREF OSVDB:152960
XREF USN:3228-1
Plugin Information:
Published: 2017/03/14, Modified: 2017/04/10
Plugin Output

tcp/0


- Installed package : libevent-2.0-5_2.0.21-stable-1ubuntu1.14.04.1
Fixed package : libevent-2.0-5_2.0.21-stable-1ubuntu1.14.04.2
97856 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : eglibc, glibc vulnerabilities (USN-3239-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that the GNU C Library incorrectly handled the strxfrm() function. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982)

It was discovered that an integer overflow existed in the
_IO_wstr_overflow() function of the GNU C Library. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2015-8983)

It was discovered that the fnmatch() function in the GNU C Library did not properly handle certain malformed patterns. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984)

Alexander Cherepanov discovered a stack-based buffer overflow in the glob implementation of the GNU C Library. An attacker could use this to specially craft a directory layout and cause a denial of service.
(CVE-2016-1234)

Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2015-5180)

Michael Petlan discovered an unbounded stack allocation in the getaddrinfo() function of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-3706)

Aldy Hernandez discovered an unbounded stack allocation in the sunrpc implementation in the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-4429)

Tim Ruehsen discovered that the getaddrinfo() implementation in the GNU C Library did not properly track memory allocations. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-5417)

Andreas Schwab discovered that the GNU C Library on ARM 32-bit platforms did not properly set up execution contexts. An attacker could use this to cause a denial of service. (CVE-2016-6323).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libc6 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-5180
CVE CVE-2015-8982
CVE CVE-2015-8983
CVE CVE-2015-8984
CVE CVE-2016-1234
CVE CVE-2016-3706
CVE CVE-2016-4429
CVE CVE-2016-5417
CVE CVE-2016-6323
XREF OSVDB:98836
XREF OSVDB:118304
XREF OSVDB:118309
XREF OSVDB:118766
XREF OSVDB:126299
XREF OSVDB:127704
XREF OSVDB:135497
XREF OSVDB:138786
XREF OSVDB:142436
XREF OSVDB:143160
XREF USN:3239-1
Plugin Information:
Published: 2017/03/21, Modified: 2017/03/28
Plugin Output

tcp/0


- Installed package : libc6_2.19-0ubuntu6.6
Fixed package : libc6_2.19-0ubuntu6.10
97887 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : eglibc, glibc regression (USN-3239-2)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. We apologize for the inconvenience.

Please note that long-running services that were restarted to compensate for the USN-3239-1 update may need to be restarted again.

It was discovered that the GNU C Library incorrectly handled the strxfrm() function. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982)

It was discovered that an integer overflow existed in the
_IO_wstr_overflow() function of the GNU C Library. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8983)

It was discovered that the fnmatch() function in the GNU C Library did not properly handle certain malformed patterns.
An attacker could use this to cause a denial of service.
This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984)

Alexander Cherepanov discovered a stack-based buffer overflow in the glob implementation of the GNU C Library. An attacker could use this to specially craft a directory layout and cause a denial of service. (CVE-2016-1234)

Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2015-5180)

Michael Petlan discovered an unbounded stack allocation in the getaddrinfo() function of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-3706)

Aldy Hernandez discovered an unbounded stack allocation in the sunrpc implementation in the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-4429)

Tim Ruehsen discovered that the getaddrinfo() implementation in the GNU C Library did not properly track memory allocations. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-5417)

Andreas Schwab discovered that the GNU C Library on ARM 32-bit platforms did not properly set up execution contexts.
An attacker could use this to cause a denial of service.
(CVE-2016-6323).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libc6 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-5180
CVE CVE-2015-8982
CVE CVE-2015-8983
CVE CVE-2015-8984
CVE CVE-2016-1234
CVE CVE-2016-3706
CVE CVE-2016-4429
CVE CVE-2016-5417
CVE CVE-2016-6323
XREF OSVDB:98836
XREF OSVDB:118304
XREF OSVDB:118309
XREF OSVDB:118766
XREF OSVDB:126299
XREF OSVDB:127704
XREF OSVDB:135497
XREF OSVDB:138786
XREF OSVDB:142436
XREF OSVDB:143160
XREF USN:3239-2
Plugin Information:
Published: 2017/03/22, Modified: 2017/04/03
Plugin Output

tcp/0


- Installed package : libc6_2.19-0ubuntu6.6
Fixed package : libc6_2.19-0ubuntu6.11
99025 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : eject vulnerability (USN-3246-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Ilja Van Sprundel discovered that dmcrypt-get-device incorrectly checked setuid and setgid return values. A local attacker could use this issue to execute code as an administrator.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected eject package.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-6964
XREF OSVDB:154459
XREF USN:3246-1
Plugin Information:
Published: 2017/03/28, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : eject_2.1.5+deb1+cvs20081104-13.1
Fixed package : eject_2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1
99098 - Ubuntu 14.04 LTS : linux vulnerability (USN-3250-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-7184
XREF OSVDB:153853
XREF USN:3250-1
Plugin Information:
Published: 2017/03/30, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-115-generic_3.13.0-115.162

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.115.125
99197 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, linux-ti-omap4 vulnerability (USN-3256-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service (system crash).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:F/RL:X/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.8 (CVSS2#E:F/RL:ND/RC:ND)
References
CVE CVE-2017-7308
XREF OSVDB:154633
XREF USN:3256-1
Exploitable With
Core Impact (true) Metasploit (true)
Plugin Information:
Published: 2017/04/05, Modified: 2018/05/18
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-116-generic_3.13.0-116.163

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.116.126
99581 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : qemu vulnerabilities (USN-3261-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10028, CVE-2016-10029)

Li Qiang discovered that QEMU incorrectly handled the 6300esb watchdog. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-10155)

Li Qiang discovered that QEMU incorrectly handled the i.MX Fast Ethernet Controller. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-7907)

It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-8667)

It was discovered that QEMU incorrectly handled the 16550A UART device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-8669)

It was discovered that QEMU incorrectly handled the shared rings when used with Xen. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. (CVE-2016-9381)

Jann Horn discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to access files on the host file system outside of the shared directory and possibly escalate their privileges. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2016-9602)

Gerd Hoffmann discovered that QEMU incorrectly handled the Cirrus VGA device when being used with a VNC connection. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile.
(CVE-2016-9603)

It was discovered that QEMU incorrectly handled the ColdFire Fast Ethernet Controller. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-9776)

Li Qiang discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to leak contents of host memory. This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9845, CVE-2016-9908)

Li Qiang discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9846, CVE-2016-9912, CVE-2017-5552, CVE-2017-5578, CVE-2017-5857)

Li Qiang discovered that QEMU incorrectly handled the USB redirector.
An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9907)

Li Qiang discovered that QEMU incorrectly handled USB EHCI emulation.
An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-9911)

Li Qiang discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-9913, CVE-2016-9914, CVE-2016-9915, CVE-2016-9916)

Qinghao Tang, Li Qiang, and Jiangxin discovered that QEMU incorrectly handled the Cirrus VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-9921, CVE-2016-9922)

Wjjzhang and Li Qiang discovered that QEMU incorrectly handled the Cirrus VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2017-2615)

It was discovered that QEMU incorrectly handled the Cirrus VGA device.
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2017-2620)

It was discovered that QEMU incorrectly handled VNC connections. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-2633)

Li Qiang discovered that QEMU incorrectly handled the ac97 audio device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-5525)

Li Qiang discovered that QEMU incorrectly handled the es1370 audio device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-5526)

Li Qiang discovered that QEMU incorrectly handled the 16550A UART device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-5579)

Jiang Xin discovered that QEMU incorrectly handled SDHCI device emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2017-5667)

Li Qiang discovered that QEMU incorrectly handled the MegaRAID SAS device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-5856)

Li Qiang discovered that QEMU incorrectly handled the CCID Card device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-5898)

Li Qiang discovered that QEMU incorrectly handled USB xHCI controller emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2017-5973)

Jiang Xin and Wjjzhang discovered that QEMU incorrectly handled SDHCI device emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2017-5987)

Li Qiang discovered that QEMU incorrectly handled USB OHCI controller emulation. A privileged attacker inside the guest could use this issue to cause QEMU to hang, resulting in a denial of service.
(CVE-2017-6505).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVSS Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2016-10028
CVE CVE-2016-10029
CVE CVE-2016-10155
CVE CVE-2016-7907
CVE CVE-2016-8667
CVE CVE-2016-8669
CVE CVE-2016-9381
CVE CVE-2016-9602
CVE CVE-2016-9603
CVE CVE-2016-9776
CVE CVE-2016-9845
CVE CVE-2016-9846
CVE CVE-2016-9907
CVE CVE-2016-9908
CVE CVE-2016-9911
CVE CVE-2016-9912
CVE CVE-2016-9913
CVE CVE-2016-9914
CVE CVE-2016-9915
CVE CVE-2016-9916
CVE CVE-2016-9921
CVE CVE-2016-9922
CVE CVE-2017-2615
CVE CVE-2017-2620
CVE CVE-2017-2633
CVE CVE-2017-5525
CVE CVE-2017-5526
CVE CVE-2017-5552
CVE CVE-2017-5578
CVE CVE-2017-5579
CVE CVE-2017-5667
CVE CVE-2017-5856
CVE CVE-2017-5857
CVE CVE-2017-5898
CVE CVE-2017-5973
CVE CVE-2017-5987
CVE CVE-2017-6505
XREF OSVDB:145166
XREF OSVDB:145695
XREF OSVDB:145697
XREF OSVDB:147657
XREF OSVDB:148129
XREF OSVDB:148253
XREF OSVDB:148254
XREF OSVDB:148268
XREF OSVDB:148291
XREF OSVDB:148375
XREF OSVDB:148376
XREF OSVDB:148377
XREF OSVDB:148394
XREF OSVDB:149126
XREF OSVDB:149149
XREF OSVDB:150491
XREF OSVDB:150494
XREF OSVDB:150501
XREF OSVDB:150692
XREF OSVDB:150693
XREF OSVDB:150793
XREF OSVDB:150976
XREF OSVDB:151184
XREF OSVDB:151241
XREF OSVDB:151321
XREF OSVDB:151338
XREF OSVDB:151566
XREF OSVDB:151974
XREF OSVDB:152081
XREF OSVDB:152349
XREF OSVDB:152424
XREF OSVDB:153023
XREF OSVDB:153753
XREF USN:3261-1
XREF IAVB:2017-B-0024
Plugin Information:
Published: 2017/04/21, Modified: 2018/06/07
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.33
99583 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : freetype vulnerability (USN-3263-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that a heap-based buffer overflow existed in the FreeType library. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libfreetype6 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-10328
XREF OSVDB:148921
XREF USN:3263-1
Plugin Information:
Published: 2017/04/21, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libfreetype6_2.5.2-1ubuntu2.5
Fixed package : libfreetype6_2.5.2-1ubuntu2.7
99655 - Ubuntu 14.04 LTS : linux vulnerability (USN-3264-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol (SCTP) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
5.1 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.1 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.9 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-5986
XREF OSVDB:152094
XREF USN:3264-1
Plugin Information:
Published: 2017/04/25, Modified: 2017/05/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-117-generic_3.13.0-117.164

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.117.127
99723 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3269-1) (Riddle)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.55 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04 have been updated to MySQL 5.7.18.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-55.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-18.html http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618 .html.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages.
Risk Factor
High
CVSS v3.0 Base Score
7.7 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
6.4 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-3302
CVE CVE-2017-3305
CVE CVE-2017-3308
CVE CVE-2017-3309
CVE CVE-2017-3329
CVE CVE-2017-3331
CVE CVE-2017-3450
CVE CVE-2017-3453
CVE CVE-2017-3454
CVE CVE-2017-3455
CVE CVE-2017-3456
CVE CVE-2017-3457
CVE CVE-2017-3458
CVE CVE-2017-3459
CVE CVE-2017-3460
CVE CVE-2017-3461
CVE CVE-2017-3462
CVE CVE-2017-3463
CVE CVE-2017-3464
CVE CVE-2017-3465
CVE CVE-2017-3467
CVE CVE-2017-3468
CVE CVE-2017-3599
CVE CVE-2017-3600
XREF OSVDB:151210
XREF OSVDB:153996
XREF OSVDB:155874
XREF OSVDB:155875
XREF OSVDB:155876
XREF OSVDB:155877
XREF OSVDB:155878
XREF OSVDB:155879
XREF OSVDB:155880
XREF OSVDB:155881
XREF OSVDB:155884
XREF OSVDB:155886
XREF OSVDB:155887
XREF OSVDB:155888
XREF OSVDB:155889
XREF OSVDB:155890
XREF OSVDB:155891
XREF OSVDB:155892
XREF OSVDB:155893
XREF OSVDB:155894
XREF OSVDB:155895
XREF OSVDB:155896
XREF OSVDB:155897
XREF OSVDB:155902
XREF USN:3269-1
Plugin Information:
Published: 2017/04/28, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.55-0ubuntu0.14.04.1
99724 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : nss vulnerabilities (USN-3270-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key. (CVE-2016-2183)

It was discovered that NSS incorrectly handled Base64 decoding. A remote attacker could use this flaw to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2017-5461)

This update refreshes the NSS package to version 3.28.4 which includes the latest CA certificate bundle.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnss3 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.5 (CVSS:3.0/E:F/RL:X/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2183
CVE CVE-2017-5461
XREF OSVDB:143387
XREF OSVDB:143388
XREF OSVDB:155952
XREF USN:3270-1
Plugin Information:
Published: 2017/04/28, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libnss3_2:3.19.2.1-0ubuntu0.14.04.1
Fixed package : libnss3_2:3.28.4-0ubuntu0.14.04.1
99725 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : libxslt vulnerabilities (USN-3271-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString() function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash) or possible execute arbitrary code.
(CVE-2017-5029)

Nicolas Gregoire discovered that Libxslt mishandled namespace nodes.
An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash) or possibly execute arbtrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. (CVE-2016-1683)

Sebastian Apelt discovered that a use-after-error existed in the xsltDocumentFunctionLoadDocument() function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash) or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. (CVE-2016-1841)

It was discovered that a type confusion error existed in the xsltStylePreCompute() function in Libxslt. An attacker could use this to craft a malicious XML file that, when opened, caused a denial of service (application crash). This issue only affected Ubuntu 14.04 LTS and Ubuntu 12.04 LTS. (CVE-2015-7995)

Nicolas Gregoire discovered the Libxslt mishandled the 'i' and 'a'
format tokens for xsl:number data. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash). This issue only affected Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. (CVE-2016-1684)

It was discovered that the xsltFormatNumberConversion() function in Libxslt did not properly handle empty decimal separators. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash). This issue only affected Ubuntu 16.10, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. (CVE-2016-4738).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxslt1.1 package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2015-7995
CVE CVE-2016-1683
CVE CVE-2016-1684
CVE CVE-2016-1841
CVE CVE-2016-4738
CVE CVE-2017-5029
XREF OSVDB:126901
XREF OSVDB:138573
XREF OSVDB:139031
XREF OSVDB:139032
XREF OSVDB:144562
XREF OSVDB:151459
XREF USN:3271-1
Plugin Information:
Published: 2017/04/28, Modified: 2017/08/16
Plugin Output

tcp/0


- Installed package : libxslt1.1_1.1.28-2build1
Fixed package : libxslt1.1_1.1.28-2ubuntu0.1
99965 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : libreoffice vulnerabilities (USN-3273-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that LibreOffice incorrectly handled EMF image files. If a user were tricked into opening a specially crafted EMF image file, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libreoffice-core package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-10327
CVE CVE-2017-7870
XREF OSVDB:152487
XREF OSVDB:152503
XREF USN:3273-1
Plugin Information:
Published: 2017/05/03, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libreoffice-core_1:4.2.8-0ubuntu3
Fixed package : libreoffice-core_1:4.2.8-0ubuntu5.1
100101 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : freetype vulnerabilities (USN-3282-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libfreetype6 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-8105
CVE CVE-2017-8287
XREF OSVDB:156267
XREF OSVDB:156461
XREF USN:3282-1
Plugin Information:
Published: 2017/05/10, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libfreetype6_2.5.2-1ubuntu2.5
Fixed package : libfreetype6_2.5.2-1ubuntu2.8
100216 - Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3275-2)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3275-1 fixed vulnerabilities in OpenJDK 8. This update provides the corresponding updates for OpenJDK 7.

It was discovered that OpenJDK improperly re-used cached NTLM connections in some situations. A remote attacker could possibly use this to cause a Java application to perform actions with the credentials of a different user. (CVE-2017-3509)

It was discovered that an untrusted library search path flaw existed in the Java Cryptography Extension (JCE) component of OpenJDK. A local attacker could possibly use this to gain the privileges of a Java application. (CVE-2017-3511)

It was discovered that the Java API for XML Processing (JAXP) component in OpenJDK did not properly enforce size limits when parsing XML documents. An attacker could use this to cause a denial of service (processor and memory consumption). (CVE-2017-3526)

It was discovered that the FTP client implementation in OpenJDK did not properly sanitize user inputs. If a user was tricked into opening a specially crafted FTP URL, a remote attacker could use this to manipulate the FTP connection. (CVE-2017-3533)

It was discovered that OpenJDK allowed MD5 to be used as an algorithm for JAR integrity verification. An attacker could possibly use this to modify the contents of a JAR file without detection. (CVE-2017-3539)

It was discovered that the SMTP client implementation in OpenJDK did not properly sanitize sender and recipient addresses. A remote attacker could use this to specially craft email addresses and gain control of a Java application's SMTP connections. (CVE-2017-3544).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.7 (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.1 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-3509
CVE CVE-2017-3511
CVE CVE-2017-3526
CVE CVE-2017-3533
CVE CVE-2017-3539
CVE CVE-2017-3544
XREF OSVDB:152319
XREF OSVDB:155831
XREF OSVDB:155832
XREF OSVDB:155833
XREF OSVDB:155835
XREF OSVDB:155836
XREF USN:3275-2
Plugin Information:
Published: 2017/05/16, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u131-2.6.9-0ubuntu0.14.04.1

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u131-2.6.9-0ubuntu0.14.04.1

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u131-2.6.9-0ubuntu0.14.04.1
100250 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : qemu vulnerabilities (USN-3289-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Li Qiang discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2017-7377, CVE-2017-8086)

Jiangxin discovered that QEMU incorrectly handled the Cirrus VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-7718)

Li Qiang and Jiangxin discovered that QEMU incorrectly handled the Cirrus VGA device when being used with a VNC connection. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile.
(CVE-2017-7980)

Jiang Xin discovered that QEMU incorrectly handled the audio subsystem. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2017-8309)

Jiang Xin discovered that QEMU incorrectly handled the input subsystem. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04.
(CVE-2017-8379).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
References
Plugin Information:
Published: 2017/05/17, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.34
100268 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : bash vulnerabilities (USN-3294-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Bernd Dietzel discovered that Bash incorrectly expanded the hostname when displaying the prompt. If a remote attacker were able to modify a hostname, this flaw could be exploited to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-0634)

It was discovered that Bash incorrectly handled the SHELLOPTS and PS4 environment variables. A local attacker could use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7543)

It was discovered that Bash incorrectly handled the popd command. A remote attacker could possibly use this issue to bypass restricted shells. (CVE-2016-9401)

It was discovered that Bash incorrectly handled path autocompletion. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 17.04. (CVE-2017-5932).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected bash package.
Risk Factor
High
CVSS v3.0 Base Score
8.4 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-0634
CVE CVE-2016-7543
CVE CVE-2016-9401
CVE CVE-2017-5932
XREF OSVDB:144525
XREF OSVDB:144718
XREF OSVDB:147533
XREF OSVDB:151648
XREF USN:3294-1
Plugin Information:
Published: 2017/05/18, Modified: 2017/05/22
Plugin Output

tcp/0


- Installed package : bash_4.3-7ubuntu1.5
Fixed package : bash_4.3-7ubuntu1.7
100293 - Ubuntu 14.04 LTS : openjdk-7 regression (USN-3275-3)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3275-2 fixed vulnerabilities in OpenJDK 7. Unfortunately, the update introduced a regression when handling TLS handshakes. This update fixes the problem.

We apologize for the inconvenience.

It was discovered that OpenJDK improperly re-used cached NTLM connections in some situations. A remote attacker could possibly use this to cause a Java application to perform actions with the credentials of a different user. (CVE-2017-3509)

It was discovered that an untrusted library search path flaw existed in the Java Cryptography Extension (JCE) component of OpenJDK. A local attacker could possibly use this to gain the privileges of a Java application. (CVE-2017-3511)

It was discovered that the Java API for XML Processing (JAXP) component in OpenJDK did not properly enforce size limits when parsing XML documents. An attacker could use this to cause a denial of service (processor and memory consumption). (CVE-2017-3526)

It was discovered that the FTP client implementation in OpenJDK did not properly sanitize user inputs. If a user was tricked into opening a specially crafted FTP URL, a remote attacker could use this to manipulate the FTP connection.
(CVE-2017-3533)

It was discovered that OpenJDK allowed MD5 to be used as an algorithm for JAR integrity verification. An attacker could possibly use this to modify the contents of a JAR file without detection. (CVE-2017-3539)

It was discovered that the SMTP client implementation in OpenJDK did not properly sanitize sender and recipient addresses. A remote attacker could use this to specially craft email addresses and gain control of a Java application's SMTP connections. (CVE-2017-3544).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.7 (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.1 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-3509
CVE CVE-2017-3511
CVE CVE-2017-3526
CVE CVE-2017-3533
CVE CVE-2017-3539
CVE CVE-2017-3544
XREF OSVDB:152319
XREF OSVDB:155831
XREF OSVDB:155832
XREF OSVDB:155833
XREF OSVDB:155835
XREF OSVDB:155836
XREF USN:3275-3
Plugin Information:
Published: 2017/05/19, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u131-2.6.9-0ubuntu0.14.04.2

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u131-2.6.9-0ubuntu0.14.04.2

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u131-2.6.9-0ubuntu0.14.04.2
100545 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : tiff regression (USN-3212-2)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3212-1 fixed vulnerabilities in LibTIFF. Unfortunately, some of the security patches were misapplied, which caused a regression when processing certain images. This update fixes the problem.

We apologize for the inconvenience.

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libtiff-tools and / or libtiff5 packages.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
8.4 (CVSS2#E:POC/RL:U/RC:ND)
References
XREF OSVDB:117693
XREF OSVDB:117750
XREF OSVDB:132278
XREF OSVDB:132279
XREF OSVDB:136741
XREF OSVDB:136836
XREF OSVDB:136837
XREF OSVDB:136838
XREF OSVDB:136839
XREF OSVDB:137083
XREF OSVDB:137084
XREF OSVDB:140006
XREF OSVDB:140007
XREF OSVDB:140008
XREF OSVDB:140009
XREF OSVDB:141537
XREF OSVDB:141540
XREF OSVDB:145021
XREF OSVDB:145022
XREF OSVDB:145023
XREF OSVDB:145728
XREF OSVDB:145751
XREF OSVDB:145752
XREF OSVDB:145753
XREF OSVDB:146185
XREF OSVDB:147159
XREF OSVDB:147303
XREF OSVDB:147314
XREF OSVDB:147758
XREF OSVDB:147779
XREF OSVDB:148165
XREF OSVDB:148170
XREF OSVDB:149138
XREF OSVDB:149991
XREF USN:3212-2
Plugin Information:
Published: 2017/05/31, Modified: 2017/06/06
Plugin Output

tcp/0


- Installed package : libtiff5_4.0.3-7ubuntu0.3
Fixed package : libtiff5_4.0.3-7ubuntu0.7
100663 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : libnl3 vulnerability (USN-3311-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libnl incorrectly handled memory when performing certain operations. A local attacker could possibly use this issue to cause libnl to crash, resulting in a denial of service, or execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnl-3-200 package.
Risk Factor
High
CVSS v3.0 Base Score
7.0 (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.6 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-0553
XREF OSVDB:154845
XREF USN:3311-1
Plugin Information:
Published: 2017/06/07, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libnl-3-200_3.2.21-1
Fixed package : libnl-3-200_3.2.21-1ubuntu4.1
100921 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : eglibc, glibc vulnerability (USN-3323-1) (Stack Clash)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that the GNU C library did not properly handle memory when processing environment variables for setuid programs. A local attacker could use this in combination with another vulnerability to gain administrative privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libc6 package.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-1000366
XREF OSVDB:159369
XREF USN:3323-1
Plugin Information:
Published: 2017/06/20, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libc6_2.19-0ubuntu6.6
Fixed package : libc6_2.19-0ubuntu6.13
101062 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : apache2 vulnerabilities (USN-3340-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Emmanuel Dreyfus discovered that third-party modules using the ap_get_basic_auth_pw() function outside of the authentication phase may lead to authentication requirements being bypassed. This update adds a new ap_get_basic_auth_components() function for use by third-party modules. (CVE-2017-3167)

Vasileios Panopoulos discovered that the Apache mod_ssl module may crash when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. (CVE-2017-3169)

Javier Jimenez discovered that the Apache HTTP Server incorrectly handled parsing certain requests. A remote attacker could possibly use this issue to cause the Apache HTTP Server to crash, resulting in a denial of service. (CVE-2017-7668)

ChenQin and Hanno Bock discovered that the Apache mod_mime module incorrectly handled certain Content-Type response headers. A remote attacker could possibly use this issue to cause the Apache HTTP Server to crash, resulting in a denial of service. (CVE-2017-7679).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apache2-bin package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-3167
CVE CVE-2017-3169
CVE CVE-2017-7668
CVE CVE-2017-7679
XREF OSVDB:159391
XREF OSVDB:159392
XREF OSVDB:159394
XREF OSVDB:159395
XREF USN:3340-1
Plugin Information:
Published: 2017/06/27, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : apache2-bin_2.4.7-1ubuntu4.8
Fixed package : apache2-bin_2.4.7-1ubuntu4.16
101262 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : samba vulnerability (USN-3348-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Samba incorrectly handled dangling symlinks. A remote attacker could possibly use this issue to cause Samba to hang, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-9461)

In addition, this update fixes a regression introduced by USN-3267-1 that caused Samba to incorrectly handle non-wide symlinks to directories.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.7 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
6.1 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-9461
XREF OSVDB:158642
XREF USN:3348-1
Plugin Information:
Published: 2017/07/06, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.11+dfsg-0ubuntu0.14.04.9
102261 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3381-1) (Stack Clash)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information (kernel memory). (CVE-2016-8405)

It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code.
(CVE-2017-1000365)

It was discovered that SELinux in the Linux kernel did not properly handle empty writes to /proc/pid/attr. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-2618)

Shi Lei discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:F/RL:U/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.8 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2016-8405
CVE CVE-2017-1000365
CVE CVE-2017-2618
CVE CVE-2017-7482
XREF OSVDB:148187
XREF OSVDB:152205
XREF OSVDB:159368
XREF OSVDB:159816
XREF USN:3381-1
Plugin Information:
Published: 2017/08/08, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-126-generic_3.13.0-126.175

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.126.136
102416 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : php5, php7.0 vulnerabilities (USN-3382-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the PHP opcache created keys for files it cached based on their filepath. A local attacker could possibly use this issue in a shared hosting environment to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS.
(CVE-2015-8994)

It was discovered that the PHP URL parser incorrectly handled certain URI components. A remote attacker could possibly use this issue to bypass hostname-specific URL checks. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-10397)

It was discovered that PHP incorrectly handled certain boolean parameters when unserializing data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2017-11143)

Sebastian Li, Wei Lei, Xie Xiaofei, and Liu Yang discovered that PHP incorrectly handled the OpenSSL sealing function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2017-11144)

Wei Lei and Liu Yang discovered that the PHP date extension incorrectly handled memory. A remote attacker could possibly use this issue to disclose sensitive information from the server.
(CVE-2017-11145)

It was discovered that PHP incorrectly handled certain PHAR archives.
A remote attacker could use this issue to cause PHP to crash or disclose sensitive information. This issue only affected Ubuntu 14.04 LTS. (CVE-2017-11147)

It was discovered that PHP incorrectly handled locale length. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2017-11362)

Wei Lei and Liu Yang discovered that PHP incorrectly handled parsing ini files. An attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2017-11628)

It was discovered that PHP mbstring incorrectly handled certain regular expressions. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2015-8994
CVE CVE-2016-10397
CVE CVE-2017-11143
CVE CVE-2017-11144
CVE CVE-2017-11145
CVE CVE-2017-11147
CVE CVE-2017-11362
CVE CVE-2017-11628
CVE CVE-2017-9224
CVE CVE-2017-9226
CVE CVE-2017-9227
CVE CVE-2017-9228
CVE CVE-2017-9229
XREF OSVDB:145227
XREF OSVDB:149621
XREF OSVDB:152780
XREF OSVDB:157903
XREF OSVDB:157904
XREF OSVDB:158016
XREF OSVDB:158017
XREF OSVDB:158029
XREF OSVDB:160498
XREF OSVDB:160499
XREF OSVDB:160500
XREF OSVDB:160523
XREF OSVDB:160640
XREF USN:3382-1
Plugin Information:
Published: 2017/08/11, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.14
Fixed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.22

- Installed package : php5-cli_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-cli_5.5.9+dfsg-1ubuntu4.22
102422 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3386-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload (UFO) code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code.
(CVE-2017-1000112)

Andrey Konovalov discovered a race condition in AF_PACKET socket option handling code in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2017-1000111).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2017-1000111
CVE CVE-2017-1000112
XREF OSVDB:163121
XREF OSVDB:163122
XREF USN:3386-1
Exploitable With
Core Impact (true)
Plugin Information:
Published: 2017/08/11, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-128-generic_3.13.0-128.177

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.128.137
102679 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : graphite2 vulnerabilities (USN-3398-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libgraphite2-3 package.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-7771
CVE CVE-2017-7772
CVE CVE-2017-7773
CVE CVE-2017-7774
CVE CVE-2017-7775
CVE CVE-2017-7776
CVE CVE-2017-7777
CVE CVE-2017-7778
XREF OSVDB:159080
XREF OSVDB:159082
XREF OSVDB:159084
XREF OSVDB:159087
XREF OSVDB:159090
XREF OSVDB:159092
XREF OSVDB:159093
XREF OSVDB:159121
XREF USN:3398-1
Plugin Information:
Published: 2017/08/22, Modified: 2017/08/23
Plugin Output

tcp/0


- Installed package : libgraphite2-3_1.2.4-1ubuntu1
Fixed package : libgraphite2-3_1.3.10-0ubuntu0.14.04.1
102681 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : augeas vulnerability (USN-3400-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Augeas incorrectly handled certain strings. An attacker could use this issue to cause Augeas to crash, leading to a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected augeas-tools and / or libaugeas0 packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-7555
XREF OSVDB:163598
XREF USN:3400-1
Plugin Information:
Published: 2017/08/22, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libaugeas0_1.2.0-0ubuntu1.1
Fixed package : libaugeas0_1.2.0-0ubuntu1.3
102820 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3406-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that an out of bounds read vulnerability existed in the associative array implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-7914)

It was discovered that a NULL pointer dereference existed in the Direct Rendering Manager (DRM) driver for VMware devices in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-7261)

It was discovered that the USB Cypress HID drivers for the Linux kernel did not properly validate reported information from the device.
An attacker with physical access could use this to expose sensitive information (kernel memory). (CVE-2017-7273)

A reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems. (CVE-2017-7487)

Huang Weller discovered that the ext4 filesystem implementation in the Linux kernel mishandled a needs-flushing-before-commit list. A local attacker could use this to expose sensitive information.
(CVE-2017-7495)

It was discovered that an information leak existed in the set_mempolicy and mbind compat syscalls in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-7616).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-7914
CVE CVE-2017-7261
CVE CVE-2017-7273
CVE CVE-2017-7487
CVE CVE-2017-7495
CVE CVE-2017-7616
XREF OSVDB:147056
XREF OSVDB:154359
XREF OSVDB:154412
XREF OSVDB:155190
XREF OSVDB:157483
XREF OSVDB:157484
XREF USN:3406-1
Plugin Information:
Published: 2017/08/29, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-129-generic_3.13.0-129.178

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.129.138
103217 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : qemu vulnerabilities (USN-3414-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. (CVE-2017-7493)

Li Qiang discovered that QEMU incorrectly handled VMware PVSCSI emulation. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources or crash, resulting in a denial of service. (CVE-2017-8112)

It was discovered that QEMU incorrectly handled MegaRAID SAS 8708EM2 Host Bus Adapter emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly to obtain sensitive host memory. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.04. (CVE-2017-8380)

Li Qiang discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to consume resources and crash, resulting in a denial of service.
This issue only affected Ubuntu 17.04. (CVE-2017-9060)

Li Qiang discovered that QEMU incorrectly handled the e1000e device. A privileged attacker inside the guest could use this issue to cause QEMU to hang, resulting in a denial of service. This issue only affected Ubuntu 17.04. (CVE-2017-9310)

Li Qiang discovered that QEMU incorrectly handled USB OHCI emulation support. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-9330)

Li Qiang discovered that QEMU incorrectly handled IDE AHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources and crash, resulting in a denial of service. (CVE-2017-9373)

Li Qiang discovered that QEMU incorrectly handled USB EHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources and crash, resulting in a denial of service. (CVE-2017-9374)

Li Qiang discovered that QEMU incorrectly handled USB xHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to hang, resulting in a denial of service.
(CVE-2017-9375)

Zhangyanyu discovered that QEMU incorrectly handled MegaRAID SAS 8708EM2 Host Bus Adapter emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-9503)

It was discovered that the QEMU qemu-nbd server incorrectly handled initialization. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. (CVE-2017-9524)

It was discovered that the QEMU qemu-nbd server incorrectly handled signals. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. (CVE-2017-10664)

Li Qiang discovered that the QEMU USB redirector incorrectly handled logging debug messages. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2017-10806)

Anthony Perard discovered that QEMU incorrectly handled Xen block-interface responses. An attacker inside the guest could use this issue to cause QEMU to leak contents of host memory. (CVE-2017-10911)

Reno Robert discovered that QEMU incorrectly handled certain DHCP options strings. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2017-11434)

Ryan Salsamendi discovered that QEMU incorrectly handled empty CDROM device drives. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.04.
(CVE-2017-12809).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:U/RL:U/RC:C)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.4 (CVSS2#E:U/RL:U/RC:C)
References
CVE CVE-2017-10664
CVE CVE-2017-10806
CVE CVE-2017-10911
CVE CVE-2017-11434
CVE CVE-2017-12809
CVE CVE-2017-7493
CVE CVE-2017-8112
CVE CVE-2017-8380
CVE CVE-2017-9060
CVE CVE-2017-9310
CVE CVE-2017-9330
CVE CVE-2017-9373
CVE CVE-2017-9374
CVE CVE-2017-9375
CVE CVE-2017-9503
CVE CVE-2017-9524
XREF OSVDB:156391
XREF OSVDB:156846
XREF OSVDB:157675
XREF OSVDB:157875
XREF OSVDB:158279
XREF OSVDB:158337
XREF OSVDB:158596
XREF OSVDB:158663
XREF OSVDB:158729
XREF OSVDB:158730
XREF OSVDB:158862
XREF OSVDB:159516
XREF OSVDB:160002
XREF OSVDB:160567
XREF OSVDB:161463
XREF OSVDB:163833
XREF USN:3414-1
Plugin Information:
Published: 2017/09/14, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.35
103218 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : tcpdump vulnerabilities (USN-3415-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code.
(CVE-2017-11543)

Bhargava Shastry discovered a buffer overflow in the bitfield converter utility function bittok2str_internal() in tcpdump. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2017-13011)

Otto Airamo and Antti Levomaki discovered logic errors in different protocol parsers in tcpdump that could lead to an infinite loop. A remote attacker could use these to cause a denial of service (application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995, CVE-2017-12997)

Otto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz, Katie Holly, Kim Gwan Yeong, Antti Levomaki, Henri Salo, and Bhargava Shastry discovered out-of-bounds reads in muliptle protocol parsers in tcpdump. A remote attacker could use these to cause a denial of service (application crash). (CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996, CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, CVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005, CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009, CVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014, CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018, CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, CVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026, CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030, CVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034, CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, CVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046, CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050, CVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054, CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, CVE-2017-13690, CVE-2017-13725).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected tcpdump package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-11108
CVE CVE-2017-11541
CVE CVE-2017-11542
CVE CVE-2017-11543
CVE CVE-2017-12893
CVE CVE-2017-12894
CVE CVE-2017-12895
CVE CVE-2017-12896
CVE CVE-2017-12897
CVE CVE-2017-12898
CVE CVE-2017-12899
CVE CVE-2017-12900
CVE CVE-2017-12901
CVE CVE-2017-12902
CVE CVE-2017-12985
CVE CVE-2017-12986
CVE CVE-2017-12987
CVE CVE-2017-12988
CVE CVE-2017-12989
CVE CVE-2017-12990
CVE CVE-2017-12991
CVE CVE-2017-12992
CVE CVE-2017-12993
CVE CVE-2017-12994
CVE CVE-2017-12995
CVE CVE-2017-12996
CVE CVE-2017-12997
CVE CVE-2017-12998
CVE CVE-2017-12999
CVE CVE-2017-13000
CVE CVE-2017-13001
CVE CVE-2017-13002
CVE CVE-2017-13003
CVE CVE-2017-13004
CVE CVE-2017-13005
CVE CVE-2017-13006
CVE CVE-2017-13007
CVE CVE-2017-13008
CVE CVE-2017-13009
CVE CVE-2017-13010
CVE CVE-2017-13011
CVE CVE-2017-13012
CVE CVE-2017-13013
CVE CVE-2017-13014
CVE CVE-2017-13015
CVE CVE-2017-13016
CVE CVE-2017-13017
CVE CVE-2017-13018
CVE CVE-2017-13019
CVE CVE-2017-13020
CVE CVE-2017-13021
CVE CVE-2017-13022
CVE CVE-2017-13023
CVE CVE-2017-13024
CVE CVE-2017-13025
CVE CVE-2017-13026
CVE CVE-2017-13027
CVE CVE-2017-13028
CVE CVE-2017-13029
CVE CVE-2017-13030
CVE CVE-2017-13031
CVE CVE-2017-13032
CVE CVE-2017-13033
CVE CVE-2017-13034
CVE CVE-2017-13035
CVE CVE-2017-13036
CVE CVE-2017-13037
CVE CVE-2017-13038
CVE CVE-2017-13039
CVE CVE-2017-13040
CVE CVE-2017-13041
CVE CVE-2017-13042
CVE CVE-2017-13043
CVE CVE-2017-13044
CVE CVE-2017-13045
CVE CVE-2017-13046
CVE CVE-2017-13047
CVE CVE-2017-13048
CVE CVE-2017-13049
CVE CVE-2017-13050
CVE CVE-2017-13051
CVE CVE-2017-13052
CVE CVE-2017-13053
CVE CVE-2017-13054
CVE CVE-2017-13055
CVE CVE-2017-13687
CVE CVE-2017-13688
CVE CVE-2017-13689
CVE CVE-2017-13690
CVE CVE-2017-13725
XREF OSVDB:160585
XREF OSVDB:161777
XREF OSVDB:161778
XREF OSVDB:161780
XREF OSVDB:164973
XREF OSVDB:164974
XREF OSVDB:164975
XREF OSVDB:164976
XREF OSVDB:164977
XREF OSVDB:164978
XREF OSVDB:164979
XREF OSVDB:164980
XREF OSVDB:164981
XREF OSVDB:164982
XREF OSVDB:164983
XREF OSVDB:164984
XREF OSVDB:164985
XREF OSVDB:164986
XREF OSVDB:164987
XREF OSVDB:164988
XREF OSVDB:164989
XREF OSVDB:164990
XREF OSVDB:164991
XREF OSVDB:164992
XREF OSVDB:164993
XREF OSVDB:164994
XREF OSVDB:164995
XREF OSVDB:164996
XREF OSVDB:164997
XREF OSVDB:164998
XREF OSVDB:164999
XREF OSVDB:165000
XREF OSVDB:165001
XREF OSVDB:165002
XREF OSVDB:165003
XREF OSVDB:165004
XREF OSVDB:165005
XREF OSVDB:165006
XREF OSVDB:165007
XREF OSVDB:165008
XREF OSVDB:165009
XREF OSVDB:165010
XREF OSVDB:165011
XREF OSVDB:165012
XREF OSVDB:165013
XREF OSVDB:165014
XREF OSVDB:165015
XREF OSVDB:165016
XREF OSVDB:165017
XREF OSVDB:165018
XREF OSVDB:165019
XREF OSVDB:165020
XREF OSVDB:165021
XREF OSVDB:165022
XREF OSVDB:165023
XREF OSVDB:165024
XREF OSVDB:165025
XREF OSVDB:165026
XREF OSVDB:165027
XREF OSVDB:165028
XREF OSVDB:165029
XREF OSVDB:165030
XREF OSVDB:165031
XREF OSVDB:165032
XREF OSVDB:165033
XREF OSVDB:165034
XREF OSVDB:165035
XREF OSVDB:165036
XREF OSVDB:165037
XREF OSVDB:165038
XREF OSVDB:165039
XREF OSVDB:165040
XREF OSVDB:165041
XREF OSVDB:165042
XREF OSVDB:165043
XREF OSVDB:165044
XREF OSVDB:165045
XREF OSVDB:165046
XREF OSVDB:165047
XREF OSVDB:165048
XREF OSVDB:165049
XREF OSVDB:165050
XREF OSVDB:165051
XREF OSVDB:165052
XREF OSVDB:165053
XREF OSVDB:165054
XREF OSVDB:165055
XREF OSVDB:165056
XREF OSVDB:165057
XREF OSVDB:165058
XREF USN:3415-1
Plugin Information:
Published: 2017/09/14, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : tcpdump_4.5.1-2ubuntu1.2
Fixed package : tcpdump_4.9.2-0ubuntu0.14.04.1
103326 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3422-1) (BlueBorne)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses.
A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-1000251)

It was discovered that the asynchronous I/O (aio) subsystem of the Linux kernel did not properly set permissions on aio memory mappings in some situations. An attacker could use this to more easily exploit other vulnerabilities. (CVE-2016-10044)

Baozeng Ding and Andrey Konovalov discovered a race condition in the L2TPv3 IP Encapsulation implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-10200)

Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. (CVE-2016-7097)

Sergej Schumilo, Ralf Spenneberg, and Hendrik Schwartke discovered that the key management subsystem in the Linux kernel did not properly allocate memory in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-8650)

Vlad Tsyrklevich discovered an integer overflow vulnerability in the VFIO PCI driver for the Linux kernel. A local attacker with access to a vfio PCI device file could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-9083, CVE-2016-9084)

It was discovered that an information leak existed in
__get_user_asm_ex() in the Linux kernel. A local attacker could use this to expose sensitive information. (CVE-2016-9178)

CAI Qian discovered that the sysctl implementation in the Linux kernel did not properly perform reference counting in some situations. An unprivileged attacker could use this to cause a denial of service (system hang). (CVE-2016-9191)

It was discovered that the keyring implementation in the Linux kernel in some situations did not prevent special internal keyrings from being joined by userspace keyrings. A privileged local attacker could use this to bypass module verification. (CVE-2016-9604)

It was discovered that an integer overflow existed in the trace subsystem of the Linux kernel. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2016-9754)

Andrey Konovalov discovered that the IPv4 implementation in the Linux kernel did not properly handle invalid IP options in some situations.
An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2017-5970)

Dmitry Vyukov discovered that the Linux kernel did not properly handle TCP packets with the URG flag. A remote attacker could use this to cause a denial of service. (CVE-2017-6214)

It was discovered that a race condition existed in the AF_PACKET handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-6346)

It was discovered that the keyring implementation in the Linux kernel did not properly restrict searches for dead keys. A local attacker could use this to cause a denial of service (system crash).
(CVE-2017-6951)

Dmitry Vyukov discovered that the generic SCSI (sg) subsystem in the Linux kernel contained a stack-based buffer overflow. A local attacker with access to an sg device could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2017-7187)

Eric Biggers discovered a memory leak in the keyring implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory consumption). (CVE-2017-7472)

It was discovered that a buffer overflow existed in the Broadcom FullMAC WLAN driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7541).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:F/RL:U/RC:X)
CVSS Base Score
8.3 (CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.9 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2016-10044
CVE CVE-2016-10200
CVE CVE-2016-7097
CVE CVE-2016-8650
CVE CVE-2016-9083
CVE CVE-2016-9084
CVE CVE-2016-9178
CVE CVE-2016-9191
CVE CVE-2016-9604
CVE CVE-2016-9754
CVE CVE-2017-1000251
CVE CVE-2017-5970
CVE CVE-2017-6214
CVE CVE-2017-6346
CVE CVE-2017-6951
CVE CVE-2017-7187
CVE CVE-2017-7472
CVE CVE-2017-7541
XREF OSVDB:143514
XREF OSVDB:146370
XREF OSVDB:146377
XREF OSVDB:146703
XREF OSVDB:146761
XREF OSVDB:147818
XREF OSVDB:149607
XREF OSVDB:151554
XREF OSVDB:151927
XREF OSVDB:152453
XREF OSVDB:152705
XREF OSVDB:153065
XREF OSVDB:153884
XREF OSVDB:154043
XREF OSVDB:155922
XREF OSVDB:156736
XREF OSVDB:161863
XREF OSVDB:165347
XREF USN:3422-1
Plugin Information:
Published: 2017/09/19, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-132-generic_3.13.0-132.181

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.132.141
103372 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : qemu regression (USN-3414-2)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3414-1 fixed vulnerabilities in QEMU. The patch backport for CVE-2017-9375 was incomplete and caused a regression in the USB xHCI controller emulation support. This update fixes the problem.

We apologize for the inconvenience.

Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. (CVE-2017-7493)

Li Qiang discovered that QEMU incorrectly handled VMware PVSCSI emulation. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources or crash, resulting in a denial of service. (CVE-2017-8112)

It was discovered that QEMU incorrectly handled MegaRAID SAS 8708EM2 Host Bus Adapter emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly to obtain sensitive host memory. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.04. (CVE-2017-8380)

Li Qiang discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to consume resources and crash, resulting in a denial of service. This issue only affected Ubuntu 17.04. (CVE-2017-9060)

Li Qiang discovered that QEMU incorrectly handled the e1000e device. A privileged attacker inside the guest could use this issue to cause QEMU to hang, resulting in a denial of service. This issue only affected Ubuntu 17.04.
(CVE-2017-9310)

Li Qiang discovered that QEMU incorrectly handled USB OHCI emulation support. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-9330)

Li Qiang discovered that QEMU incorrectly handled IDE AHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources and crash, resulting in a denial of service. (CVE-2017-9373)

Li Qiang discovered that QEMU incorrectly handled USB EHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources and crash, resulting in a denial of service. (CVE-2017-9374)

Li Qiang discovered that QEMU incorrectly handled USB xHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to hang, resulting in a denial of service. (CVE-2017-9375)

Zhangyanyu discovered that QEMU incorrectly handled MegaRAID SAS 8708EM2 Host Bus Adapter emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-9503)

It was discovered that the QEMU qemu-nbd server incorrectly handled initialization. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. (CVE-2017-9524)

It was discovered that the QEMU qemu-nbd server incorrectly handled signals. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service.
(CVE-2017-10664)

Li Qiang discovered that the QEMU USB redirector incorrectly handled logging debug messages. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-10806)

Anthony Perard discovered that QEMU incorrectly handled Xen block-interface responses. An attacker inside the guest could use this issue to cause QEMU to leak contents of host memory. (CVE-2017-10911)

Reno Robert discovered that QEMU incorrectly handled certain DHCP options strings. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-11434)

Ryan Salsamendi discovered that QEMU incorrectly handled empty CDROM device drives. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.04. (CVE-2017-12809).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:U/RL:U/RC:C)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.4 (CVSS2#E:U/RL:U/RC:C)
References
CVE CVE-2017-10664
CVE CVE-2017-10806
CVE CVE-2017-10911
CVE CVE-2017-11434
CVE CVE-2017-12809
CVE CVE-2017-7493
CVE CVE-2017-8112
CVE CVE-2017-8380
CVE CVE-2017-9060
CVE CVE-2017-9310
CVE CVE-2017-9330
CVE CVE-2017-9373
CVE CVE-2017-9374
CVE CVE-2017-9375
CVE CVE-2017-9503
CVE CVE-2017-9524
XREF OSVDB:156391
XREF OSVDB:156846
XREF OSVDB:157675
XREF OSVDB:157875
XREF OSVDB:158279
XREF OSVDB:158337
XREF OSVDB:158596
XREF OSVDB:158663
XREF OSVDB:158729
XREF OSVDB:158730
XREF OSVDB:158862
XREF OSVDB:159516
XREF OSVDB:160002
XREF OSVDB:160567
XREF OSVDB:161463
XREF OSVDB:163833
XREF USN:3414-2
Plugin Information:
Published: 2017/09/21, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.36
103641 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : dnsmasq vulnerabilities (USN-3430-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2017-14491)

Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled IPv6 router advertisements. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-14492)

Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2017-14493)

Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. A remote attacker could use this issue to possibly obtain sensitive memory contents. (CVE-2017-14494)

Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to consume memory, resulting in a denial of service. (CVE-2017-14495)

Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service. (CVE-2017-14496).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected dnsmasq, dnsmasq-base and / or dnsmasq-utils packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
6.4 (CVSS2#E:F/RL:OF/RC:ND)
STIG Severity
I
References
CVE CVE-2017-14491
CVE CVE-2017-14492
CVE CVE-2017-14493
CVE CVE-2017-14494
CVE CVE-2017-14495
CVE CVE-2017-14496
XREF OSVDB:166534
XREF OSVDB:166535
XREF OSVDB:166536
XREF OSVDB:166545
XREF OSVDB:166546
XREF OSVDB:166547
XREF USN:3430-1
XREF IAVA:2017-A-0284
Plugin Information:
Published: 2017/10/03, Modified: 2018/01/31
Plugin Output

tcp/0


- Installed package : dnsmasq_2.68-1ubuntu0.1
Fixed package : dnsmasq_2.68-1ubuntu0.2

- Installed package : dnsmasq-base_2.68-1ubuntu0.1
Fixed package : dnsmasq-base_2.68-1ubuntu0.2
103642 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : nss vulnerability (USN-3431-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Martin Thomson discovered that NSS incorrectly generated handshake hashes. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnss3 package.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-7805
XREF OSVDB:166332
XREF USN:3431-1
Plugin Information:
Published: 2017/10/03, Modified: 2017/11/16
Plugin Output

tcp/0


- Installed package : libnss3_2:3.19.2.1-0ubuntu0.14.04.1
Fixed package : libnss3_2:3.28.4-0ubuntu0.14.04.3
103643 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : ca-certificates update (USN-3432-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20170717 package.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected ca-certificates package.
Risk Factor
High
References
XREF OSVDB:14462
XREF USN:3432-1
Plugin Information:
Published: 2017/10/03, Modified: 2017/11/06
Plugin Output

tcp/0


- Installed package : ca-certificates_20141019ubuntu0.14.04.1
Fixed package : ca-certificates_20170717~14.04.1
103691 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : git vulnerability (USN-3438-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Git incorrectly handled certain subcommands such as cvsserver. A remote attacker could possibly use this issue via shell metacharacters in modules names to execute arbitrary code.

This update also removes the cvsserver subcommand from git-shell by default.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected git package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-14867
XREF OSVDB:166173
XREF USN:3438-1
Plugin Information:
Published: 2017/10/06, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : git_1:1.9.1-1ubuntu0.1
Fixed package : git_1:1.9.1-1ubuntu0.7
104119 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : icu vulnerability (USN-3458-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that ICU incorrectly handled certain inputs. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libicu52, libicu55 and / or libicu57 packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-14952
XREF OSVDB:167413
XREF USN:3458-1
Plugin Information:
Published: 2017/10/24, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libicu52_52.1-3ubuntu0.4
Fixed package : libicu52_52.1-3ubuntu0.7
104211 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : wget vulnerabilities (USN-3464-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Antti Levomaki, Christian Jalio, and Joonas Pihlaja discovered that Wget incorrectly handled certain HTTP responses. A remote attacker could use this issue to cause Wget to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-13089, CVE-2017-13090)

Dawid Golunski discovered that Wget incorrectly handled recursive or mirroring mode. A remote attacker could possibly use this issue to bypass intended access list restrictions. (CVE-2016-7098)

Orange Tsai discovered that Wget incorrectly handled CRLF sequences in HTTP headers. A remote attacker could possibly use this issue to inject arbitrary HTTP headers. (CVE-2017-6508).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected wget package.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.1 (CVSS:3.0/E:U/RL:U/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-7098
CVE CVE-2017-13089
CVE CVE-2017-13090
CVE CVE-2017-6508
XREF OSVDB:143721
XREF OSVDB:153078
XREF OSVDB:168133
XREF OSVDB:168134
XREF USN:3464-1
Plugin Information:
Published: 2017/10/27, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : wget_1.15-1ubuntu1.14.04.1
Fixed package : wget_1.15-1ubuntu1.14.04.3
104625 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : apport vulnerabilities (USN-3480-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local attacker could use this issue to perform a denial of service via resource exhaustion or possibly gain root privileges. (CVE-2017-14177)

Sander Bos discovered that Apport incorrectly handled core dumps for processes in a different PID namespace. A local attacker could use this issue to perform a denial of service via resource exhaustion or possibly gain root privileges. (CVE-2017-14180).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apport package.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-14177
CVE CVE-2017-14180
XREF OSVDB:169441
XREF OSVDB:169442
XREF OSVDB:169443
XREF USN:3480-1
Plugin Information:
Published: 2017/11/16, Modified: 2018/02/20
Plugin Output

tcp/0


- Installed package : apport_2.14.1-0ubuntu3.19
Fixed package : apport_2.14.1-0ubuntu3.27
104736 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : samba vulnerabilities (USN-3486-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when processing certain SMB1 requests. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2017-14746)

Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2017-15275).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-14746
CVE CVE-2017-15275
XREF OSVDB:169664
XREF OSVDB:169665
XREF USN:3486-1
Plugin Information:
Published: 2017/11/22, Modified: 2018/03/16
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.11+dfsg-0ubuntu0.14.04.13
104844 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : python2.7 vulnerability (USN-3496-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected python2.7 and / or python2.7-minimal packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-1000158
XREF OSVDB:158873
XREF OSVDB:159287
XREF OSVDB:161923
XREF OSVDB:167351
XREF OSVDB:167352
XREF OSVDB:170014
XREF OSVDB:170015
XREF USN:3496-1
Plugin Information:
Published: 2017/11/29, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : python2.7_2.7.6-8ubuntu0.2
Fixed package : python2.7_2.7.6-8ubuntu0.4

- Installed package : python2.7-minimal_2.7.6-8ubuntu0.2
Fixed package : python2.7-minimal_2.7.6-8ubuntu0.4
104845 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : python3.4, python3.5 vulnerability (USN-3496-3)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3496-1 fixed a vulnerability in Python2.7. This update provides the corresponding update for versions 3.4 and 3.5.

It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-1000158
XREF OSVDB:159287
XREF OSVDB:161923
XREF OSVDB:167351
XREF OSVDB:167352
XREF OSVDB:170014
XREF OSVDB:170015
XREF USN:3496-3
Plugin Information:
Published: 2017/11/29, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : python3.4_3.4.3-1ubuntu1~14.04.3
Fixed package : python3.4_3.4.3-1ubuntu1~14.04.6

- Installed package : python3.4-minimal_3.4.3-1ubuntu1~14.04.3
Fixed package : python3.4-minimal_3.4.3-1ubuntu1~14.04.6
104881 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : curl vulnerabilities (USN-3498-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Alex Nichols discovered that curl incorrectly handled NTLM authentication credentials. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10. (CVE-2017-8816)

It was discovered that curl incorrectly handled FTP wildcard matching.
A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2017-8817).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-8816
CVE CVE-2017-8817
XREF OSVDB:159287
XREF OSVDB:161923
XREF OSVDB:167351
XREF OSVDB:167352
XREF OSVDB:170014
XREF OSVDB:170015
XREF USN:3498-1
Plugin Information:
Published: 2017/11/30, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libcurl3-gnutls_7.35.0-1ubuntu2.5
Fixed package : libcurl3-gnutls_7.35.0-1ubuntu2.13
105099 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : rsync vulnerabilities (USN-3506-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that rsync proceeds with certain file metadata updates before checking for a filename. An attacker could use this to bypass access restrictions. (CVE-2017-17433)

It was discovered that rsync does not check for fnamecmp filenames and also does not apply the sanitize_paths protection mechanism to pathnames. An attacker could use this to bypass access restrictions.
(CVE-2017-17434).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected rsync package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-17433
CVE CVE-2017-17434
XREF OSVDB:170369
XREF OSVDB:170370
XREF USN:3506-1
Plugin Information:
Published: 2017/12/08, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : rsync_3.1.0-2ubuntu0.1
Fixed package : rsync_3.1.0-2ubuntu0.3
105106 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3510-1) (Dirty COW)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939)

It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service (application crashes) or possibly gain administrative privileges. (CVE-2017-1000405).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-1000405
CVE CVE-2017-16939
XREF OSVDB:169848
XREF OSVDB:170059
XREF USN:3510-1
Plugin Information:
Published: 2017/12/08, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-137-generic_3.13.0-137.186

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.137.146
105254 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxml2 vulnerability (USN-3513-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that libxml2 incorrecty handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-15412
XREF OSVDB:170409
XREF USN:3513-1
Plugin Information:
Published: 2017/12/14, Modified: 2018/01/04
Plugin Output

tcp/0


- Installed package : libxml2_2.9.1+dfsg1-3ubuntu4.5
Fixed package : libxml2_2.9.1+dfsg1-3ubuntu4.12

- Installed package : libxml2-utils_2.9.1+dfsg1-3ubuntu4.5
Fixed package : libxml2-utils_2.9.1+dfsg1-3ubuntu4.12
106134 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : eglibc, glibc vulnerabilities (USN-3534-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd(2) syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges.
(CVE-2018-1000001)

A memory leak was discovered in the _dl_init_paths() function in the GNU C library dynamic loader. A local attacker could potentially exploit this with a specially crafted value in the LD_HWCAP_MASK environment variable, in combination with CVE-2017-1000409 and another vulnerability on a system with hardlink protections disabled, in order to gain administrative privileges. (CVE-2017-1000408)

A heap-based buffer overflow was discovered in the _dl_init_paths() function in the GNU C library dynamic loader. A local attacker could potentially exploit this with a specially crafted value in the LD_LIBRARY_PATH environment variable, in combination with CVE-2017-1000408 and another vulnerability on a system with hardlink protections disabled, in order to gain administrative privileges.
(CVE-2017-1000409)

An off-by-one error leading to a heap-based buffer overflow was discovered in the GNU C library glob() implementation. An attacker could potentially exploit this to cause a denial of service or execute arbitrary code via a maliciously crafted pattern. (CVE-2017-15670)

A heap-based buffer overflow was discovered during unescaping of user names with the ~ operator in the GNU C library glob() implementation.
An attacker could potentially exploit this to cause a denial of service or execute arbitrary code via a maliciously crafted pattern.
(CVE-2017-15804)

It was discovered that the GNU C library dynamic loader mishandles RPATH and RUNPATH containing $ORIGIN for privileged (setuid or AT_SECURE) programs. A local attacker could potentially exploit this by providing a specially crafted library in the current working directory in order to gain administrative privileges. (CVE-2017-16997)

It was discovered that the GNU C library malloc() implementation could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, resulting in a heap-based overflow. An attacker could potentially exploit this to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 17.10. (CVE-2017-17426).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libc6 package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-1000408
CVE CVE-2017-1000409
CVE CVE-2017-15670
CVE CVE-2017-15804
CVE CVE-2017-16997
CVE CVE-2017-17426
CVE CVE-2018-1000001
XREF OSVDB:167863
XREF OSVDB:167945
XREF OSVDB:170530
XREF OSVDB:170642
XREF OSVDB:170643
XREF OSVDB:171058
XREF OSVDB:172726
XREF USN:3534-1
Exploitable With
Metasploit (true)
Plugin Information:
Published: 2018/01/18, Modified: 2018/06/13
Plugin Output

tcp/0


- Installed package : libc6_2.19-0ubuntu6.6
Fixed package : libc6_2.19-0ubuntu6.14
106265 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3537-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.59 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.21.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-59.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-21.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628 .html.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2018-2562
CVE CVE-2018-2565
CVE CVE-2018-2573
CVE CVE-2018-2576
CVE CVE-2018-2583
CVE CVE-2018-2586
CVE CVE-2018-2590
CVE CVE-2018-2600
CVE CVE-2018-2612
CVE CVE-2018-2622
CVE CVE-2018-2640
CVE CVE-2018-2645
CVE CVE-2018-2646
CVE CVE-2018-2647
CVE CVE-2018-2665
CVE CVE-2018-2667
CVE CVE-2018-2668
CVE CVE-2018-2696
CVE CVE-2018-2703
XREF OSVDB:172901
XREF OSVDB:172902
XREF OSVDB:172903
XREF OSVDB:172904
XREF OSVDB:172905
XREF OSVDB:172906
XREF OSVDB:172925
XREF OSVDB:172926
XREF OSVDB:172927
XREF OSVDB:172928
XREF OSVDB:172929
XREF OSVDB:172930
XREF OSVDB:172931
XREF OSVDB:172932
XREF OSVDB:172933
XREF OSVDB:172934
XREF OSVDB:172935
XREF OSVDB:172936
XREF OSVDB:172937
XREF USN:3537-1
Plugin Information:
Published: 2018/01/23, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.59-0ubuntu0.14.04.1
106295 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : rsync vulnerabilities (USN-3543-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that rsync incorrectly handled certain data input.
An attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2017-16548)

It was discovered that rsync incorrectly parsed certain arguments. An attacker could possibly use this to bypass arguments and execute arbitrary code. (CVE-2018-5764).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected rsync package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-16548
CVE CVE-2018-5764
XREF OSVDB:168632
XREF OSVDB:173041
XREF USN:3543-1
Plugin Information:
Published: 2018/01/24, Modified: 2018/01/31
Plugin Output

tcp/0


- Installed package : rsync_3.1.0-2ubuntu0.1
Fixed package : rsync_3.1.0-2ubuntu0.4
106791 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : exim4 vulnerability (USN-3565-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Meh Chang discovered that Exim incorrectly handled memory in certain decoding operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected exim4-daemon-heavy and / or exim4-daemon-light packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2018-6789
XREF OSVDB:174213
XREF USN:3565-1
Plugin Information:
Published: 2018/02/13, Modified: 2018/03/12
Plugin Output

tcp/0


- Installed package : exim4-daemon-light_4.82-3ubuntu2
Fixed package : exim4-daemon-light_4.82-3ubuntu2.4
106792 - Ubuntu 14.04 LTS : php5 vulnerabilities (USN-3566-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks. (CVE-2018-5712)

It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-12933)

It was discovered that PHP incorrectly handled 'front of' and 'back of' date directives. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2017-16642).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
STIG Severity
I
References
CVE CVE-2017-12933
CVE CVE-2017-16642
CVE CVE-2018-5712
XREF OSVDB:160497
XREF OSVDB:168298
XREF OSVDB:171738
XREF USN:3566-1
XREF IAVB:2018-B-0058
Plugin Information:
Published: 2018/02/13, Modified: 2018/05/04
Plugin Output

tcp/0


- Installed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.14
Fixed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.23

- Installed package : php5-cli_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-cli_5.5.9+dfsg-1ubuntu4.23
106816 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvorbis vulnerabilities (USN-3569-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libvorbis incorrectly handled certain sound files. An attacker could possibly use this to execute arbitrary code.
(CVE-2017-14632)

It was discovered that libvorbis incorrectly handled certain sound files. An attacker could use this to cause a denial of service.
(CVE-2017-14633).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libvorbis0a package.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.7 (CVSS2#E:U/RL:U/RC:UC)
References
CVE CVE-2017-14632
CVE CVE-2017-14633
XREF OSVDB:165852
XREF OSVDB:165957
XREF USN:3569-1
Plugin Information:
Published: 2018/02/14, Modified: 2018/02/16
Plugin Output

tcp/0


- Installed package : libvorbis0a_1.3.2-1.3ubuntu1
Fixed package : libvorbis0a_1.3.2-1.3ubuntu1.1
106927 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : qemu vulnerabilities (USN-3575-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-11334)

David Buchanan discovered that QEMU incorrectly handled the VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 17.10. (CVE-2017-13672)

Thomas Garnier discovered that QEMU incorrectly handled multiboot. An attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-14167)

Tuomas Tynkkynen discovered that QEMU incorrectly handled VirtFS directory sharing. An attacker could use this issue to obtain sensitive information from host memory. (CVE-2017-15038)

Eric Blake discovered that QEMU incorrectly handled memory in the NBD server. An attacker could use this issue to cause the NBD server to crash, resulting in a denial of service. This issue only affected Ubuntu 17.10. (CVE-2017-15118)

Eric Blake discovered that QEMU incorrectly handled certain options to the NBD server. An attacker could use this issue to cause the NBD server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15119)

Daniel Berrange discovered that QEMU incorrectly handled the VNC server. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. This issue was only addressed in Ubuntu 17.10. (CVE-2017-15124)

Carl Brassey discovered that QEMU incorrectly handled certain websockets. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. This issue only affected Ubuntu 17.10. (CVE-2017-15268)

Guoxiang Niu discovered that QEMU incorrectly handled the Cirrus VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2017-15289)

Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2017-16845)

It was discovered that QEMU incorrectly handled the Virtio Vring implementation. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2017-17381)

Eric Blake discovered that QEMU incorrectly handled certain rounding operations. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-18043)

Jiang Xin and Lin ZheCheng discovered that QEMU incorrectly handled the VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2018-5683).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-11334
CVE CVE-2017-13672
CVE CVE-2017-14167
CVE CVE-2017-15038
CVE CVE-2017-15118
CVE CVE-2017-15119
CVE CVE-2017-15124
CVE CVE-2017-15268
CVE CVE-2017-15289
CVE CVE-2017-16845
CVE CVE-2017-17381
CVE CVE-2017-18043
CVE CVE-2018-5683
XREF OSVDB:161116
XREF OSVDB:164396
XREF OSVDB:164831
XREF OSVDB:166840
XREF OSVDB:167185
XREF OSVDB:167245
XREF OSVDB:169486
XREF OSVDB:169995
XREF OSVDB:169996
XREF OSVDB:170323
XREF OSVDB:171175
XREF OSVDB:172756
XREF OSVDB:173107
XREF USN:3575-1
Plugin Information:
Published: 2018/02/21, Modified: 2018/02/23
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.39
107117 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : isc-dhcp vulnerabilities (USN-3586-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Konstantin Orekhov discovered that the DHCP server incorrectly handled a large number of concurrent TCP sessions. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-2774)

It was discovered that the DHCP server incorrectly handled socket descriptors. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2017-3144)

Felix Wilhelm discovered that the DHCP client incorrectly handled certain malformed responses. A remote attacker could use this issue to cause the DHCP client to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the dhclient AppArmor profile.
(CVE-2018-5732)

Felix Wilhelm discovered that the DHCP server incorrectly handled reference counting. A remote attacker could possibly use this issue to cause the DHCP server to crash, resulting in a denial of service.
(CVE-2018-5733).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
7.1 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
STIG Severity
I
References
CVE CVE-2016-2774
CVE CVE-2017-3144
CVE CVE-2018-5732
CVE CVE-2018-5733
XREF USN:3586-1
XREF IAVB:2018-B-0034
Plugin Information:
Published: 2018/03/02
Plugin Output

tcp/0


- Installed package : isc-dhcp-client_4.2.4-7ubuntu12.8
Fixed package : isc-dhcp-client_4.2.4-7ubuntu12.12

- Installed package : isc-dhcp-server_4.2.4-7ubuntu12.8
Fixed package : isc-dhcp-server_4.2.4-7ubuntu12.12
107146 - Ubuntu 14.04 LTS / 16.04 LTS : twisted vulnerability (USN-3585-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Twisted incorrectly handled certain HTTP requests. An attacker could possibly use this issue to execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
References
CVE CVE-2016-1000111
XREF USN:3585-1
Plugin Information:
Published: 2018/03/06
Plugin Output

tcp/0


- Installed package : python-twisted-bin_13.2.0-1ubuntu1
Fixed package : python-twisted-bin_13.2.0-1ubuntu1.2
108403 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : curl vulnerabilities (USN-3598-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Phan Thanh discovered that curl incorrectly handled certain FTP paths.
An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2018-1000120)

Dario Weisser discovered that curl incorrectly handled certain LDAP URLs. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-1000121)

Max Dymond discovered that curl incorrectly handled certain RTSP data.
An attacker could possibly use this to cause a denial of service or even to get access to sensitive data. (CVE-2018-1000122).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
References
CVE CVE-2018-1000120
CVE CVE-2018-1000121
CVE CVE-2018-1000122
XREF USN:3598-1
Plugin Information:
Published: 2018/03/16, Modified: 2018/04/10
Plugin Output

tcp/0


- Installed package : curl_7.35.0-1ubuntu2.14
Fixed package : curl_7.35.0-1ubuntu2.15

- Installed package : libcurl3_7.35.0-1ubuntu2.14
Fixed package : libcurl3_7.35.0-1ubuntu2.15

- Installed package : libcurl3-gnutls_7.35.0-1ubuntu2.5
Fixed package : libcurl3-gnutls_7.35.0-1ubuntu2.15
108483 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : php5, php7.0, php7.1 vulnerabilities (USN-3600-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that PHP incorrectly handled certain stream metadata. A remote attacker could possibly use this issue to set arbitrary metadata. This issue only affected Ubuntu 14.04 LTS.
(CVE-2016-10712)

It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2018-5712)

It was discovered that PHP incorrectly handled parsing certain HTTP responses. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-7584).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
STIG Severity
I
References
CVE CVE-2016-10712
CVE CVE-2018-5712
CVE CVE-2018-7584
XREF USN:3600-1
XREF IAVB:2018-B-0058
Plugin Information:
Published: 2018/03/20, Modified: 2018/05/04
Plugin Output

tcp/0


- Installed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.14
Fixed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.24

- Installed package : php5-cli_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-cli_5.5.9+dfsg-1ubuntu4.24
108582 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvorbis vulnerability (USN-3604-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Richard Zhu discovered that libvorbis incorrectly handled certain sound files. An attacker could use this to cause libvorbis to crash, resulting in a denial or service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libvorbis0a package.
Risk Factor
High
References
CVE CVE-2018-5146
XREF USN:3604-1
Plugin Information:
Published: 2018/03/23, Modified: 2018/05/17
Plugin Output

tcp/0


- Installed package : libvorbis0a_1.3.2-1.3ubuntu1
Fixed package : libvorbis0a_1.3.2-1.3ubuntu1.2
108657 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : tiff vulnerabilities (USN-3606-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libtiff-tools and / or libtiff5 packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
References
Plugin Information:
Published: 2018/03/27, Modified: 2018/03/27
Plugin Output

tcp/0


- Installed package : libtiff5_4.0.3-7ubuntu0.3
Fixed package : libtiff5_4.0.3-7ubuntu0.9
108708 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : icu vulnerability (USN-3610-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that ICU incorrectly handled certain calendars. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash, leading to a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libicu52, libicu55 and / or libicu57 packages.
Risk Factor
High
References
CVE CVE-2017-15422
XREF USN:3610-1
Plugin Information:
Published: 2018/03/29, Modified: 2018/03/29
Plugin Output

tcp/0


- Installed package : libicu52_52.1-3ubuntu0.4
Fixed package : libicu52_52.1-3ubuntu0.8
108841 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvncserver vulnerability (USN-3618-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that LibVNCServer incorrectly handled certain packet lengths. A remote attacker able to connect to a LibVNCServer could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libvncclient1, libvncserver0 and / or libvncserver1 packages.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
References
CVE CVE-2018-7225
XREF USN:3618-1
Plugin Information:
Published: 2018/04/05, Modified: 2018/04/05
Plugin Output

tcp/0


- Installed package : libvncserver0_0.9.9+dfsg-1ubuntu1.1
Fixed package : libvncserver0_0.9.9+dfsg-1ubuntu1.3
108951 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : ubuntu-release-upgrader vulnerability (USN-3623-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that ubuntu-release-upgrader did not correctly drop permissions before opening a browser to view the release notes. This update fixes the issue.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected python3-distupgrade package.
Risk Factor
High
References
XREF USN:3623-1
Plugin Information:
Published: 2018/04/10, Modified: 2018/04/10
Plugin Output

tcp/0


- Installed package : python3-distupgrade_1:0.220.8
Fixed package : python3-distupgrade_1:0.220.10
109086 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : perl vulnerabilities (USN-3625-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-8853)

It was discovered that Perl incorrectly loaded libraries from the current working directory. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6185)

It was discovered that Perl incorrectly handled the rmtree and remove_tree functions. A local attacker could possibly use this issue to set the mode on arbitrary files. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-6512)

Brian Carpenter discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue has only been addressed in Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2018-6797)

Nguyen Duc Manh discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2018-6798)

GwanYeong Kim discovered that Perl incorrectly handled certain data when using the pack function. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-6913).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected perl package.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
References
Plugin Information:
Published: 2018/04/17, Modified: 2018/05/23
Plugin Output

tcp/0


- Installed package : perl_5.18.2-2ubuntu1
Fixed package : perl_5.18.2-2ubuntu1.4
109650 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : linux, linux-aws, linux-azure, linux-euclid, linux-gcp, linux-hwe, (USN-3641-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service (system crash).
This issue only affected the amd64 architecture. (CVE-2018-8897)

Andy Lutomirski discovered that the KVM subsystem of the Linux kernel did not properly emulate the ICEBP instruction following a MOV/POP to SS instruction. A local attacker in a KVM virtual machine could use this to cause a denial of service (guest VM crash) or possibly escalate privileges inside of the virtual machine. This issue only affected the i386 and amd64 architectures. (CVE-2018-1087)

Andy Lutomirski discovered that the Linux kernel did not properly perform error handling on virtualized debug registers. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-1000199).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
References
CVE CVE-2018-1000199
CVE CVE-2018-1087
CVE CVE-2018-8897
XREF USN:3641-1
Plugin Information:
Published: 2018/05/09, Modified: 2018/06/21
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-147-generic_3.13.0-147.196

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.147.157
109893 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : curl vulnerabilities (USN-3648-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Dario Weisser discovered that curl incorrectly handled long FTP server command replies. If a user or automated system were tricked into connecting to a malicious FTP server, a remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. (CVE-2018-1000300)

Max Dymond discovered that curl incorrectly handled certain RTSP responses. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2018-1000301).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
References
CVE CVE-2018-1000300
CVE CVE-2018-1000301
CVE CVE-2018-1000303
XREF USN:3648-1
Plugin Information:
Published: 2018/05/17, Modified: 2018/05/17
Plugin Output

tcp/0


- Installed package : curl_7.35.0-1ubuntu2.14
Fixed package : curl_7.35.0-1ubuntu2.16

- Installed package : libcurl3_7.35.0-1ubuntu2.14
Fixed package : libcurl3_7.35.0-1ubuntu2.16

- Installed package : libcurl3-gnutls_7.35.0-1ubuntu2.5
Fixed package : libcurl3-gnutls_7.35.0-1ubuntu2.16
109894 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : qemu vulnerabilities (USN-3649-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS.
(CVE-2017-16845)

Cyrille Chatras discovered that QEMU incorrectly handled multiboot. An attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2018-7550)

Ross Lagerwall discovered that QEMU incorrectly handled the Cirrus VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. (CVE-2018-7858).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
References
CVE CVE-2017-16845
CVE CVE-2018-7550
CVE CVE-2018-7858
XREF USN:3649-1
Plugin Information:
Published: 2018/05/17, Modified: 2018/05/17
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.41
110050 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3655-1) (Spectre)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2018-3639)

Jan H. Schonherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could use this to cause a denial of service (host crash) or possibly gain administrative privileges in the host. (CVE-2017-12134)

It was discovered that the Bluetooth HIP Protocol implementation in the Linux kernel did not properly validate HID connection setup information. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-13220)

It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory).
(CVE-2017-13305)

It was discovered that the netlink subsystem in the Linux kernel did not properly restrict observations of netlink messages to the appropriate net namespace. A local attacker could use this to expose sensitive information (kernel netlink traffic). (CVE-2017-17449)

It was discovered that a race condition existed in the i8042 serial device driver implementation in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-18079)

It was discovered that a race condition existed in the Device Mapper component of the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-18203)

It was discovered that a race condition existed in the OCFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2017-18204)

It was discovered that an infinite loop could occur in the madvise(2) implementation in the Linux kernel in certain circumstances. A local attacker could use this to cause a denial of service (system hang).
(CVE-2017-18208)

Kefeng Wang discovered that a race condition existed in the memory locking implementation in the Linux kernel. A local attacker could use this to cause a denial of service. (CVE-2017-18221)

Silvio Cesare discovered a buffer overwrite existed in the NCPFS implementation in the Linux kernel. A remote attacker controlling a malicious NCPFS server could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-8822).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
References
Plugin Information:
Published: 2018/05/23, Modified: 2018/05/29
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-149-generic_3.13.0-149.199

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.149.159
110094 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : procps vulnerabilities (USN-3658-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges.
(CVE-2018-1122)

It was discovered that the procps-ng ps tool incorrectly handled memory. A local user could possibly use this issue to cause a denial of service. (CVE-2018-1123)

It was discovered that libprocps incorrectly handled the file2strvec() function. A local attacker could possibly use this to execute arbitrary code. (CVE-2018-1124)

It was discovered that the procps-ng pgrep utility incorrectly handled memory. A local attacker could possibly use this issue to cause de denial of service. (CVE-2018-1125)

It was discovered that procps-ng incorrectly handled memory. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2018-1126).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
STIG Severity
II
References
CVE CVE-2018-1122
CVE CVE-2018-1123
CVE CVE-2018-1124
CVE CVE-2018-1125
CVE CVE-2018-1126
XREF USN:3658-1
XREF IAVA:2018-A-0174
Plugin Information:
Published: 2018/05/24, Modified: 2018/06/07
Plugin Output

tcp/0


- Installed package : libprocps3_1:3.3.9-1ubuntu2.2
Fixed package : libprocps3_1:3.3.9-1ubuntu2.3

- Installed package : procps_1:3.3.9-1ubuntu2.2
Fixed package : procps_1:3.3.9-1ubuntu2.3
110264 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : tomcat7, tomcat8 vulnerabilities (USN-3665-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10.
(CVE-2017-12616, CVE-2017-12617)

It was discovered that Tomcat contained incorrect documentation regarding description of the search algorithm used by the CGI Servlet to identify which script to execute. This issue only affected Ubuntu 17.10. (CVE-2017-15706)

It was discovered that Tomcat incorrectly handled en empty string URL pattern in security constraint definitions. A remote attacker could possibly use this issue to gain access to web application resources, contrary to expectations. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2018-1304)

It was discovered that Tomcat incorrectly handled applying certain security constraints. A remote attacker could possibly access certain resources, contrary to expectations. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2018-1305)

It was discovered that the Tomcat CORS filter default settings were insecure and would enable 'supportsCredentials' for all origins, contrary to expectations. (CVE-2018-8014).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
References
Exploitable With
Core Impact (true) (true) Metasploit (true)
Plugin Information:
Published: 2018/05/31, Modified: 2018/06/21
Plugin Output

tcp/0


- Installed package : libtomcat7-java_7.0.52-1ubuntu0.3
Fixed package : libtomcat7-java_7.0.52-1ubuntu0.14

- Installed package : tomcat7_7.0.52-1ubuntu0.3
Fixed package : tomcat7_7.0.52-1ubuntu0.14
110320 - Ubuntu 14.04 LTS : apport vulnerability (USN-3664-2)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-3664-1 fixed a vulnerability in Apport. Sander Bos reported that Ubuntu 14.04 LTS was also vulnerable to this issue, but was incorrectly omitted from the previous updates. This update provides the corresponding update for Ubuntu 14.04 LTS.

Original advisory details :

Sander Bos discovered that Apport incorrectly handled core dumps when certain files are missing from /proc. A local attacker could possibly use this issue to cause a denial of service, gain root privileges, or escape from containers.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apport package.
Risk Factor
High
References
CVE CVE-2018-6552
XREF USN:3664-2
Plugin Information:
Published: 2018/06/05, Modified: 2018/06/05
Plugin Output

tcp/0


- Installed package : apport_2.14.1-0ubuntu3.19
Fixed package : apport_2.14.1-0ubuntu3.29
110395 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : git vulnerabilities (USN-3671-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Etienne Stalmans discovered that git did not properly validate git submodules files. A remote attacker could possibly use this to craft a git repo that causes arbitrary code execution when 'git clone
--recurse-submodules' is used. (CVE-2018-11235)

It was discovered that an integer overflow existed in git's pathname sanity checking code when used on NTFS filesystems. An attacker could use this to cause a denial of service or expose sensitive information.
(CVE-2018-11233).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected git package.
Risk Factor
High
References
CVE CVE-2018-11233
CVE CVE-2018-11235
XREF USN:3671-1
Plugin Information:
Published: 2018/06/07, Modified: 2018/06/07
Plugin Output

tcp/0


- Installed package : git_1:1.9.1-1ubuntu0.1
Fixed package : git_1:1.9.1-1ubuntu0.8
110474 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3674-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-1068)

It was discovered that a NULL pointer dereference existed in the RDS (Reliable Datagram Sockets) protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-7492)

Eyal Itkin discovered that the USB displaylink video adapter driver in the Linux kernel did not properly validate mmap offsets sent from userspace. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code.
(CVE-2018-8781)

Xingyuan Lin discovered that a out-of-bounds read existed in the USB Video Class (UVC) driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory).
(CVE-2017-0627).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
High
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
References
CVE CVE-2017-0627
CVE CVE-2018-1068
CVE CVE-2018-7492
CVE CVE-2018-8781
XREF USN:3674-1
Plugin Information:
Published: 2018/06/12, Modified: 2018/06/12
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-151-generic_3.13.0-151.201

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.151.161
110514 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : qemu update (USN-3679-1) (Spectre)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows QEMU to expose new CPU features added by AMD microcode updates to guests on amd64 and i386.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected qemu, qemu-system and / or qemu-system-x86 packages.
Risk Factor
High
References
CVE CVE-2018-3639
XREF USN:3679-1
Plugin Information:
Published: 2018/06/13, Modified: 2018/06/13
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.43
110533 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : perl vulnerability (USN-3684-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Perl incorrectly handled certain archive files.
An attacker could possibly use this to overwrite arbitrary files.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected perl package.
Risk Factor
High
References
CVE CVE-2018-12015
XREF USN:3684-1
Plugin Information:
Published: 2018/06/14, Modified: 2018/06/14
Plugin Output

tcp/0


- Installed package : perl_5.18.2-2ubuntu1
Fixed package : perl_5.18.2-2ubuntu1.6
110552 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : file vulnerabilities (USN-3686-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9620)

Alexander Cherepanov discovered that file incorrectly handled certain long strings. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9620)

Alexander Cherepanov discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9653)

It was discovered that file incorrectly handled certain magic files.
An attacker could use this issue with a specially crafted magic file to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-8865)

It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service.
(CVE-2018-10360).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected file and / or libmagic1 packages.
Risk Factor
High
CVSS v3.0 Base Score
7.3 (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
References
Plugin Information:
Published: 2018/06/15, Modified: 2018/06/15
Plugin Output

tcp/0


- Installed package : file_1:5.14-2ubuntu3.3
Fixed package : file_1:5.14-2ubuntu3.4

- Installed package : libmagic1_1:5.14-2ubuntu3.3
Fixed package : libmagic1_1:5.14-2ubuntu3.4
110623 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : libgcrypt11, libgcrypt20 vulnerability (USN-3689-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Keegan Ryan discovered that Libgcrypt was susceptible to a side-channel attack. A local attacker could possibly use this attack to recover ECDSA private keys.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libgcrypt11 and / or libgcrypt20 packages.
Risk Factor
High
References
CVE CVE-2018-0495
XREF USN:3689-1
Plugin Information:
Published: 2018/06/20, Modified: 2018/06/20
Plugin Output

tcp/0


- Installed package : libgcrypt11_1.5.3-2ubuntu4.5
Fixed package : libgcrypt11_1.5.3-2ubuntu4.6
50686 - IP Forwarding Enabled
Synopsis
The remote host has IP forwarding enabled.
Description
The remote host has IP forwarding enabled. An attacker can exploit this to route packets through the host and potentially bypass some firewalls / routers / NAC filtering.

Unless the remote host is a router, it is recommended that you disable IP forwarding.
Solution
On Linux, you can disable IP forwarding by doing :

echo 0 > /proc/sys/net/ipv4/ip_forward

On Windows, set the key 'IPEnableRouter' to 0 under

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters

On Mac OS X, you can disable IP forwarding by executing the command :

sysctl -w net.inet.ip.forwarding=0

For other systems, check with your vendor.
Risk Factor
Medium
CVSS Base Score
5.8 (CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P)
References
CVE CVE-1999-0511
XREF OSVDB:8114
Plugin Information:
Published: 2010/11/23, Modified: 2015/07/16
Plugin Output

tcp/0

85801 - Ubuntu 14.04 LTS : linux vulnerability (USN-2734-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
3.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-5707
XREF OSVDB:125710
XREF USN:2734-1
Plugin Information:
Published: 2015/09/04, Modified: 2016/10/26
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-63-generic_3.13.0-63.103
86295 - Ubuntu 14.04 LTS : linux vulnerability (USN-2761-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS Base Score
6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.4 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2015-7613
XREF OSVDB:128379
XREF USN:2761-1
Plugin Information:
Published: 2015/10/06, Modified: 2016/10/28
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-65-generic_3.13.0-65.106
86785 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2794-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. (CVE-2015-2925)

Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). (CVE-2015-5257).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS Base Score
6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.1 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-2925
CVE CVE-2015-5257
XREF OSVDB:120327
XREF OSVDB:128036
XREF USN:2794-1
Plugin Information:
Published: 2015/11/06, Modified: 2016/10/26
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-67-generic_3.13.0-67.110
86811 - Ubuntu 14.04 LTS : linux vulnerability (USN-2801-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS Base Score
4.9 (CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
4.7 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2015-5307
XREF OSVDB:130090
XREF USN:2801-1
Plugin Information:
Published: 2015/11/10, Modified: 2016/10/26
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-68-generic_3.13.0-68.111
87107 - Ubuntu 14.04 LTS / 15.04 / 15.10 : openjdk-7 vulnerability (USN-2818-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed. Am attacker could use this to expose sensitive information or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score
4.8 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2015-4871
XREF OSVDB:129130
XREF USN:2818-1
Plugin Information:
Published: 2015/11/30, Modified: 2016/05/24
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u91-2.6.3-0ubuntu0.14.04.1

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u91-2.6.3-0ubuntu0.14.04.1

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u91-2.6.3-0ubuntu0.14.04.1
87169 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2823-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-5283)

Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). (CVE-2015-7872).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS Base Score
4.7 (CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
4.0 (CVSS2#E:U/RL:ND/RC:C)
References
CVE CVE-2015-5283
CVE CVE-2015-7872
XREF OSVDB:128012
XREF OSVDB:129330
XREF USN:2823-1
Plugin Information:
Published: 2015/12/02, Modified: 2016/10/26
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-71-generic_3.13.0-71.114
87205 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : qemu, qemu-kvm vulnerabilities (USN-2828-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Jason Wang discovered that QEMU incorrectly handled the virtio-net device. A remote attacker could use this issue to cause guest network consumption, resulting in a denial of service. (CVE-2015-7295)

Qinghao Tang and Ling Liu discovered that QEMU incorrectly handled the pcnet driver when used in loopback mode. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2015-7504)

Ling Liu and Jason Wang discovered that QEMU incorrectly handled the pcnet driver. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2015-7512)

Qinghao Tang discovered that QEMU incorrectly handled the eepro100 driver. A malicious guest could use this issue to cause an infinite loop, leading to a denial of service. (CVE-2015-8345).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
9.0 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:ND/RC:C)
References
CVE CVE-2015-7295
CVE CVE-2015-7504
CVE CVE-2015-7512
CVE CVE-2015-8345
XREF OSVDB:127769
XREF OSVDB:130703
XREF OSVDB:130888
XREF OSVDB:130889
XREF USN:2828-1
Plugin Information:
Published: 2015/12/04, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.21
87236 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : openssl vulnerabilities (USN-2830-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Guy Leaver discovered that OpenSSL incorrectly handled a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 15.10. (CVE-2015-1794)

Hanno Bock discovered that the OpenSSL Montgomery squaring procedure algorithm may produce incorrect results when being used on x86_64. A remote attacker could possibly use this issue to break encryption.
This issue only applied to Ubuntu 15.10. (CVE-2015-3193)

Loic Jonas Etienne discovered that OpenSSL incorrectly handled ASN.1 signatures with a missing PSS parameter. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-3194)

Adam Langley discovered that OpenSSL incorrectly handled malformed X509_ATTRIBUTE structures. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (CVE-2015-3195)

It was discovered that OpenSSL incorrectly handled PSK identity hints.
A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3196).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-1794
CVE CVE-2015-3193
CVE CVE-2015-3194
CVE CVE-2015-3195
CVE CVE-2015-3196
XREF OSVDB:129459
XREF OSVDB:131037
XREF OSVDB:131038
XREF OSVDB:131039
XREF OSVDB:131040
XREF USN:2830-1
Plugin Information:
Published: 2015/12/08, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.16
87408 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : grub2 vulnerability (USN-2836-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Hector Marco and Ismael Ripoll discovered that GRUB incorrectly handled the backspace key when configured to use authentication. A local attacker could use this issue to bypass GRUB password protection.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected grub2-common package.
Risk Factor
Medium
CVSS Base Score
6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.9 (CVSS2#E:U/RL:ND/RC:C)
References
CVE CVE-2015-8370
XREF OSVDB:131484
XREF USN:2836-1
Plugin Information:
Published: 2015/12/16, Modified: 2016/05/24
Plugin Output

tcp/0


- Installed package : grub2-common_2.02~beta2-9ubuntu1.4
Fixed package : grub2-common_2.02~beta2-9ubuntu1.6
87466 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2841-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.
(CVE-2015-8104)

Guoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)

It was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.
(CVE-2015-7885).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS v3.0 Base Score
2.3 (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N)
CVSS v3.0 Temporal Score
2.1 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
4.9 (CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
4.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2015-7799
CVE CVE-2015-7885
CVE CVE-2015-8104
XREF OSVDB:128845
XREF OSVDB:129372
XREF OSVDB:130089
XREF USN:2841-1
Plugin Information:
Published: 2015/12/17, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-73-generic_3.13.0-73.116
87531 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2848-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)

Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host.
(CVE-2015-8551)

Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space.
(CVE-2015-8552)

Jann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace.
(http://bugs.launchpad.net/bugs/1527374)

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.2 (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVSS Base Score
5.7 (CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C)
CVSS Temporal Score
4.2 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-8550
CVE CVE-2015-8551
CVE CVE-2015-8552
XREF OSVDB:119409
XREF OSVDB:132029
XREF OSVDB:132030
XREF OSVDB:132031
XREF USN:2848-1
Plugin Information:
Published: 2015/12/21, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-74-generic_3.13.0-74.118
87755 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : samba vulnerabilities (USN-2855-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-3223)

Jan Kasprzak discovered that Samba incorrectly handled certain symlinks. A remote attacker could use this issue to access files outside the exported share path. (CVE-2015-5252)

Stefan Metzmacher discovered that Samba did not enforce signing when creating encrypted connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. (CVE-2015-5296)

It was discovered that Samba incorrectly performed access control when using the VFS shadow_copy2 module. A remote attacker could use this issue to access snapshots, contrary to intended permissions.
(CVE-2015-5299)

Douglas Bagnall discovered that Samba incorrectly handled certain string lengths. A remote attacker could use this issue to possibly access sensitive information. (CVE-2015-5330)

It was discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10.
(CVE-2015-7540)

Andrew Bartlett discovered that Samba incorrectly checked administrative privileges during creation of machine accounts. A remote attacker could possibly use this issue to bypass intended access restrictions in certain environments. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-8467).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS Temporal Score
4.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-3223
CVE CVE-2015-5252
CVE CVE-2015-5296
CVE CVE-2015-5299
CVE CVE-2015-5330
CVE CVE-2015-7540
CVE CVE-2015-8467
XREF OSVDB:131934
XREF OSVDB:131935
XREF OSVDB:131936
XREF OSVDB:131937
XREF OSVDB:131938
XREF OSVDB:131939
XREF OSVDB:131940
XREF USN:2855-1
Plugin Information:
Published: 2016/01/06, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.11
87756 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : ldb vulnerabilities (USN-2856-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Thilo Uttendorfer discovered that the ldb incorrectly handled certain zero values. A remote attacker could use this issue to cause applications using ldb, such as Samba, to stop responding, resulting in a denial of service. (CVE-2015-3223)

Douglas Bagnall discovered that ldb incorrectly handled certain string lengths. A remote attacker could use this issue to possibly access sensitive information from memory of applications using ldb, such as Samba. (CVE-2015-5330).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libldb1 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-3223
CVE CVE-2015-5330
XREF OSVDB:131935
XREF OSVDB:131940
XREF USN:2856-1
Plugin Information:
Published: 2016/01/06, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libldb1_1:1.1.16-1
Fixed package : libldb1_1:1.1.16-1ubuntu0.1
87816 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : nss vulnerability (USN-2864-1) (SLOTH)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnss3 package.
Risk Factor
Medium
CVSS v3.0 Base Score
5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.4 (CVSS:3.0/E:U/RL:X/RC:C)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:ND/RC:C)
References
CVE CVE-2015-7575
XREF OSVDB:132305
XREF USN:2864-1
Plugin Information:
Published: 2016/01/08, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libnss3_2:3.19.2.1-0ubuntu0.14.04.1
Fixed package : libnss3_2:3.19.2.1-0ubuntu0.14.04.2
87888 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libvirt vulnerabilities (USN-2867-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that libvirt incorrectly handled the firewall rules on bridge networks when the daemon was restarted. This could result in an unintended firewall configuration. This issue only applied to Ubuntu 12.04 LTS. (CVE-2011-4600)

Peter Krempa discovered that libvirt incorrectly handled locking when certain ACL checks failed. A local attacker could use this issue to cause libvirt to stop responding, resulting in a denial of service.
This issue only applied to Ubuntu 14.04 LTS. (CVE-2014-8136)

Luyao Huang discovered that libvirt incorrectly handled VNC passwords in shapshot and image files. A remote authenticated user could use this issue to possibly obtain VNC passwords. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-0236)

Han Han discovered that libvirt incorrectly handled volume creation failure when used with NFS. A remote authenticated user could use this issue to cause libvirt to crash, resulting in a denial of service.
This issue only applied to Ubuntu 15.10. (CVE-2015-5247)

Ossi Herrala and Joonas Kuorilehto discovered that libvirt incorrectly performed storage pool name validation. A remote authenticated user could use this issue to bypass ACLs and gain access to unintended files. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-5313).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libvirt-bin and / or libvirt0 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
3.2 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2011-4600
CVE CVE-2014-8136
CVE CVE-2015-0236
CVE CVE-2015-5247
CVE CVE-2015-5313
XREF OSVDB:78232
XREF OSVDB:116144
XREF OSVDB:117504
XREF OSVDB:127452
XREF OSVDB:131656
XREF USN:2867-1
Plugin Information:
Published: 2016/01/13, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libvirt-bin_1.2.2-0ubuntu13.1.14
Fixed package : libvirt-bin_1.2.2-0ubuntu13.1.16

- Installed package : libvirt0_1.2.2-0ubuntu13.1.14
Fixed package : libvirt0_1.2.2-0ubuntu13.1.16
88084 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : rsync vulnerability (USN-2879-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that rsync incorrectly handled invalid filenames. A malicious server could use this issue to write files outside of the intended destination directory.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected rsync package.
Risk Factor
Medium
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P)
CVSS Temporal Score
5.3 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2014-9512
XREF OSVDB:118290
XREF USN:2879-1
Plugin Information:
Published: 2016/01/22, Modified: 2016/08/01
Plugin Output

tcp/0


- Installed package : rsync_3.1.0-2ubuntu0.1
Fixed package : rsync_3.1.0-2ubuntu0.2
88457 - Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : curl vulnerability (USN-2882-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Isaac Boukris discovered that curl could incorrectly re-use NTLM proxy credentials when subsequently connecting to the same host.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libcurl3, libcurl3-gnutls and / or libcurl3-nss packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
References
CVE CVE-2016-0755
XREF USN:2882-1
Plugin Information:
Published: 2016/01/28, Modified: 2016/10/14
Plugin Output

tcp/0


- Installed package : libcurl3-gnutls_7.35.0-1ubuntu2.5
Fixed package : libcurl3-gnutls_7.35.0-1ubuntu2.6
88519 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2887-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)

It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)

Sasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)

It was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.
(CVE-2015-8374).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)
CVSS Base Score
5.9 (CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C)
CVSS Temporal Score
4.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2013-7446
CVE CVE-2015-7513
CVE CVE-2015-7990
CVE CVE-2015-8374
XREF OSVDB:127759
XREF OSVDB:130525
XREF OSVDB:130832
XREF OSVDB:132618
XREF USN:2887-1
Plugin Information:
Published: 2016/02/02, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-77-generic_3.13.0-77.121
88749 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : gtk+2.0, gtk+3.0 vulnerability (USN-2898-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that GTK+ incorrectly handled certain large images.
A remote attacker could use this issue to cause GTK+ applications to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libgtk-3-0 and / or libgtk2.0-0 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2013-7447
XREF OSVDB:134418
XREF USN:2898-1
Plugin Information:
Published: 2016/02/16, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libgtk2.0-0_2.24.23-0ubuntu1.3
Fixed package : libgtk2.0-0_2.24.23-0ubuntu1.4
88804 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : samba regression (USN-2855-2)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem.

Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-3223)

Jan Kasprzak discovered that Samba incorrectly handled certain symlinks. A remote attacker could use this issue to access files outside the exported share path.
(CVE-2015-5252)

Stefan Metzmacher discovered that Samba did not enforce signing when creating encrypted connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.
(CVE-2015-5296)

It was discovered that Samba incorrectly performed access control when using the VFS shadow_copy2 module. A remote attacker could use this issue to access snapshots, contrary to intended permissions. (CVE-2015-5299)

Douglas Bagnall discovered that Samba incorrectly handled certain string lengths. A remote attacker could use this issue to possibly access sensitive information.
(CVE-2015-5330)

It was discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-7540)

Andrew Bartlett discovered that Samba incorrectly checked administrative privileges during creation of machine accounts. A remote attacker could possibly use this issue to bypass intended access restrictions in certain environments.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-8467).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS Temporal Score
4.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-3223
CVE CVE-2015-5252
CVE CVE-2015-5296
CVE CVE-2015-5299
CVE CVE-2015-5330
CVE CVE-2015-7540
CVE CVE-2015-8467
XREF OSVDB:131934
XREF OSVDB:131935
XREF OSVDB:131936
XREF OSVDB:131937
XREF OSVDB:131938
XREF OSVDB:131939
XREF OSVDB:131940
XREF USN:2855-2
Plugin Information:
Published: 2016/02/17, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.12
88894 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : cpio vulnerabilities (USN-2906-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Alexander Cherepanov discovered that GNU cpio incorrectly handled symbolic links when used with the --no-absolute-filenames option. If a user or automated system were tricked into extracting a specially crafted cpio archive, a remote attacker could possibly use this issue to write arbitrary files. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-1197)

Gustavo Grieco discovered that GNU cpio incorrectly handled memory when extracting archive files. If a user or automated system were tricked into extracting a specially crafted cpio archive, a remote attacker could use this issue to cause GNU cpio to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-2037).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected cpio package.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.2 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-1197
CVE CVE-2016-2037
XREF OSVDB:133523
XREF USN:2906-1
Plugin Information:
Published: 2016/02/23, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : cpio_2.11+dfsg-1ubuntu1.1
Fixed package : cpio_2.11+dfsg-1ubuntu1.2
89660 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : jasper vulnerabilities (USN-2919-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Jacob Baines discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2016-1577)

Tyler Hicks discovered that JasPer incorrectly handled memory when processing JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to consume memory, resulting in a denial of service.
(CVE-2016-2116).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libjasper1 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.1 (CVSS2#E:POC/RL:ND/RC:ND)
References
CVE CVE-2016-1577
CVE CVE-2016-2116
XREF OSVDB:135285
XREF OSVDB:135286
XREF USN:2919-1
Plugin Information:
Published: 2016/03/04, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libjasper1_1.900.1-14ubuntu3.2
Fixed package : libjasper1_1.900.1-14ubuntu3.3
89734 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : squid3 vulnerabilities (USN-2921-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Sebastian Krahmer discovered that Squid incorrectly handled certain SNMP requests. If SNMP is enabled, a remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-6270)

Alex Rousskov discovered that Squid incorrectly handled certain malformed responses. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service.
(CVE-2016-2571).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected squid3 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2014-6270
CVE CVE-2016-2571
XREF OSVDB:111286
XREF OSVDB:134901
XREF USN:2921-1
Plugin Information:
Published: 2016/03/08, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : squid3_3.3.8-1ubuntu6.4
Fixed package : squid3_3.3.8-1ubuntu6.6
89777 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : samba vulnerabilities (USN-2922-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks. (CVE-2015-7560)

Garming Sam and Douglas Bagnall discovered that the Samba internal DNS server incorrectly handled certain DNS TXT records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly obtain uninitialized memory contents. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-0771)

It was discovered that the Samba Web Administration Tool (SWAT) was vulnerable to clickjacking and cross-site request forgery attacks.
This issue only affected Ubuntu 12.04 LTS. (CVE-2013-0213, CVE-2013-0214).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba and / or swat packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
6.0 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
4.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2013-0213
CVE CVE-2013-0214
CVE CVE-2015-7560
CVE CVE-2016-0771
XREF OSVDB:89626
XREF OSVDB:89627
XREF OSVDB:135620
XREF OSVDB:135621
XREF USN:2922-1
Plugin Information:
Published: 2016/03/09, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.13
89827 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : nss vulnerability (USN-2924-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Francis Gabriel discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnss3 package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-1950
XREF OSVDB:135603
XREF USN:2924-1
Plugin Information:
Published: 2016/03/10, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libnss3_2:3.19.2.1-0ubuntu0.14.04.1
Fixed package : libnss3_2:3.21-0ubuntu0.14.04.2
89962 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : exim4 vulnerabilities (USN-2933-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Exim incorrectly filtered environment variables when used with the perl_startup configuration option. If the perl_startup option was enabled, a local attacker could use this issue to escalate their privileges to the root user. This issue has been fixed by having Exim clean the complete execution environment by default on startup, including any subprocesses such as transports that call other programs. This change in behaviour may break existing installations and can be adjusted by using two new configuration options, keep_environment and add_environment. (CVE-2016-1531)

Patrick William discovered that Exim incorrectly expanded mathematical comparisons twice. A local attacker could possibly use this issue to perform arbitrary file operations as the Exim user. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-2972).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected exim4-daemon-custom, exim4-daemon-heavy and / or exim4-daemon-light packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.0 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.7 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2014-2972
CVE CVE-2016-1531
XREF OSVDB:109455
XREF OSVDB:135280
XREF USN:2933-1
Exploitable With
Core Impact (true)
Plugin Information:
Published: 2016/03/16, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : exim4-daemon-light_4.82-3ubuntu2
Fixed package : exim4-daemon-light_4.82-3ubuntu2.1
89996 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : pam vulnerabilities (USN-2935-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that the PAM pam_userdb module incorrectly used a case-insensitive method when comparing hashed passwords. A local attacker could possibly use this issue to make brute-force attacks easier. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7041)

Sebastian Krahmer discovered that the PAM pam_timestamp module incorrectly performed filtering. A local attacker could use this issue to create arbitrary files, or possibly bypass authentication. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-2583)

Sebastien Macke discovered that the PAM pam_unix module incorrectly handled large passwords. A local attacker could possibly use this issue in certain environments to enumerate usernames or cause a denial of service. (CVE-2015-3238).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libpam-modules package.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score
3.9 (CVSS2#E:U/RL:OF/RC:UC)
References
CVE CVE-2013-7041
CVE CVE-2014-2583
CVE CVE-2015-3238
XREF OSVDB:100873
XREF OSVDB:104926
XREF OSVDB:123767
XREF USN:2935-1
Plugin Information:
Published: 2016/03/17, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libpam-modules_1.1.8-1ubuntu2
Fixed package : libpam-modules_1.1.8-1ubuntu2.1
89997 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : pam regression (USN-2935-2)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. This update fixes the problem.

We apologize for the inconvenience.

It was discovered that the PAM pam_userdb module incorrectly used a case-insensitive method when comparing hashed passwords. A local attacker could possibly use this issue to make brute-force attacks easier. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7041)

Sebastian Krahmer discovered that the PAM pam_timestamp module incorrectly performed filtering. A local attacker could use this issue to create arbitrary files, or possibly bypass authentication. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-2583)

Sebastien Macke discovered that the PAM pam_unix module incorrectly handled large passwords. A local attacker could possibly use this issue in certain environments to enumerate usernames or cause a denial of service. (CVE-2015-3238).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libpam-modules package.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score
3.9 (CVSS2#E:U/RL:OF/RC:UC)
References
CVE CVE-2013-7041
CVE CVE-2014-2583
CVE CVE-2015-3238
XREF OSVDB:100873
XREF OSVDB:104926
XREF OSVDB:123767
XREF USN:2935-2
Plugin Information:
Published: 2016/03/17, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libpam-modules_1.1.8-1ubuntu2
Fixed package : libpam-modules_1.1.8-1ubuntu2.2
90147 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : tiff vulnerabilities (USN-2939-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libtiff4 and / or libtiff5 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.4 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2015-8665
CVE CVE-2015-8683
CVE CVE-2015-8781
CVE CVE-2015-8782
CVE CVE-2015-8783
CVE CVE-2015-8784
XREF OSVDB:118377
XREF OSVDB:132240
XREF OSVDB:132276
XREF OSVDB:133559
XREF OSVDB:133560
XREF OSVDB:133561
XREF OSVDB:133569
XREF USN:2939-1
Plugin Information:
Published: 2016/03/24, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : libtiff5_4.0.3-7ubuntu0.3
Fixed package : libtiff5_4.0.3-7ubuntu0.4
90588 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : samba vulnerabilities (USN-2950-1) (Badlock)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. (CVE-2015-5370)

Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. (CVE-2016-2110)

Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. (CVE-2016-2111)

Stefan Metzmacher discovered that the Samba LDAP implementation did not enforce integrity protection. A remote attacker could use this issue to hijack LDAP connections by performing a man in the middle attack. (CVE-2016-2112)

Stefan Metzmacher discovered that Samba did not validate TLS certificates. A remote attacker could use this issue to spoof a Samba server. (CVE-2016-2113)

Stefan Metzmacher discovered that Samba did not enforce SMB signing even if configured to. A remote attacker could use this issue to perform a man in the middle attack. (CVE-2016-2114)

Stefan Metzmacher discovered that Samba did not enable integrity protection for IPC traffic. A remote attacker could use this issue to perform a man in the middle attack. (CVE-2016-2115)

Stefan Metzmacher discovered that Samba incorrectly handled the MS-SAMR and MS-LSAD protocols. A remote attacker could use this flaw with a man in the middle attack to impersonate users and obtain sensitive information from the Security Account Manager database. This flaw is known as Badlock. (CVE-2016-2118)

Samba has been updated to 4.3.8 in Ubuntu 14.04 LTS and Ubuntu 15.10.
Ubuntu 12.04 LTS has been updated to 3.6.25 with backported security fixes.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Configuration changes may be required in certain environments.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.9 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2015-5370
CVE CVE-2016-2110
CVE CVE-2016-2111
CVE CVE-2016-2112
CVE CVE-2016-2113
CVE CVE-2016-2114
CVE CVE-2016-2115
CVE CVE-2016-2118
XREF OSVDB:136339
XREF OSVDB:136989
XREF OSVDB:136990
XREF OSVDB:136991
XREF OSVDB:136992
XREF OSVDB:136993
XREF OSVDB:136994
XREF OSVDB:136995
XREF USN:2950-1
Plugin Information:
Published: 2016/04/19, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.8+dfsg-0ubuntu0.14.04.2
90915 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : samba regressions (USN-2950-3) (Badlock)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues.

This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS.

This advisory was inadvertently published as USN-2950-2 originally.

Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. (CVE-2015-5370)

Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack.
(CVE-2016-2110)

Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. (CVE-2016-2111)

Stefan Metzmacher discovered that the Samba LDAP implementation did not enforce integrity protection. A remote attacker could use this issue to hijack LDAP connections by performing a man in the middle attack.
(CVE-2016-2112)

Stefan Metzmacher discovered that Samba did not validate TLS certificates. A remote attacker could use this issue to spoof a Samba server. (CVE-2016-2113)

Stefan Metzmacher discovered that Samba did not enforce SMB signing even if configured to. A remote attacker could use this issue to perform a man in the middle attack.
(CVE-2016-2114)

Stefan Metzmacher discovered that Samba did not enable integrity protection for IPC traffic. A remote attacker could use this issue to perform a man in the middle attack.
(CVE-2016-2115)

Stefan Metzmacher discovered that Samba incorrectly handled the MS-SAMR and MS-LSAD protocols. A remote attacker could use this flaw with a man in the middle attack to impersonate users and obtain sensitive information from the Security Account Manager database. This flaw is known as Badlock.
(CVE-2016-2118)

Samba has been updated to 4.3.8 in Ubuntu 14.04 LTS and Ubuntu 15.10. Ubuntu 12.04 LTS has been updated to 3.6.25 with backported security fixes.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
Configuration changes may be required in certain environments.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.9 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2015-5370
CVE CVE-2016-2110
CVE CVE-2016-2111
CVE CVE-2016-2112
CVE CVE-2016-2113
CVE CVE-2016-2114
CVE CVE-2016-2115
CVE CVE-2016-2118
XREF OSVDB:136339
XREF OSVDB:136989
XREF OSVDB:136990
XREF OSVDB:136991
XREF OSVDB:136992
XREF OSVDB:136993
XREF OSVDB:136994
XREF OSVDB:136995
XREF USN:2950-3
Plugin Information:
Published: 2016/05/05, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.9+dfsg-0ubuntu0.14.04.1
91333 - Ubuntu 14.04 LTS / 15.10 / 16.04 LTS : samba regression (USN-2950-5) (Badlock)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem.

Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. (CVE-2015-5370)

Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack.
(CVE-2016-2110)

Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. (CVE-2016-2111)

Stefan Metzmacher discovered that the Samba LDAP implementation did not enforce integrity protection. A remote attacker could use this issue to hijack LDAP connections by performing a man in the middle attack.
(CVE-2016-2112)

Stefan Metzmacher discovered that Samba did not validate TLS certificates. A remote attacker could use this issue to spoof a Samba server. (CVE-2016-2113)

Stefan Metzmacher discovered that Samba did not enforce SMB signing even if configured to. A remote attacker could use this issue to perform a man in the middle attack.
(CVE-2016-2114)

Stefan Metzmacher discovered that Samba did not enable integrity protection for IPC traffic. A remote attacker could use this issue to perform a man in the middle attack.
(CVE-2016-2115)

Stefan Metzmacher discovered that Samba incorrectly handled the MS-SAMR and MS-LSAD protocols. A remote attacker could use this flaw with a man in the middle attack to impersonate users and obtain sensitive information from the Security Account Manager database. This flaw is known as Badlock.
(CVE-2016-2118)

Samba has been updated to 4.3.8 in Ubuntu 14.04 LTS and Ubuntu 15.10. Ubuntu 12.04 LTS has been updated to 3.6.25 with backported security fixes.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
Configuration changes may be required in certain environments.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.9 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2015-5370
CVE CVE-2016-2110
CVE CVE-2016-2111
CVE CVE-2016-2112
CVE CVE-2016-2113
CVE CVE-2016-2114
CVE CVE-2016-2115
CVE CVE-2016-2118
XREF OSVDB:136339
XREF OSVDB:136989
XREF OSVDB:136990
XREF OSVDB:136991
XREF OSVDB:136992
XREF OSVDB:136993
XREF OSVDB:136994
XREF OSVDB:136995
XREF USN:2950-5
Plugin Information:
Published: 2016/05/26, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.9+dfsg-0ubuntu0.14.04.3
91728 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : wget vulnerability (USN-3012-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Dawid Golunski discovered that Wget incorrectly handled filenames when being redirected from an HTTP to an FTP URL. A malicious server could possibly use this issue to overwrite local files.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected wget package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.1 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
3.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-4971
XREF OSVDB:139632
XREF USN:3012-1
Plugin Information:
Published: 2016/06/21, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : wget_1.15-1ubuntu1.14.04.1
Fixed package : wget_1.15-1ubuntu1.14.04.2
92313 - Ubuntu 14.04 LTS : linux vulnerability (USN-3034-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O (AIO) ring buffer to the other nodes. A local attacker could use this to cause a denial of service (system crash).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
3.8 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-3070
XREF OSVDB:138215
XREF USN:3034-1
Plugin Information:
Published: 2016/07/15, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-92-generic_3.13.0-92.139
92409 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : apache2 vulnerability (USN-3038-1) (httpoxy)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the Apache HTTP Server would set the HTTP_PROXY environment variable based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with CGI scripts that honour the HTTP_PROXY variable to redirect outgoing HTTP requests.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apache2-bin and / or apache2.2-bin packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.4 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
4.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-5387
XREF OSVDB:141669
XREF USN:3038-1
Plugin Information:
Published: 2016/07/19, Modified: 2017/06/29
Plugin Output

tcp/0


- Installed package : apache2-bin_2.4.7-1ubuntu4.8
Fixed package : apache2-bin_2.4.7-1ubuntu4.13
92511 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : mysql-5.5, mysql-5.6, mysql-5.7 vulnerabilities (USN-3040-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.50 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.10 has been updated to MySQL 5.6.31. Ubuntu 16.04 LTS has been updated to MySQL 5.7.13.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-31.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-13.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720 .html.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5, mysql-server-5.6 and / or mysql-server-5.7 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-3424
CVE CVE-2016-3459
CVE CVE-2016-3477
CVE CVE-2016-3486
CVE CVE-2016-3501
CVE CVE-2016-3518
CVE CVE-2016-3521
CVE CVE-2016-3588
CVE CVE-2016-3614
CVE CVE-2016-3615
CVE CVE-2016-5436
CVE CVE-2016-5437
CVE CVE-2016-5439
CVE CVE-2016-5440
CVE CVE-2016-5441
CVE CVE-2016-5442
CVE CVE-2016-5443
XREF OSVDB:141886
XREF OSVDB:141887
XREF OSVDB:141888
XREF OSVDB:141889
XREF OSVDB:141890
XREF OSVDB:141891
XREF OSVDB:141892
XREF OSVDB:141893
XREF OSVDB:141894
XREF OSVDB:141895
XREF OSVDB:141896
XREF OSVDB:141897
XREF OSVDB:141898
XREF OSVDB:141899
XREF OSVDB:141900
XREF OSVDB:141901
XREF OSVDB:141904
XREF USN:3040-1
Plugin Information:
Published: 2016/07/22, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.50-0ubuntu0.14.04.1
92862 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3052-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-4470)

Kangjie Lu discovered an information leak in the netlink implementation of the Linux kernel. A local attacker could use this to obtain sensitive information from kernel memory. (CVE-2016-5243).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
4.9 (CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
3.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-4470
CVE CVE-2016-5243
XREF OSVDB:139499
XREF OSVDB:140046
XREF USN:3052-1
Plugin Information:
Published: 2016/08/11, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-93-generic_3.13.0-93.140
93025 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : fontconfig vulnerability (USN-3063-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache files. A local attacker could possibly use this issue with a specially crafted cache file to elevate privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected fontconfig and / or libfontconfig1 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
3.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-5384
XREF OSVDB:142659
XREF USN:3063-1
Plugin Information:
Published: 2016/08/18, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : fontconfig_2.11.0-0ubuntu4.1
Fixed package : fontconfig_2.11.0-0ubuntu4.2

- Installed package : libfontconfig1_2.11.0-0ubuntu4.1
Fixed package : libfontconfig1_2.11.0-0ubuntu4.2
93045 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : gnupg vulnerability (USN-3064-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Felix Dorre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected gnupg package.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS v3.0 Temporal Score
4.9 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
4.1 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-6313
XREF OSVDB:143068
XREF USN:3064-1
Plugin Information:
Published: 2016/08/19, Modified: 2016/12/27
Plugin Output

tcp/0


- Installed package : gnupg_1.4.16-1ubuntu2.3
Fixed package : gnupg_1.4.16-1ubuntu2.4
93800 - Ubuntu 14.04 LTS / 16.04 LTS : samba vulnerability (USN-3092-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Stefan Metzmacher discovered that Samba incorrectly handled certain flags in SMB2/3 client connections. A remote attacker could use this issue to disable client signing and impersonate servers by performing a man in the middle attack.

Samba has been updated to 4.3.11 in Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. In addition to the security fix, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2119
XREF OSVDB:141072
XREF USN:3092-1
Plugin Information:
Published: 2016/09/29, Modified: 2016/12/27
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.11+dfsg-0ubuntu0.14.04.1
95054 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : tar vulnerability (USN-3132-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Harry Sintonen discovered that tar incorrectly handled extracting files when path names are specified on the command line. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly overwrite arbitrary files.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected tar package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
3.8 (CVSS2#E:U/RL:U/RC:UC)
References
CVE CVE-2016-6321
XREF OSVDB:146394
XREF USN:3132-1
Plugin Information:
Published: 2016/11/22, Modified: 2016/12/21
Plugin Output

tcp/0


- Installed package : tar_1.27.1-1
Fixed package : tar_1.27.1-1ubuntu0.1
95386 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : vim vulnerability (USN-3139-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Florian Larysch discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. An attacker could trick a user into opening a file with specially crafted modelines and possibly execute arbitrary code with the user's privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-1248
XREF OSVDB:147697
XREF USN:3139-1
Plugin Information:
Published: 2016/11/29, Modified: 2016/12/02
Plugin Output

tcp/0


- Installed package : vim_2:7.4.052-1ubuntu3
Fixed package : vim_2:7.4.052-1ubuntu3.1

- Installed package : vim-common_2:7.4.052-1ubuntu3
Fixed package : vim-common_2:7.4.052-1ubuntu3.1

- Installed package : vim-runtime_2:7.4.052-1ubuntu3
Fixed package : vim-runtime_2:7.4.052-1ubuntu3.1
95808 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : apt vulnerability (USN-3156-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Jann Horn discovered that APT incorrectly handled InRelease files. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apt package.
Risk Factor
Medium
CVSS v3.0 Base Score
5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
3.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-1252
XREF OSVDB:148956
XREF USN:3156-1
Plugin Information:
Published: 2016/12/14, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : apt_1.0.1ubuntu2.10
Fixed package : apt_1.0.1ubuntu2.17
95949 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : samba vulnerabilities (USN-3158-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Frederic Besler and others discovered that the ndr_pull_dnsp_nam function in Samba contained an integer overflow. An authenticated attacker could use this to gain administrative privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10.
(CVE-2016-2123)

Simo Sorce discovered that that Samba clients always requested a forwardable ticket when using Kerberos authentication. An attacker could use this to impersonate an authenticated user or service.
(CVE-2016-2125)

Volker Lendecke discovered that Kerberos PAC validation implementation in Samba contained multiple vulnerabilities. An authenticated attacker could use this to cause a denial of service or gain administrative privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-2126).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libsmbclient, samba and / or winbind packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
5.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
4.0 (CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVSS Temporal Score
3.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2123
CVE CVE-2016-2125
CVE CVE-2016-2126
XREF OSVDB:149000
XREF OSVDB:149001
XREF OSVDB:149002
XREF USN:3158-1
Plugin Information:
Published: 2016/12/20, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libsmbclient_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : libsmbclient_2:4.3.11+dfsg-0ubuntu0.14.04.4

- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.11+dfsg-0ubuntu0.14.04.4

- Installed package : winbind_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : winbind_2:4.3.11+dfsg-0ubuntu0.14.04.4
95993 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3160-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6213)

It was discovered that a race condition existed in the procfs environ_read function in the Linux kernel, leading to an integer underflow. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2016-7916).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.1 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
4.7 (CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
3.9 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-6213
CVE CVE-2016-7916
XREF OSVDB:141527
XREF OSVDB:147055
XREF USN:3160-1
Plugin Information:
Published: 2016/12/21, Modified: 2017/01/03
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-106-generic_3.13.0-106.153

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.106.114
96304 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : nss vulnerabilities (USN-3163-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that NSS incorrectly handled certain invalid Diffie-Hellman keys. A remote attacker could possibly use this flaw to cause NSS to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-5285)

Hubert Kario discovered that NSS incorrectly handled Diffie Hellman client key exchanges. A remote attacker could possibly use this flaw to perform a small subgroup confinement attack and recover private keys. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-8635)

Franziskus Kiefer discovered that NSS incorrectly mitigated certain timing side-channel attacks. A remote attacker could possibly use this flaw to recover private keys. (CVE-2016-9074)

This update refreshes the NSS package to version 3.26.2 which includes the latest CA certificate bundle.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnss3 package.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-5285
CVE CVE-2016-8635
CVE CVE-2016-9074
XREF OSVDB:147362
XREF OSVDB:147521
XREF OSVDB:147522
XREF USN:3163-1
Plugin Information:
Published: 2017/01/05, Modified: 2017/01/10
Plugin Output

tcp/0


- Installed package : libnss3_2:3.19.2.1-0ubuntu0.14.04.1
Fixed package : libnss3_2:3.26.2-0ubuntu0.14.04.3
96656 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3174-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.54 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 16.10 have been updated to MySQL 5.7.17.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-54.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727 .html.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H)
CVSS Base Score
4.9 (CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:P)
CVSS Temporal Score
3.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-8318
CVE CVE-2016-8327
CVE CVE-2017-3238
CVE CVE-2017-3243
CVE CVE-2017-3244
CVE CVE-2017-3251
CVE CVE-2017-3256
CVE CVE-2017-3258
CVE CVE-2017-3265
CVE CVE-2017-3273
CVE CVE-2017-3291
CVE CVE-2017-3312
CVE CVE-2017-3313
CVE CVE-2017-3317
CVE CVE-2017-3318
CVE CVE-2017-3319
CVE CVE-2017-3320
XREF OSVDB:150448
XREF OSVDB:150449
XREF OSVDB:150450
XREF OSVDB:150451
XREF OSVDB:150452
XREF OSVDB:150454
XREF OSVDB:150455
XREF OSVDB:150456
XREF OSVDB:150457
XREF OSVDB:150458
XREF OSVDB:150460
XREF OSVDB:150461
XREF OSVDB:150462
XREF OSVDB:150463
XREF OSVDB:150464
XREF OSVDB:150468
XREF OSVDB:150469
XREF USN:3174-1
Plugin Information:
Published: 2017/01/20, Modified: 2017/04/21
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.54-0ubuntu0.14.04.1
97049 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : squid3 vulnerabilities (USN-3192-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Saulius Lapinskas discovered that Squid incorrectly handled processing HTTP conditional requests. A remote attacker could possibly use this issue to obtain sensitive information related to other clients'
browsing sessions. (CVE-2016-10002)

Felix Hassert discovered that Squid incorrectly handled certain HTTP Request headers when using the Collapsed Forwarding feature. A remote attacker could possibly use this issue to obtain sensitive information related to other clients' browsing sessions. This issue only applied to Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10003).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected squid3 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-10002
CVE CVE-2016-10003
XREF OSVDB:148952
XREF OSVDB:148953
XREF USN:3192-1
Plugin Information:
Published: 2017/02/07, Modified: 2017/03/06
Plugin Output

tcp/0


- Installed package : squid3_3.3.8-1ubuntu6.4
Fixed package : squid3_3.3.8-1ubuntu6.9
97084 - Ubuntu 12.04 LTS / 14.04 LTS : openjdk-7 vulnerabilities (USN-3194-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes them to be used only if no non-legacy algorithms can be negotiated. (CVE-2016-2183)

It was discovered that OpenJDK accepted ECSDA signatures using non-canonical DER encoding. An attacker could use this to modify or expose sensitive data. (CVE-2016-5546)

It was discovered that OpenJDK did not properly verify object identifier (OID) length when reading Distinguished Encoding Rules (DER) records, as used in x.509 certificates and elsewhere. An attacker could use this to cause a denial of service (memory consumption). (CVE-2016-5547)

It was discovered that covert timing channel vulnerabilities existed in the DSA implementations in OpenJDK. A remote attacker could use this to expose sensitive information. (CVE-2016-5548)

It was discovered that the URLStreamHandler class in OpenJDK did not properly parse user information from a URL. A remote attacker could use this to expose sensitive information. (CVE-2016-5552)

It was discovered that the URLClassLoader class in OpenJDK did not properly check access control context when downloading class files. A remote attacker could use this to expose sensitive information.
(CVE-2017-3231)

It was discovered that the Remote Method Invocation (RMI) implementation in OpenJDK performed deserialization of untrusted inputs. A remote attacker could use this to execute arbitrary code.
(CVE-2017-3241)

It was discovered that the Java Authentication and Authorization Service (JAAS) component of OpenJDK did not properly perform user search LDAP queries. An attacker could use a specially constructed LDAP entry to expose or modify sensitive information. (CVE-2017-3252)

It was discovered that the PNGImageReader class in OpenJDK did not properly handle iTXt and zTXt chunks. An attacker could use this to cause a denial of service (memory consumption). (CVE-2017-3253)

It was discovered that integer overflows existed in the SocketInputStream and SocketOutputStream classes of OpenJDK. An attacker could use this to expose sensitive information.
(CVE-2017-3261)

It was discovered that the atomic field updaters in the java.util.concurrent.atomic package in OpenJDK did not properly restrict access to protected field members. An attacker could use this to specially craft a Java application or applet that could bypass Java sandbox restrictions. (CVE-2017-3272)

It was discovered that a vulnerability existed in the class construction implementation in OpenJDK. An attacker could use this to specially craft a Java application or applet that could bypass Java sandbox restrictions. (CVE-2017-3289).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
9.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2183
CVE CVE-2016-5546
CVE CVE-2016-5547
CVE CVE-2016-5548
CVE CVE-2016-5552
CVE CVE-2017-3231
CVE CVE-2017-3241
CVE CVE-2017-3252
CVE CVE-2017-3253
CVE CVE-2017-3261
CVE CVE-2017-3272
CVE CVE-2017-3289
XREF OSVDB:143387
XREF OSVDB:143388
XREF OSVDB:150415
XREF OSVDB:150416
XREF OSVDB:150417
XREF OSVDB:150419
XREF OSVDB:150420
XREF OSVDB:150422
XREF OSVDB:150423
XREF OSVDB:150425
XREF OSVDB:150426
XREF OSVDB:150427
XREF OSVDB:150428
XREF USN:3194-1
Plugin Information:
Published: 2017/02/09, Modified: 2017/02/13
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u121-2.6.8-1ubuntu0.14.04.3

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u121-2.6.8-1ubuntu0.14.04.3

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u121-2.6.8-1ubuntu0.14.04.3
97304 - Ubuntu 12.04 LTS / 14.04 LTS : tomcat6, tomcat7 vulnerability (USN-3204-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Tomcat incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to cause Tomcat to consume resources, resulting in a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.9 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
4.1 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-6056
XREF OSVDB:152080
XREF USN:3204-1
Plugin Information:
Published: 2017/02/21, Modified: 2017/03/27
Plugin Output

tcp/0


- Installed package : libtomcat7-java_7.0.52-1ubuntu0.3
Fixed package : libtomcat7-java_7.0.52-1ubuntu0.10

- Installed package : tomcat7_7.0.52-1ubuntu0.3
Fixed package : tomcat7_7.0.52-1ubuntu0.10
97383 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : LibreOffice vulnerability (USN-3210-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Ben Hayak discovered that it was possible to make LibreOffice Calc and Writer disclose arbitrary files to an attacker if a user opened a specially crafted file with embedded links.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
4.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
3.2 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
II
References
CVE CVE-2017-3157
XREF OSVDB:152405
XREF USN:3210-1
XREF IAVB:2017-B-0026
Plugin Information:
Published: 2017/02/24, Modified: 2018/01/31
Plugin Output

tcp/0


- Installed package : libreoffice_1:4.2.8-0ubuntu3
Fixed package : libreoffice_1:4.2.8-0ubuntu5

- Installed package : libreoffice-base_1:4.2.8-0ubuntu3
Fixed package : libreoffice-base_1:4.2.8-0ubuntu5

- Installed package : libreoffice-base-core_1:4.2.8-0ubuntu3
Fixed package : libreoffice-base-core_1:4.2.8-0ubuntu5

- Installed package : libreoffice-calc_1:4.2.8-0ubuntu3
Fixed package : libreoffice-calc_1:4.2.8-0ubuntu5

- Installed package : libreoffice-common_1:4.2.8-0ubuntu3
Fixed package : libreoffice-common_1:4.2.8-0ubuntu5

- Installed package : libreoffice-core_1:4.2.8-0ubuntu3
Fixed package : libreoffice-core_1:4.2.8-0ubuntu5

- Installed package : libreoffice-math_1:4.2.8-0ubuntu3
Fixed package : libreoffice-math_1:4.2.8-0ubuntu5

- Installed package : libreoffice-writer_1:4.2.8-0ubuntu3
Fixed package : libreoffice-writer_1:4.2.8-0ubuntu5
97522 - Ubuntu 12.04 LTS / 14.04 LTS : w3m vulnerabilities (USN-3214-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
A large number of security issues were discovered in the w3m browser.
If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected w3m package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.3 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-9422
CVE CVE-2016-9423
CVE CVE-2016-9424
CVE CVE-2016-9425
CVE CVE-2016-9426
CVE CVE-2016-9428
CVE CVE-2016-9429
CVE CVE-2016-9430
CVE CVE-2016-9431
CVE CVE-2016-9432
CVE CVE-2016-9433
CVE CVE-2016-9434
CVE CVE-2016-9435
CVE CVE-2016-9436
CVE CVE-2016-9437
CVE CVE-2016-9438
CVE CVE-2016-9439
CVE CVE-2016-9440
CVE CVE-2016-9441
CVE CVE-2016-9442
CVE CVE-2016-9443
CVE CVE-2016-9622
CVE CVE-2016-9623
CVE CVE-2016-9624
CVE CVE-2016-9625
CVE CVE-2016-9626
CVE CVE-2016-9627
CVE CVE-2016-9628
CVE CVE-2016-9629
CVE CVE-2016-9630
CVE CVE-2016-9631
CVE CVE-2016-9632
CVE CVE-2016-9633
XREF OSVDB:147564
XREF OSVDB:147565
XREF OSVDB:147566
XREF OSVDB:147567
XREF OSVDB:147573
XREF OSVDB:147577
XREF OSVDB:147578
XREF OSVDB:147579
XREF OSVDB:147580
XREF OSVDB:147581
XREF OSVDB:147582
XREF OSVDB:147583
XREF OSVDB:147584
XREF OSVDB:147585
XREF OSVDB:147586
XREF OSVDB:147587
XREF OSVDB:147589
XREF OSVDB:147590
XREF OSVDB:147591
XREF OSVDB:147592
XREF OSVDB:147593
XREF OSVDB:147782
XREF OSVDB:147783
XREF OSVDB:147784
XREF OSVDB:147785
XREF USN:3214-1
Plugin Information:
Published: 2017/03/03, Modified: 2017/03/07
Plugin Output

tcp/0


- Installed package : w3m_0.5.3-15
Fixed package : w3m_0.5.3-15ubuntu0.1
97854 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : freetype vulnerability (USN-3237-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libfreetype6 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-10244
XREF OSVDB:143524
XREF USN:3237-1
Plugin Information:
Published: 2017/03/21, Modified: 2017/03/28
Plugin Output

tcp/0


- Installed package : libfreetype6_2.5.2-1ubuntu2.5
Fixed package : libfreetype6_2.5.2-1ubuntu2.6
97937 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : samba vulnerability (USN-3242-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Medium
CVSS Base Score
6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-2619
XREF OSVDB:154257
XREF USN:3242-1
Plugin Information:
Published: 2017/03/24, Modified: 2018/04/12
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.11+dfsg-0ubuntu0.14.04.6
97938 - Ubuntu 14.04 LTS : git vulnerability (USN-3243-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Git incorrectly sanitized branch names in the PS1 variable when configured to display the repository status in the shell prompt. If a user were tricked into exploring a malicious repository, a remote attacker could use this issue to execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected git package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.1 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2014-9938
XREF OSVDB:154027
XREF USN:3243-1
Plugin Information:
Published: 2017/03/24, Modified: 2017/08/16
Plugin Output

tcp/0


- Installed package : git_1:1.9.1-1ubuntu0.1
Fixed package : git_1:1.9.1-1ubuntu0.4
99094 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : apparmor vulnerability (USN-3247-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Stephane Graber discovered that AppArmor incorrectly unloaded some profiles when restarted or upgraded, contrary to expected behavior.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apparmor package.
Risk Factor
Medium
CVSS v3.0 Base Score
5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
5.3 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
3.4 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-6507
XREF OSVDB:154291
XREF USN:3247-1
Plugin Information:
Published: 2017/03/30, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : apparmor_2.8.95~2430-0ubuntu5.3
Fixed package : apparmor_2.10.95-0ubuntu2.6~14.04.1
99966 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : icu vulnerabilities (USN-3274-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libicu52, libicu55 and / or libicu57 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-7867
CVE CVE-2017-7868
XREF OSVDB:152114
XREF USN:3274-1
Plugin Information:
Published: 2017/05/03, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libicu52_52.1-3ubuntu0.4
Fixed package : libicu52_52.1-3ubuntu0.6
99993 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : shadow vulnerabilities (USN-3276-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. (CVE-2016-6252)

Tobias Stockmann discovered a race condition in su. A local attacker could cause su to send SIGKILL to other processes with root privileges. (CVE-2017-2616).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected login, passwd and / or uidmap packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.6 (CVSS:3.0/E:U/RL:X/RC:U)
CVSS Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
3.5 (CVSS2#E:U/RL:ND/RC:UC)
References
CVE CVE-2016-6252
CVE CVE-2017-2616
XREF OSVDB:142047
XREF OSVDB:152469
XREF USN:3276-1
Plugin Information:
Published: 2017/05/05, Modified: 2017/08/16
Plugin Output

tcp/0


- Installed package : login_1:4.1.5.1-1ubuntu9.1
Fixed package : login_1:4.1.5.1-1ubuntu9.4

- Installed package : passwd_1:4.1.5.1-1ubuntu9.1
Fixed package : passwd_1:4.1.5.1-1ubuntu9.4
100098 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : apache2 vulnerabilities (USN-3279-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that the Apache mod_session_crypto module was encrypting data and cookies using either CBC or ECB modes. A remote attacker could possibly use this issue to perform padding oracle attacks. (CVE-2016-0736)

Maksim Malyutin discovered that the Apache mod_auth_digest module incorrectly handled malicious input. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. (CVE-2016-2161)

David Dennerline and Regis Leroy discovered that the Apache HTTP Server incorrectly handled unusual whitespace when parsing requests, contrary to specifications. When being used in combination with a proxy or backend server, a remote attacker could possibly use this issue to perform an injection attack and pollute cache. This update may introduce compatibility issues with clients that do not strictly follow HTTP protocol specifications. A new configuration option 'HttpProtocolOptions Unsafe' can be used to revert to the previous unsafe behaviour in problematic environments. (CVE-2016-8743).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apache2-bin package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-0736
CVE CVE-2016-2161
CVE CVE-2016-8743
XREF OSVDB:148286
XREF OSVDB:148338
XREF OSVDB:149054
XREF USN:3279-1
Plugin Information:
Published: 2017/05/10, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : apache2-bin_2.4.7-1ubuntu4.8
Fixed package : apache2-bin_2.4.7-1ubuntu4.14
100218 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : git vulnerability (USN-3287-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Timo Schmid discovered that the Git restricted shell incorrectly filtered allowed commands. A remote attacker could possibly use this issue to run an interactive pager and access sensitive information.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected git package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
6.5 (CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score
4.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-8386
XREF OSVDB:157331
XREF USN:3287-1
Plugin Information:
Published: 2017/05/16, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : git_1:1.9.1-1ubuntu0.1
Fixed package : git_1:1.9.1-1ubuntu0.5
100248 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : shadow regression (USN-3276-2)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3276-1 intended to fix a vulnerability in su. The solution introduced a regression in su signal handling. This update modifies the security fix. We apologize for the inconvenience.

Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. (CVE-2016-6252)

Tobias Stockmann discovered a race condition in su. A local attacker could cause su to send SIGKILL to other processes with root privileges. (CVE-2017-2616).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected login, passwd and / or uidmap packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.6 (CVSS:3.0/E:U/RL:X/RC:U)
CVSS Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
3.5 (CVSS2#E:U/RL:ND/RC:UC)
References
CVE CVE-2016-6252
CVE CVE-2017-2616
XREF OSVDB:142047
XREF OSVDB:152469
XREF USN:3276-2
Plugin Information:
Published: 2017/05/17, Modified: 2017/08/16
Plugin Output

tcp/0


- Installed package : login_1:4.1.5.1-1ubuntu9.1
Fixed package : login_1:4.1.5.1-1ubuntu9.5

- Installed package : passwd_1:4.1.5.1-1ubuntu9.1
Fixed package : passwd_1:4.1.5.1-1ubuntu9.5
100251 - Ubuntu 14.04 LTS : linux vulnerability (USN-3290-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Marco Grassi discovered that the TCP implementation in the Linux kernel mishandles socket buffer (skb) truncation. A local attacker could use this to cause a denial of service (system crash).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
4.9 (CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)
References
CVE CVE-2016-8645
XREF USN:3290-1
Plugin Information:
Published: 2017/05/17, Modified: 2017/05/17
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-119-generic_3.13.0-119.166

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.119.129
100294 - Ubuntu 14.04 LTS / 16.04 LTS : jasper vulnerabilities (USN-3295-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libjasper1 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.1 (CVSS2#E:POC/RL:U/RC:ND)
References
CVE CVE-2016-10249
CVE CVE-2016-10251
CVE CVE-2016-1867
CVE CVE-2016-2089
CVE CVE-2016-8654
CVE CVE-2016-8691
CVE CVE-2016-8692
CVE CVE-2016-8693
CVE CVE-2016-8882
CVE CVE-2016-9560
CVE CVE-2016-9591
XREF OSVDB:132886
XREF OSVDB:133755
XREF OSVDB:143483
XREF OSVDB:143485
XREF OSVDB:145761
XREF OSVDB:146183
XREF OSVDB:146707
XREF OSVDB:147666
XREF OSVDB:147946
XREF OSVDB:148845
XREF USN:3295-1
Plugin Information:
Published: 2017/05/19, Modified: 2017/05/23
Plugin Output

tcp/0


- Installed package : libjasper1_1.900.1-14ubuntu3.2
Fixed package : libjasper1_1.900.1-14ubuntu3.4
100549 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : sudo vulnerability (USN-3304-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Sudo did not properly parse the contents of /proc/[pid]/stat when attempting to determine its controlling tty. A local attacker in some configurations could possibly use this to overwrite any file on the filesystem, bypassing intended permissions.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected sudo and / or sudo-ldap packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.4 (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.7 (CVSS2#E:F/RL:OF/RC:ND)
STIG Severity
I
References
CVE CVE-2017-1000367
XREF OSVDB:158256
XREF USN:3304-1
XREF IAVA:2017-A-0165
Plugin Information:
Published: 2017/05/31, Modified: 2018/01/31
Plugin Output

tcp/0


- Installed package : sudo_1.8.9p5-1ubuntu1.2
Fixed package : sudo_1.8.9p5-1ubuntu1.4
100590 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : libsndfile vulnerabilities (USN-3306-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Agostino Sarubbo and Jakub Jirasek discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libsndfile1 package.
Risk Factor
Medium
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.4 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-7585
CVE CVE-2017-7586
CVE CVE-2017-7741
CVE CVE-2017-7742
CVE CVE-2017-8361
CVE CVE-2017-8362
CVE CVE-2017-8363
CVE CVE-2017-8365
XREF OSVDB:155162
XREF OSVDB:155163
XREF OSVDB:155443
XREF OSVDB:155444
XREF OSVDB:156658
XREF OSVDB:156659
XREF USN:3306-1
Plugin Information:
Published: 2017/06/02, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libsndfile1_1.0.25-7ubuntu2
Fixed package : libsndfile1_1.0.25-7ubuntu2.2
100988 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : nss vulnerability (USN-3336-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that NSS incorrectly handled certain empty SSLv2 messages. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libnss3 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
4.1 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-7502
XREF OSVDB:158287
XREF USN:3336-1
Plugin Information:
Published: 2017/06/22, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libnss3_2:3.19.2.1-0ubuntu0.14.04.1
Fixed package : libnss3_2:3.28.4-0ubuntu0.14.04.2
101354 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : poppler vulnerabilities (USN-3350-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000 images. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. (CVE-2017-2820)

Jiaqi Peng discovered that the poppler pdfunite tool incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause poppler to crash, resulting in a denial of service. (CVE-2017-7511)

It was discovered that the poppler pdfunite tool incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause poppler to hang, resulting in a denial of service. (CVE-2017-7515)

It was discovered that poppler incorrectly handled JPEG 2000 images.
If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause cause poppler to crash, resulting in a denial of service. (CVE-2017-9083)

It was discovered that poppler incorrectly handled memory when processing PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause poppler to consume resources, resulting in a denial of service. (CVE-2017-9406, CVE-2017-9408)

Alberto Garcia, Francisco Oca, and Suleman Ali discovered that the poppler pdftocairo tool incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause poppler to crash, resulting in a denial of service. (CVE-2017-9775).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.2 (CVSS2#E:U/RL:U/RC:UC)
STIG Severity
I
References
CVE CVE-2017-2820
CVE CVE-2017-7511
CVE CVE-2017-7515
CVE CVE-2017-9083
CVE CVE-2017-9406
CVE CVE-2017-9408
CVE CVE-2017-9775
XREF OSVDB:157857
XREF OSVDB:158277
XREF OSVDB:158441
XREF OSVDB:158442
XREF OSVDB:158576
XREF OSVDB:159693
XREF OSVDB:160531
XREF USN:3350-1
XREF IAVB:2017-B-0079
Plugin Information:
Published: 2017/07/10, Modified: 2018/01/31
Plugin Output

tcp/0


- Installed package : libpoppler44_0.24.5-2ubuntu4.3
Fixed package : libpoppler44_0.24.5-2ubuntu4.5
101769 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : heimdal vulnerability (USN-3353-1) (Orpheus' Lyre)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Heimdal clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network services or perform other attacks.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libkrb5-26-heimdal package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-11103
XREF OSVDB:160822
XREF USN:3353-1
Plugin Information:
Published: 2017/07/17, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libkrb5-26-heimdal_1.6~git20131207+dfsg-1ubuntu1.1
Fixed package : libkrb5-26-heimdal_1.6~git20131207+dfsg-1ubuntu1.2
101770 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : samba vulnerability (USN-3353-2) (Orpheus' Lyre)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-3353-1 fixed a vulnerability in Heimdal. This update provides the corresponding update for Samba.

Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Samba clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network servers or perform other attacks.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba-libs package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.1 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-11103
XREF OSVDB:160822
XREF USN:3353-2
Plugin Information:
Published: 2017/07/17, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : samba-libs_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba-libs_2:4.3.11+dfsg-0ubuntu0.14.04.10
101809 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : apport vulnerability (USN-3354-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Felix Wilhelm discovered a path traversal vulnerability in Apport when handling the ExecutablePath field in crash files. An attacker could trick a user into opening a specially crafted crash file and execute arbitrary code with the user's privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apport, python-apport and / or python3-apport packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-10708
XREF OSVDB:161596
XREF USN:3354-1
Plugin Information:
Published: 2017/07/19, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : apport_2.14.1-0ubuntu3.19
Fixed package : apport_2.14.1-0ubuntu3.25

- Installed package : python3-apport_2.14.1-0ubuntu3.19
Fixed package : python3-apport_2.14.1-0ubuntu3.25
101834 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : spice vulnerability (USN-3355-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Frediano Ziglio discovered that Spice incorrectly handled certain invalid monitor configurations. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libspice-server1 package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
6.5 (CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score
5.2 (CVSS2#E:U/RL:ND/RC:UR)
References
CVE CVE-2017-7506
XREF OSVDB:160977
XREF USN:3355-1
Plugin Information:
Published: 2017/07/20, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libspice-server1_0.12.4-0nocelt2ubuntu1.2
Fixed package : libspice-server1_0.12.4-0nocelt2ubuntu1.5
101835 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : expat vulnerability (USN-3356-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Expat incorrectly handled certain external entities. A remote attacker could possibly use this issue to cause Expat to hang, resulting in a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected lib64expat1 and / or libexpat1 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.9 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
4.1 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-9233
XREF OSVDB:159311
XREF USN:3356-1
Plugin Information:
Published: 2017/07/20, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libexpat1_2.1.0-4ubuntu1.1
Fixed package : libexpat1_2.1.0-4ubuntu1.4
101892 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3357-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.57 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 17.04 have been updated to MySQL 5.7.19.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-56.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-57.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-19.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622 .html.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H)
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
CVSS Temporal Score
4.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-3529
CVE CVE-2017-3633
CVE CVE-2017-3634
CVE CVE-2017-3635
CVE CVE-2017-3636
CVE CVE-2017-3637
CVE CVE-2017-3638
CVE CVE-2017-3639
CVE CVE-2017-3640
CVE CVE-2017-3641
CVE CVE-2017-3642
CVE CVE-2017-3643
CVE CVE-2017-3644
CVE CVE-2017-3645
CVE CVE-2017-3647
CVE CVE-2017-3648
CVE CVE-2017-3649
CVE CVE-2017-3650
CVE CVE-2017-3651
CVE CVE-2017-3652
CVE CVE-2017-3653
XREF OSVDB:161370
XREF OSVDB:161371
XREF OSVDB:161372
XREF OSVDB:161373
XREF OSVDB:161374
XREF OSVDB:161375
XREF OSVDB:161376
XREF OSVDB:161377
XREF OSVDB:161378
XREF OSVDB:161379
XREF OSVDB:161380
XREF OSVDB:161381
XREF OSVDB:161382
XREF OSVDB:161383
XREF OSVDB:161385
XREF OSVDB:161386
XREF OSVDB:161387
XREF OSVDB:161388
XREF OSVDB:161389
XREF OSVDB:161390
XREF OSVDB:161391
XREF USN:3357-1
Plugin Information:
Published: 2017/07/21, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.57-0ubuntu0.14.04.1
102034 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : apache2 vulnerability (USN-3370-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Robert Swiecki discovered that the Apache HTTP Server mod_auth_digest module incorrectly cleared values when processing certain requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial or service, or possibly obtain sensitive information.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apache2-bin package.
Risk Factor
Medium
CVSS v3.0 Base Score
9.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P)
CVSS Temporal Score
4.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-9788
XREF OSVDB:160954
XREF USN:3370-1
Plugin Information:
Published: 2017/07/28, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : apache2-bin_2.4.7-1ubuntu4.8
Fixed package : apache2-bin_2.4.7-1ubuntu4.17
102423 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : git vulnerability (USN-3387-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Brian Neel, Joern Schneeweisz, and Jeff King discovered that Git did not properly handle host names in 'ssh://' URLs. A remote attacker could use this to construct a git repository that when accessed could run arbitrary code with the privileges of the user.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected git package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-1000117
XREF OSVDB:163191
XREF USN:3387-1
Exploitable With
Metasploit (true)
Plugin Information:
Published: 2017/08/11, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : git_1:1.9.1-1ubuntu0.1
Fixed package : git_1:1.9.1-1ubuntu0.6
102583 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : c-ares vulnerability (USN-3395-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that c-ares incorrectly handled certain NAPTR responses. A remote attacker could possibly use this issue to cause applications using c-ares to crash, resulting in a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libc-ares2 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-1000381
XREF OSVDB:159486
XREF USN:3395-1
Plugin Information:
Published: 2017/08/18, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libc-ares2_1.10.0-2
Fixed package : libc-ares2_1.10.0-2ubuntu0.2
102584 - Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3396-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. (CVE-2017-10053)

It was discovered that the JAR verifier in OpenJDK did not properly handle archives containing files missing digests. An attacker could use this to modify the signed contents of a JAR file. (CVE-2017-10067)

It was discovered that integer overflows existed in the Hotspot component of OpenJDK when generating range check loop predicates. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and cause a denial of service or possibly execute arbitrary code.
(CVE-2017-10074)

It was discovered that OpenJDK did not properly process parentheses in function signatures. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10081)

It was discovered that the ThreadPoolExecutor class in OpenJDK did not properly perform access control checks when cleaning up threads. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and possibly execute arbitrary code. (CVE-2017-10087)

It was discovered that the ServiceRegistry implementation in OpenJDK did not perform access control checks in certain situations. An attacker could use this to specially construct an untrusted Java application or applet that escaped sandbox restrictions.
(CVE-2017-10089)

It was discovered that the channel groups implementation in OpenJDK did not properly perform access control checks in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions.
(CVE-2017-10090)

It was discovered that the DTM exception handling code in the JAXP component of OpenJDK did not properly perform access control checks.
An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions.
(CVE-2017-10096)

It was discovered that the JAXP component of OpenJDK incorrectly granted access to some internal resolvers. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10101)

It was discovered that the Distributed Garbage Collector (DGC) in OpenJDK did not properly track references in some situations. A remote attacker could possibly use this to execute arbitrary code.
(CVE-2017-10102)

It was discovered that the Activation ID implementation in the RMI component of OpenJDK did not properly check access control permissions in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10107)

It was discovered that the BasicAttribute class in OpenJDK did not properly bound memory allocation when de-serializing objects. An attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10108)

It was discovered that the CodeSource class in OpenJDK did not properly bound memory allocations when de-serializing object instances. An attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10109)

It was discovered that the AWT ImageWatched class in OpenJDK did not properly perform access control checks, An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions (CVE-2017-10110)

It was discovered that a timing side-channel vulnerability existed in the DSA implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10115)

It was discovered that the LDAP implementation in OpenJDK incorrectly followed references to non-LDAP URLs. An attacker could use this to specially craft an LDAP referral URL that exposes sensitive information or bypass access restrictions. (CVE-2017-10116)

It was discovered that a timing side-channel vulnerability existed in the ECDSA implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10118)

Ilya Maykov discovered that a timing side-channel vulnerability existed in the PKCS#8 implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10135)

It was discovered that the Elliptic Curve (EC) implementation in OpenJDK did not properly compute certain elliptic curve points. An attacker could use this to expose sensitive information.
(CVE-2017-10176)

It was discovered that OpenJDK did not properly perform access control checks when handling Web Service Definition Language (WSDL) XML documents. An attacker could use this to expose sensitive information.
(CVE-2017-10243).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
9.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-10053
CVE CVE-2017-10067
CVE CVE-2017-10074
CVE CVE-2017-10081
CVE CVE-2017-10087
CVE CVE-2017-10089
CVE CVE-2017-10090
CVE CVE-2017-10096
CVE CVE-2017-10101
CVE CVE-2017-10102
CVE CVE-2017-10107
CVE CVE-2017-10108
CVE CVE-2017-10109
CVE CVE-2017-10110
CVE CVE-2017-10115
CVE CVE-2017-10116
CVE CVE-2017-10118
CVE CVE-2017-10135
CVE CVE-2017-10176
CVE CVE-2017-10243
XREF OSVDB:161398
XREF OSVDB:161399
XREF OSVDB:161401
XREF OSVDB:161402
XREF OSVDB:161403
XREF OSVDB:161404
XREF OSVDB:161406
XREF OSVDB:161407
XREF OSVDB:161409
XREF OSVDB:161410
XREF OSVDB:161412
XREF OSVDB:161413
XREF OSVDB:161414
XREF OSVDB:161415
XREF OSVDB:161420
XREF OSVDB:161422
XREF OSVDB:161424
XREF OSVDB:161425
XREF OSVDB:161426
XREF OSVDB:161428
XREF USN:3396-1
Plugin Information:
Published: 2017/08/18, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u151-2.6.11-0ubuntu1.14.04.1

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u151-2.6.11-0ubuntu1.14.04.1

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u151-2.6.11-0ubuntu1.14.04.1
103320 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : gdk-pixbuf vulnerabilities (USN-3418-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that the GDK-PixBuf library did not properly handle certain jpeg images. If an user or automated system were tricked into opening a specially crafted jpeg file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-2862)

It was discovered that the GDK-PixBuf library did not properly handle certain tiff images. If an user or automated system were tricked into opening a specially crafted tiff file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-2870)

Ariel Zelivansky discovered that the GDK-PixBuf library did not properly handle printing certain error messages. If an user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service. (CVE-2017-6311).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libgdk-pixbuf2.0-0 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:U/RC:ND)
References
CVE CVE-2017-2862
CVE CVE-2017-2870
CVE CVE-2017-6311
XREF OSVDB:152377
XREF OSVDB:163855
XREF OSVDB:164333
XREF USN:3418-1
Plugin Information:
Published: 2017/09/19, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libgdk-pixbuf2.0-0_2.30.7-0ubuntu1.2
Fixed package : libgdk-pixbuf2.0-0_2.30.7-0ubuntu1.7
103356 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : apache2 vulnerability (USN-3425-1) (Optionsbleed)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Hanno Bock discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apache2-bin package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
6.9 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
4.1 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-9798
XREF OSVDB:165622
XREF USN:3425-1
Plugin Information:
Published: 2017/09/20, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : apache2-bin_2.4.7-1ubuntu4.8
Fixed package : apache2-bin_2.4.7-1ubuntu4.18
103416 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : samba vulnerabilities (USN-3426-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. (CVE-2017-12150)

Stefan Metzmacher discovered that Samba incorrectly handled encryption across DFS redirects. A remote attacker could use this issue to perform a man in the middle attack. (CVE-2017-12151)

Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote attacker could possibly use this issue to obtain server memory contents. (CVE-2017-12163).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Medium
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score
4.8 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-12150
CVE CVE-2017-12151
CVE CVE-2017-12163
XREF OSVDB:165791
XREF OSVDB:165792
XREF OSVDB:165793
XREF USN:3426-1
Plugin Information:
Published: 2017/09/22, Modified: 2017/12/04
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.11+dfsg-0ubuntu0.14.04.12
103644 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : poppler vulnerabilities (USN-3433-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial service. This issue only affected Ubuntu 17.04. (CVE-2017-14517)

It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. (CVE-2017-14519).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
4.1 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-14517
CVE CVE-2017-14519
XREF OSVDB:165422
XREF OSVDB:165423
XREF USN:3433-1
Plugin Information:
Published: 2017/10/03, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libpoppler44_0.24.5-2ubuntu4.3
Fixed package : libpoppler44_0.24.5-2ubuntu4.6
103731 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : poppler vulnerabilities (USN-3440-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. (CVE-2017-14518, CVE-2017-14520, CVE-2017-14617, CVE-2017-14929, CVE-2017-14975, CVE-2017-14977)

It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. This issue only affected Ubuntu 17.04 and 16.04. (CVE-2017-14926, CVE-2017-14928)

Alberto Garcia, Francisco Oca and Suleman Ali discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. (CVE-2017-9776).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.3 (CVSS2#E:POC/RL:OF/RC:ND)
STIG Severity
I
References
CVE CVE-2017-14518
CVE CVE-2017-14520
CVE CVE-2017-14617
CVE CVE-2017-14926
CVE CVE-2017-14928
CVE CVE-2017-14929
CVE CVE-2017-14975
CVE CVE-2017-14977
CVE CVE-2017-9776
XREF OSVDB:159695
XREF OSVDB:165123
XREF OSVDB:165127
XREF OSVDB:165128
XREF OSVDB:165424
XREF OSVDB:165479
XREF OSVDB:165822
XREF OSVDB:166139
XREF OSVDB:166531
XREF USN:3440-1
XREF IAVB:2017-B-0079
Plugin Information:
Published: 2017/10/09, Modified: 2018/01/31
Plugin Output

tcp/0


- Installed package : libpoppler44_0.24.5-2ubuntu4.3
Fixed package : libpoppler44_0.24.5-2ubuntu4.7
103773 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : curl vulnerabilities (USN-3441-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-9586)

Even Rouault discovered that curl incorrectly handled large file names when doing TFTP transfers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents. (CVE-2017-1000100)

Brian Carpenter and Yongji Ouyang discovered that curl incorrectly handled numerical range globbing. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents. (CVE-2017-1000101)

Max Dymond discovered that curl incorrectly handled FTP PWD responses.
A remote attacker could use this issue to cause curl to crash, resulting in a denial of service. (CVE-2017-1000254)

Brian Carpenter discovered that curl incorrectly handled the
--write-out command line option. A local attacker could possibly use this issue to obtain sensitive memory contents. (CVE-2017-7407).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-9586
CVE CVE-2017-1000100
CVE CVE-2017-1000101
CVE CVE-2017-1000254
CVE CVE-2017-7407
XREF OSVDB:149048
XREF OSVDB:154801
XREF OSVDB:162581
XREF OSVDB:162583
XREF OSVDB:166707
XREF USN:3441-1
Plugin Information:
Published: 2017/10/11, Modified: 2018/05/25
Plugin Output

tcp/0


- Installed package : libcurl3-gnutls_7.35.0-1ubuntu2.5
Fixed package : libcurl3-gnutls_7.35.0-1ubuntu2.11
103780 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3445-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Eyal Itkin discovered that the IP over IEEE 1394 (FireWire) implementation in the Linux kernel contained a buffer overflow when handling fragmented packets. A remote attacker could use this to possibly execute arbitrary code with administrative privileges.
(CVE-2016-8633)

Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-14106).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
6.8 (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
5.9 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
6.2 (CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
4.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-8633
CVE CVE-2017-14106
XREF OSVDB:146778
XREF OSVDB:164514
XREF USN:3445-1
Plugin Information:
Published: 2017/10/11, Modified: 2017/10/30
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-133-generic_3.13.0-133.182

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.133.142
103835 - Ubuntu 14.04 LTS : libffi vulnerability (USN-3454-1) (Stack Clash)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to facilitate executing arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libffi6 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.0 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
5.9 (CVSS:3.0/E:U/RL:X/RC:U)
CVSS Base Score
6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:ND/RC:UC)
References
CVE CVE-2017-1000376
XREF OSVDB:159407
XREF USN:3454-1
Plugin Information:
Published: 2017/10/13, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libffi6_3.1~rc1+r3.0.13-12ubuntu0.1
Fixed package : libffi6_3.1~rc1+r3.0.13-12ubuntu0.2
103863 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : wpa vulnerabilities (USN-3455-1) (KRACK)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information.
(CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected hostapd and / or wpasupplicant packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.1 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVSS v3.0 Temporal Score
7.8 (CVSS:3.0/E:F/RL:U/RC:X)
CVSS Base Score
5.8 (CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:F/RL:U/RC:ND)
STIG Severity
II
References
CVE CVE-2016-4476
CVE CVE-2016-4477
CVE CVE-2017-13077
CVE CVE-2017-13078
CVE CVE-2017-13079
CVE CVE-2017-13080
CVE CVE-2017-13081
CVE CVE-2017-13082
CVE CVE-2017-13086
CVE CVE-2017-13087
CVE CVE-2017-13088
XREF OSVDB:138072
XREF OSVDB:138073
XREF OSVDB:164362
XREF OSVDB:167338
XREF OSVDB:167349
XREF OSVDB:167350
XREF OSVDB:167351
XREF OSVDB:167352
XREF OSVDB:167353
XREF OSVDB:167354
XREF OSVDB:167355
XREF OSVDB:167356
XREF OSVDB:167357
XREF USN:3455-1
XREF IAVA:2017-A-0310
Plugin Information:
Published: 2017/10/17, Modified: 2018/01/31
Plugin Output

tcp/0


- Installed package : wpasupplicant_2.1-0ubuntu1.4
Fixed package : wpasupplicant_2.1-0ubuntu1.5
104118 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : curl vulnerability (USN-3457-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Brian Carpenter discovered that curl incorrectly handled IMAP FETCH response lines. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
9.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P)
CVSS Temporal Score
4.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-1000257
XREF OSVDB:167915
XREF USN:3457-1
Plugin Information:
Published: 2017/10/24, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libcurl3-gnutls_7.35.0-1ubuntu2.5
Fixed package : libcurl3-gnutls_7.35.0-1ubuntu2.12
104120 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3459-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.58 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10 have been updated to MySQL 5.7.20.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-58.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-20.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626 .html.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-10155
CVE CVE-2017-10165
CVE CVE-2017-10167
CVE CVE-2017-10227
CVE CVE-2017-10268
CVE CVE-2017-10276
CVE CVE-2017-10283
CVE CVE-2017-10286
CVE CVE-2017-10294
CVE CVE-2017-10311
CVE CVE-2017-10313
CVE CVE-2017-10314
CVE CVE-2017-10320
CVE CVE-2017-10378
CVE CVE-2017-10379
CVE CVE-2017-10384
XREF OSVDB:167528
XREF OSVDB:167529
XREF OSVDB:167530
XREF OSVDB:167531
XREF OSVDB:167532
XREF OSVDB:167533
XREF OSVDB:167536
XREF OSVDB:167537
XREF OSVDB:167539
XREF OSVDB:167540
XREF OSVDB:167541
XREF OSVDB:167542
XREF OSVDB:167544
XREF OSVDB:167545
XREF OSVDB:167547
XREF OSVDB:167548
XREF USN:3459-1
Plugin Information:
Published: 2017/10/24, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.58-0ubuntu0.14.04.1
104272 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : poppler vulnerability (USN-3467-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-15565
XREF OSVDB:167248
XREF USN:3467-1
Plugin Information:
Published: 2017/10/31, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libpoppler44_0.24.5-2ubuntu4.3
Fixed package : libpoppler44_0.24.5-2ubuntu4.8
104377 - Ubuntu 14.04 LTS : libreoffice vulnerabilities (USN-3472-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Marcin Noga discovered that LibreOffice incorrectly handled PPT documents. If a user were tricked into opening a specially crafted PPT document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. (CVE-2017-12607)

Marcin Noga discovered that LibreOffice incorrectly handled Word documents. If a user were tricked into opening a specially crafted Word document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. (CVE-2017-12608).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libreoffice-core package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:U/RC:ND)
References
CVE CVE-2017-12607
CVE CVE-2017-12608
XREF OSVDB:168137
XREF OSVDB:168138
XREF USN:3472-1
Plugin Information:
Published: 2017/11/03, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libreoffice-core_1:4.2.8-0ubuntu3
Fixed package : libreoffice-core_1:4.2.8-0ubuntu5.2
104432 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : openssl vulnerabilities (USN-3475-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that OpenSSL incorrectly parsed the IPAddressFamily extension in X.509 certificates, resulting in an erroneous display of the certificate in text format. (CVE-2017-3735)

It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery squaring procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04.
(CVE-2017-3736).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.7 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-3735
CVE CVE-2017-3736
XREF OSVDB:164180
XREF OSVDB:168514
XREF USN:3475-1
Plugin Information:
Published: 2017/11/07, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.23
104543 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : perl vulnerabilities (USN-3478-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2017-12837, CVE-2017-12883).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected perl package.
Risk Factor
Medium
CVSS v3.0 Base Score
9.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P)
CVSS Temporal Score
4.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-12837
CVE CVE-2017-12883
XREF OSVDB:165350
XREF OSVDB:165351
XREF USN:3478-1
Plugin Information:
Published: 2017/11/14, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : perl_5.18.2-2ubuntu1
Fixed package : perl_5.18.2-2ubuntu1.3
104739 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : db5.3 vulnerability (USN-3489-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Berkeley DB incorrectly handled certain configuration files. An attacker could possibly use this issue to read sensitive information.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected db5.3-util and / or libdb5.3 packages.
Risk Factor
Medium
CVSS Base Score
4.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
4.4 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2017-10140
XREF OSVDB:158873
XREF USN:3489-1
Plugin Information:
Published: 2017/11/22, Modified: 2018/05/23
Plugin Output

tcp/0


- Installed package : libdb5.3_5.3.28-3ubuntu3
Fixed package : libdb5.3_5.3.28-3ubuntu3.1
104846 - Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3497-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the Smart Card IO subsystem in OpenJDK did not properly maintain state. An attacker could use this to specially construct an untrusted Java application or applet to gain access to a smart card, bypassing sandbox restrictions. (CVE-2017-10274)

Gaston Traberg discovered that the Serialization component of OpenJDK did not properly limit the amount of memory allocated when performing deserializations. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2017-10281)

It was discovered that the Remote Method Invocation (RMI) component in OpenJDK did not properly handle unreferenced objects. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10285)

It was discovered that the HTTPUrlConnection classes in OpenJDK did not properly handle newlines. An attacker could use this to convince a Java application or applet to inject headers into http requests.
(CVE-2017-10295)

Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Serialization component of OpenJDK did not properly restrict the amount of memory allocated when deserializing objects from Java Cryptography Extension KeyStore (JCEKS). An attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2017-10345)

It was discovered that the Hotspot component of OpenJDK did not properly perform loader checks when handling the invokespecial JVM instruction. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10346)

Gaston Traberg discovered that the Serialization component of OpenJDK did not properly limit the amount of memory allocated when performing deserializations in the SimpleTimeZone class. An attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2017-10347)

It was discovered that the Serialization component of OpenJDK did not properly limit the amount of memory allocated when performing deserializations. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2017-10348, CVE-2017-10357)

It was discovered that the JAXP component in OpenJDK did not properly limit the amount of memory allocated when performing deserializations.
An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2017-10349)

It was discovered that the JAX-WS component in OpenJDK did not properly limit the amount of memory allocated when performing deserializations. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2017-10350)

It was discovered that the Networking component of OpenJDK did not properly set timeouts on FTP client actions. A remote attacker could use this to cause a denial of service (application hang).
(CVE-2017-10355)

Francesco Palmarini, Marco Squarcina, Mauro Tempesta, Riccardo Focardi, and Tobias Ospelt discovered that the Security component in OpenJDK did not sufficiently protect password-based encryption keys in key stores. An attacker could use this to expose sensitive information. (CVE-2017-10356)

Jeffrey Altman discovered that the Kerberos client implementation in OpenJDK incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network services or perform other attacks. (CVE-2017-10388).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
9.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.0 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-10274
CVE CVE-2017-10281
CVE CVE-2017-10285
CVE CVE-2017-10295
CVE CVE-2017-10345
CVE CVE-2017-10346
CVE CVE-2017-10347
CVE CVE-2017-10348
CVE CVE-2017-10349
CVE CVE-2017-10350
CVE CVE-2017-10355
CVE CVE-2017-10356
CVE CVE-2017-10357
CVE CVE-2017-10388
XREF OSVDB:167507
XREF OSVDB:167508
XREF OSVDB:167509
XREF OSVDB:167511
XREF OSVDB:167512
XREF OSVDB:167515
XREF OSVDB:167516
XREF OSVDB:167517
XREF OSVDB:167518
XREF OSVDB:167519
XREF OSVDB:167520
XREF OSVDB:167521
XREF OSVDB:167524
XREF OSVDB:167526
XREF USN:3497-1
Plugin Information:
Published: 2017/11/29, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u151-2.6.11-2ubuntu0.14.04.1

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u151-2.6.11-2ubuntu0.14.04.1

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u151-2.6.11-2ubuntu0.14.04.1
104884 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxcursor vulnerability (USN-3501-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that libxcursor incorrectly handled certain files.
An attacker could use these issues to cause libxcursor to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxcursor1 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-16612
XREF OSVDB:169990
XREF USN:3501-1
Plugin Information:
Published: 2017/11/30, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libxcursor1_1:1.1.14-1
Fixed package : libxcursor1_1:1.1.14-1ubuntu0.14.04.1
105037 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxml2 vulnerability (USN-3504-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-16932
XREF OSVDB:159287
XREF OSVDB:161923
XREF OSVDB:167351
XREF OSVDB:167352
XREF OSVDB:170014
XREF OSVDB:170015
XREF USN:3504-1
Plugin Information:
Published: 2017/12/06, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libxml2_2.9.1+dfsg1-3ubuntu4.5
Fixed package : libxml2_2.9.1+dfsg1-3ubuntu4.11

- Installed package : libxml2-utils_2.9.1+dfsg1-3ubuntu4.5
Fixed package : libxml2-utils_2.9.1+dfsg1-3ubuntu4.11
105650 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : poppler vulnerabilities (USN-3517-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could execute arbitrary. (CVE-2017-1000456)

It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2017-14976).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
3.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-1000456
CVE CVE-2017-14976
XREF OSVDB:165480
XREF OSVDB:167249
XREF USN:3517-1
Plugin Information:
Published: 2018/01/08, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libpoppler44_0.24.5-2ubuntu4.3
Fixed package : libpoppler44_0.24.5-2ubuntu4.9
105687 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : tomcat7, tomcat8 vulnerabilities (USN-3519-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Tomcat incorrectly handled certain pipelined requests when sendfile was used. A remote attacker could use this issue to obtain wrong responses possibly containing sensitive information. (CVE-2017-5647)

It was discovered that Tomcat incorrectly used the appropriate facade object. A malicious application could possibly use this to bypass Security Manager restrictions. (CVE-2017-5648)

It was discovered that Tomcat incorrectly handled error pages. A remote attacker could possibly use this issue to replace or remove the custom error page. (CVE-2017-5664)

It was discovered that Tomcat incorrectly handled the CORS filter. A remote attacker could possibly use this issue to perform cache poisoning. (CVE-2017-7674).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
9.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVSS v3.0 Temporal Score
8.2 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSS Temporal Score
5.0 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-5647
CVE CVE-2017-5648
CVE CVE-2017-5664
CVE CVE-2017-7674
XREF OSVDB:155233
XREF OSVDB:155234
XREF OSVDB:158615
XREF OSVDB:163109
XREF USN:3519-1
Plugin Information:
Published: 2018/01/09, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libtomcat7-java_7.0.52-1ubuntu0.3
Fixed package : libtomcat7-java_7.0.52-1ubuntu0.13

- Installed package : tomcat7_7.0.52-1ubuntu0.3
Fixed package : tomcat7_7.0.52-1ubuntu0.13
105727 - Ubuntu 14.04 LTS : linux vulnerability (USN-3524-1) (Meltdown)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.6 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.4 (CVSS:3.0/E:F/RL:U/RC:X)
CVSS Base Score
4.7 (CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N)
CVSS Temporal Score
4.5 (CVSS2#E:F/RL:U/RC:ND)
STIG Severity
I
References
CVE CVE-2017-5754
XREF OSVDB:171894
XREF USN:3524-1
XREF IAVA:2018-A-0019
Plugin Information:
Published: 2018/01/10, Modified: 2018/01/31
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-139-generic_3.13.0-139.188

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.139.148
106074 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : gdk-pixbuf vulnerabilities (USN-3532-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discoreved that GDK-PixBuf incorrectly handled certain gif images. An attacker could use this to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2017-1000422)

Ariel Zelivansky discovered that GDK-PixBuf incorrectly handled certain images. An attacker could use this to cause a denial of service. (CVE-2017-6312, CVE-2017-6313)

Ariel Zelivansky discovered that GDK-PixBuf incorrectly handled large TIFF files. An attacker could use this to cause a denial of service.
(CVE-2017-6314).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libgdk-pixbuf2.0-0 package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.1 (CVSS2#E:POC/RL:U/RC:ND)
References
CVE CVE-2017-1000422
CVE CVE-2017-6312
CVE CVE-2017-6313
CVE CVE-2017-6314
XREF OSVDB:152374
XREF OSVDB:152375
XREF OSVDB:152376
XREF OSVDB:171816
XREF USN:3532-1
Plugin Information:
Published: 2018/01/16, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libgdk-pixbuf2.0-0_2.30.7-0ubuntu1.2
Fixed package : libgdk-pixbuf2.0-0_2.30.7-0ubuntu1.8
106272 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3542-1) (Spectre)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only) and amd64 architectures.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.6 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.4 (CVSS:3.0/E:F/RL:X/RC:X)
CVSS Base Score
4.7 (CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N)
CVSS Temporal Score
4.5 (CVSS2#E:F/RL:ND/RC:ND)
STIG Severity
I
References
CVE CVE-2017-5715
CVE CVE-2017-5753
XREF OSVDB:171888
XREF OSVDB:171897
XREF USN:3542-1
XREF IAVA:2018-A-0020
Exploitable With
CANVAS (true)
Plugin Information:
Published: 2018/01/23, Modified: 2018/05/25
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-141-generic_3.13.0-141.190

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.141.151
106558 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : curl vulnerabilities (USN-3554-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that curl incorrectly handled certain data. An attacker could possibly use this to cause a denial of service or even to get access to sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10.

It was discovered that curl could accidentally leak authentication data. An attacker could possibly use this to get access to sensitive information. (CVE-2018-1000007).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P)
CVSS Temporal Score
4.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2018-1000005
CVE CVE-2018-1000007
XREF OSVDB:173421
XREF OSVDB:173444
XREF USN:3554-1
Plugin Information:
Published: 2018/02/01, Modified: 2018/02/20
Plugin Output

tcp/0


- Installed package : libcurl3-gnutls_7.35.0-1ubuntu2.5
Fixed package : libcurl3-gnutls_7.35.0-1ubuntu2.14
106581 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : w3m vulnerabilities (USN-3555-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that w3m incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service.
(CVE-2018-6196, CVE-2018-6197)

It was discovered that w3m incorrectly handled temporary files. An attacker could possibly use this to overwrite arbitrary files.
(CVE-2018-6198).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected w3m package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
References
CVE CVE-2018-6196
CVE CVE-2018-6197
CVE CVE-2018-6198
XREF USN:3555-1
Plugin Information:
Published: 2018/02/02, Modified: 2018/02/12
Plugin Output

tcp/0


- Installed package : w3m_0.5.3-15
Fixed package : w3m_0.5.3-15ubuntu0.2
106619 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : squid3 vulnerabilities (USN-3557-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Mathias Fischer discovered that Squid incorrectly handled certain long strings in headers. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-2569)

William Lima discovered that Squid incorrectly handled XML parsing when processing Edge Side Includes (ESI). A malicious remote server could possibly cause Squid to crash, resulting in a denial of service.
This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-2570)

Alex Rousskov discovered that Squid incorrectly handled response-parsing failures. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS. (CVE-2016-2571)

Santiago Ruano Rincon discovered that Squid incorrectly handled certain Vary headers. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-3948)

Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge Side Includes (ESI) responses. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service.
(CVE-2018-1000024)

Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge Side Includes (ESI) responses. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service.
(CVE-2018-1000027).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected squid3 package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
References
Plugin Information:
Published: 2018/02/06, Modified: 2018/02/06
Plugin Output

tcp/0


- Installed package : squid3_3.3.8-1ubuntu6.4
Fixed package : squid3_3.3.8-1ubuntu6.11
106676 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : qemu update (USN-3560-1) (Spectre)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory.

This update allows QEMU to expose new CPU features added by microcode updates to guests on amd64, i386, and s390x. On amd64 and i386, new CPU models that match the updated microcode features were added with an -IBRS suffix. Certain environments will require guests to be switched manually to the new CPU models after microcode updates have been applied to the host.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected qemu-system, qemu-system-s390x and / or qemu-system-x86 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.6 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.4 (CVSS:3.0/E:F/RL:X/RC:X)
CVSS Base Score
4.7 (CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N)
CVSS Temporal Score
4.5 (CVSS2#E:F/RL:ND/RC:ND)
STIG Severity
I
References
CVE CVE-2017-5715
XREF OSVDB:171897
XREF USN:3560-1
XREF IAVA:2018-A-0020
Plugin Information:
Published: 2018/02/08, Modified: 2018/02/20
Plugin Output

tcp/0


- Installed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.20
Fixed package : qemu-system-x86_2.0.0+dfsg-2ubuntu1.38
106677 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvirt update (USN-3561-1) (Spectre)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory.

This update allows libvirt to expose new CPU features added by microcode updates to guests. On amd64 and i386, new CPU models that match the updated microcode features were added with an -IBRS suffix.
Certain environments will require guests to be switched manually to the new CPU models after microcode updates have been applied to the host.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libvirt-bin and / or libvirt0 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.6 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.4 (CVSS:3.0/E:F/RL:X/RC:X)
CVSS Base Score
4.7 (CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N)
CVSS Temporal Score
4.5 (CVSS2#E:F/RL:ND/RC:ND)
STIG Severity
I
References
CVE CVE-2017-5715
XREF OSVDB:171897
XREF USN:3561-1
XREF IAVA:2018-A-0020
Plugin Information:
Published: 2018/02/08, Modified: 2018/02/20
Plugin Output

tcp/0


- Installed package : libvirt-bin_1.2.2-0ubuntu13.1.14
Fixed package : libvirt-bin_1.2.2-0ubuntu13.1.25

- Installed package : libvirt0_1.2.2-0ubuntu13.1.14
Fixed package : libvirt0_1.2.2-0ubuntu13.1.25
106928 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvirt vulnerabilities (USN-3576-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5008)

Daniel P. Berrange discovered that libvirt incorrectly handled validating SSL/TLS certificates. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 17.10. (CVE-2017-1000256)

Daniel P. Berrange and Peter Krempa discovered that libvirt incorrectly handled large QEMU replies. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2018-5748)

Pedro Sampaio discovered that libvirt incorrectly handled the libnss_dns.so module. An attacker in a libvirt_lxc session could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2018-6764).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libvirt-bin and / or libvirt0 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
9.0 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-5008
CVE CVE-2017-1000256
CVE CVE-2018-5748
CVE CVE-2018-6764
XREF OSVDB:140745
XREF OSVDB:167402
XREF OSVDB:173101
XREF OSVDB:174212
XREF USN:3576-1
Plugin Information:
Published: 2018/02/21, Modified: 2018/02/23
Plugin Output

tcp/0


- Installed package : libvirt-bin_1.2.2-0ubuntu13.1.14
Fixed package : libvirt-bin_1.2.2-0ubuntu13.1.26

- Installed package : libvirt0_1.2.2-0ubuntu13.1.14
Fixed package : libvirt0_1.2.2-0ubuntu13.1.26
106945 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libreoffice vulnerability (USN-3579-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that =WEBSERVICE calls in a document could be used to read arbitrary files. If a user were tricked in to opening a specially crafted document, a remote attacker could exploit this to obtain sensitive information. (CVE-2018-6871).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libreoffice-core package.
Risk Factor
Medium
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
4.8 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2018-6871
XREF OSVDB:174392
XREF USN:3579-1
Plugin Information:
Published: 2018/02/22, Modified: 2018/03/05
Plugin Output

tcp/0


- Installed package : libreoffice-core_1:4.2.8-0ubuntu3
Fixed package : libreoffice-core_1:4.2.8-0ubuntu5.3
107023 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : sensible-utils vulnerability (USN-3584-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Gabriel Corona discovered that sensible-utils incorrectly validated strings when launcher a browser with the sensible-browser tool. A remote attacker could possibly use this issue with a specially crafted URL to conduct an argument injection attack and execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected sensible-utils package.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
CVE CVE-2017-17512
XREF USN:3584-1
Plugin Information:
Published: 2018/02/27
Plugin Output

tcp/0


- Installed package : sensible-utils_0.0.9
Fixed package : sensible-utils_0.0.9ubuntu0.14.04.1
107293 - Ubuntu 14.04 LTS : linux vulnerability (USN-3594-1) (Spectre)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
USN-3542-1 mitigated CVE-2017-5715 (Spectre Variant 2) for the amd64 architecture in Ubuntu 14.04 LTS. This update provides the compiler-based retpoline kernel mitigation for the amd64 and i386 architectures. Original advisory details :

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.6 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)
CVSS Base Score
4.7 (CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N)
STIG Severity
I
References
CVE CVE-2017-5715
XREF USN:3594-1
XREF IAVA:2018-A-0020
Plugin Information:
Published: 2018/03/12, Modified: 2018/03/14
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-143-generic_3.13.0-143.192

- Installed package : linux-image-generic_3.13.0.62.69
Fixed package : linux-image-generic_3.13.0.143.153
108335 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : samba vulnerabilities (USN-3595-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Bjorn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users.
(CVE-2018-1057)

It was discovered that Samba incorrectly validated inputs to the RPC spoolss service. An authenticated attacker could use this issue to cause the service to crash, resulting in a denial of service.
(CVE-2018-1050).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba and / or samba-dsdb-modules packages.
Risk Factor
Medium
CVSS Base Score
6.5 (CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
References
CVE CVE-2018-1050
CVE CVE-2018-1057
XREF USN:3595-1
Plugin Information:
Published: 2018/03/14, Modified: 2018/04/16
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.11+dfsg-0ubuntu0.14.04.14

- Installed package : samba-dsdb-modules_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba-dsdb-modules_2:4.3.11+dfsg-0ubuntu0.14.04.14
108513 - Ubuntu 14.04 LTS / 16.04 LTS : tiff vulnerabilities (USN-3602-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libtiff-tools and / or libtiff5 packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
Plugin Information:
Published: 2018/03/21, Modified: 2018/03/21
Plugin Output

tcp/0


- Installed package : libtiff5_4.0.3-7ubuntu0.3
Fixed package : libtiff5_4.0.3-7ubuntu0.8
108583 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : sharutils vulnerability (USN-3605-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Sharutils incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected sharutils package.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
CVE CVE-2018-1000097
XREF USN:3605-1
Plugin Information:
Published: 2018/03/23, Modified: 2018/04/16
Plugin Output

tcp/0


- Installed package : sharutils_1:4.14-1ubuntu1
Fixed package : sharutils_1:4.14-1ubuntu1.1
108709 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : openssl vulnerability (USN-3611-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that OpenSSL incorrectly handled certain ASN.1 types. A remote attacker could possibly use this issue to cause a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
References
CVE CVE-2018-0739
XREF USN:3611-1
Plugin Information:
Published: 2018/03/29, Modified: 2018/04/25
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.24
108794 - Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3614-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. (CVE-2018-2579)

It was discovered that the LDAP implementation in OpenJDK did not properly encode login names. A remote attacker could possibly use this to expose sensitive information. (CVE-2018-2588)

It was discovered that the DNS client implementation in OpenJDK did not properly randomize source ports. A remote attacker could use this to spoof responses to DNS queries made by Java applications.
(CVE-2018-2599)

It was discovered that the Internationalization component of OpenJDK did not restrict search paths when loading resource bundle classes. A local attacker could use this to trick a user into running malicious code. (CVE-2018-2602)

It was discovered that OpenJDK did not properly restrict memory allocations when parsing DER input. A remote attacker could possibly use this to cause a denial of service. (CVE-2018-2603)

It was discovered that the Java Cryptography Extension (JCE) implementation in OpenJDK in some situations did guarantee sufficient strength of keys during key agreement. An attacker could use this to expose sensitive information. (CVE-2018-2618)

It was discovered that the Java GSS implementation in OpenJDK in some situations did not properly handle GSS contexts in the native GSS library. An attacker could possibly use this to access unauthorized resources. (CVE-2018-2629)

It was discovered that the LDAP implementation in OpenJDK did not properly handle LDAP referrals in some situations. An attacker could possibly use this to expose sensitive information or gain unauthorized privileges. (CVE-2018-2633)

It was discovered that the Java GSS implementation in OpenJDK in some situations did not properly apply subject credentials. An attacker could possibly use this to expose sensitive information or gain access to unauthorized resources. (CVE-2018-2634)

It was discovered that the Java Management Extensions (JMX) component of OpenJDK did not properly apply deserialization filters in some situations. An attacker could use this to bypass deserialization restrictions. (CVE-2018-2637)

It was discovered that a use-after-free vulnerability existed in the AWT component of OpenJDK when loading the GTK library. An attacker could possibly use this to execute arbitrary code and escape Java sandbox restrictions. (CVE-2018-2641)

It was discovered that in some situations OpenJDK did not properly validate objects when performing deserialization. An attacker could use this to cause a denial of service (application crash or excessive memory consumption). (CVE-2018-2663)

It was discovered that the AWT component of OpenJDK did not properly restrict the amount of memory allocated when deserializing some objects. An attacker could use this to cause a denial of service (excessive memory consumption). (CVE-2018-2677)

It was discovered that the JNDI component of OpenJDK did not properly restrict the amount of memory allocated when deserializing objects in some situations. An attacker could use this to cause a denial of service (excessive memory consumption). (CVE-2018-2678).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
8.3 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
References
Plugin Information:
Published: 2018/04/03, Modified: 2018/04/03
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u171-2.6.13-0ubuntu0.14.04.2

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u171-2.6.13-0ubuntu0.14.04.2

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u171-2.6.13-0ubuntu0.14.04.2
108833 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : python-crypto vulnerability (USN-3616-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Python Crypto incorrectly generated ElGamal key parameters. A remote attacker could possibly use this issue to obtain sensitive information.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected python-crypto and / or python3-crypto packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
References
CVE CVE-2018-6594
XREF USN:3616-1
Plugin Information:
Published: 2018/04/04, Modified: 2018/04/04
Plugin Output

tcp/0


- Installed package : python-crypto_2.6.1-4build1
Fixed package : python-crypto_2.6.1-4ubuntu0.3
108950 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : wayland vulnerability (USN-3622-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the Wayland Xcursor support incorrectly handled certain files. An attacker could use these issues to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
References
CVE CVE-2017-16612
XREF USN:3622-1
Plugin Information:
Published: 2018/04/10, Modified: 2018/04/10
Plugin Output

tcp/0


- Installed package : libwayland-cursor0_1.4.0-1ubuntu1
Fixed package : libwayland-cursor0_1.4.0-1ubuntu1.1
109002 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : patch vulnerabilities (USN-3624-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this to cause a denial of service.
(CVE-2016-10713)

It was discovered that Patch incorrectly handled certain input validation. An attacker could possibly use this to execute arbitrary code. (CVE-2018-1000156)

It was discovered that Patch incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service.
(CVE-2018-6951).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected patch package.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
CVE CVE-2016-10713
CVE CVE-2018-1000156
CVE CVE-2018-6951
XREF USN:3624-1
Plugin Information:
Published: 2018/04/11, Modified: 2018/05/16
Plugin Output

tcp/0


- Installed package : patch_2.7.1-4ubuntu2.3
Fixed package : patch_2.7.1-4ubuntu2.4
109199 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : apache2 vulnerabilities (USN-3627-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server mod_authnz_ldap module incorrectly handled missing charset encoding headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2017-15710)

Elar Lang discovered that the Apache HTTP Server incorrectly handled certain characters specified in <FilesMatch>. A remote attacker could possibly use this issue to upload certain files, contrary to expectations. (CVE-2017-15715)

It was discovered that the Apache HTTP Server mod_session module incorrectly handled certain headers. A remote attacker could possibly use this issue to influence session data. (CVE-2018-1283)

Robert Swiecki discovered that the Apache HTTP Server incorrectly handled certain requests. A remote attacker could possibly use this issue to cause the server to crash, leading to a denial of service.
(CVE-2018-1301)

Robert Swiecki discovered that the Apache HTTP Server mod_cache_socache module incorrectly handled certain headers. A remote attacker could possibly use this issue to cause the server to crash, leading to a denial of service. (CVE-2018-1303)

Nicolas Daniels discovered that the Apache HTTP Server incorrectly generated the nonce when creating HTTP Digest authentication challenges. A remote attacker could possibly use this issue to replay HTTP requests across a cluster of servers. (CVE-2018-1312).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected apache2-bin package.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
STIG Severity
I
References
CVE CVE-2017-15710
CVE CVE-2017-15715
CVE CVE-2018-1283
CVE CVE-2018-1301
CVE CVE-2018-1303
CVE CVE-2018-1312
XREF USN:3627-1
XREF IAVA:2018-A-0089
Plugin Information:
Published: 2018/04/20, Modified: 2018/04/25
Plugin Output

tcp/0


- Installed package : apache2-bin_2.4.7-1ubuntu4.8
Fixed package : apache2-bin_2.4.7-1ubuntu4.20
109200 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : openssl vulnerability (USN-3628-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssl1.0.0 package.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
CVE CVE-2018-0737
XREF USN:3628-1
Plugin Information:
Published: 2018/04/20, Modified: 2018/05/24
Plugin Output

tcp/0


- Installed package : libssl1.0.0_1.0.1f-1ubuntu2.15
Fixed package : libssl1.0.0_1.0.1f-1ubuntu2.25
109311 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3629-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.60 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.22.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-60.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-22.html http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067 .html.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C)
References
Plugin Information:
Published: 2018/04/24, Modified: 2018/04/26
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.60-0ubuntu0.14.04.1
109681 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : wget vulnerability (USN-3643-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
It was discovered that Wget incorrectly handled certain inputs. An attacker could possibly use this to inject arbitrary cookie values.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected wget package.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
References
CVE CVE-2018-0494
XREF USN:3643-1
Plugin Information:
Published: 2018/05/10, Modified: 2018/06/13
Plugin Output

tcp/0


- Installed package : wget_1.15-1ubuntu1.14.04.1
Fixed package : wget_1.15-1ubuntu1.14.04.4
109812 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : php5, php7.0, php7.1, php7.2 vulnerabilities (USN-3646-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain sensitive information from another user's PHP applications. (CVE-2018-10545)

It was discovered that the PHP iconv stream filter incorrect handled certain invalid multibyte sequences. A remote attacker could possibly use this issue to cause PHP to hang, resulting in a denial of service.
(CVE-2018-10546)

It was discovered that the PHP PHAR error pages incorrectly filtered certain data. A remote attacker could possibly use this issue to perform a reflected XSS attack. (CVE-2018-10547)

It was discovered that PHP incorrectly handled LDAP. A malicious remote LDAP server could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2018-10548)

It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.10, and Ubuntu 18.04 LTS.
(CVE-2018-10549).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
STIG Severity
I
References
CVE CVE-2018-10545
CVE CVE-2018-10546
CVE CVE-2018-10547
CVE CVE-2018-10548
CVE CVE-2018-10549
XREF USN:3646-1
XREF IAVB:2018-B-0058
Plugin Information:
Published: 2018/05/15, Modified: 2018/06/07
Plugin Output

tcp/0


- Installed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.14
Fixed package : libapache2-mod-php5_5.5.9+dfsg-1ubuntu4.25

- Installed package : php5-cli_5.5.9+dfsg-1ubuntu4.14
Fixed package : php5-cli_5.5.9+dfsg-1ubuntu4.25
109863 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : poppler vulnerabilities (USN-3647-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that poppler incorrectly handled certain PDF files.
An attacker could possibly use this to cause a denial of service.
(CVE-2017-18267)

It was discovered that poppler incorrectly handled certain PDF files.
An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-10768).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
References
CVE CVE-2017-18267
CVE CVE-2018-10768
XREF USN:3647-1
Plugin Information:
Published: 2018/05/16, Modified: 2018/06/13
Plugin Output

tcp/0


- Installed package : libpoppler44_0.24.5-2ubuntu4.3
Fixed package : libpoppler44_0.24.5-2ubuntu4.11
110382 - Ubuntu 14.04 LTS / 16.04 LTS : elfutils vulnerabilities (USN-3670-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Agostino Sarubbo discovered that elfutils incorrectly handled certain malformed ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, elfutils could be made to crash or consume resources, resulting in a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
References
Plugin Information:
Published: 2018/06/06, Modified: 2018/06/06
Plugin Output

tcp/0


- Installed package : libelf1_0.158-0ubuntu5.2
Fixed package : libelf1_0.158-0ubuntu5.3
110475 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : gnupg, gnupg2 vulnerabilities (USN-3675-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the status of the cryptographic operation reported by GnuPG. (CVE-2018-12020)

Lance Vick discovered that GnuPG did not enforce configurations where key certification required an offline master Certify key. An attacker with access to a signing subkey could generate certifications that appeared to be valid. This issue only affected Ubuntu 18.04 LTS.
(CVE-2018-9234).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected gnupg and / or gpg packages.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
STIG Severity
I
References
CVE CVE-2018-12020
CVE CVE-2018-9234
XREF USN:3675-1
XREF IAVA:2018-A-0193
Plugin Information:
Published: 2018/06/12, Modified: 2018/06/21
Plugin Output

tcp/0


- Installed package : gnupg_1.4.16-1ubuntu2.3
Fixed package : gnupg_1.4.16-1ubuntu2.5
110515 - Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : libvirt vulnerability and update (USN-3680-1) (Spectre)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows libvirt to expose new CPU features added by microcode updates to guests. (CVE-2018-3639)

Daniel P. Berrange discovered that libvirt incorrectly handled the QEMU guest agent. An attacker could possibly use this issue to consume resources, leading to a denial of service. (CVE-2018-1064).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libvirt-bin and / or libvirt0 packages.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
References
CVE CVE-2018-1064
CVE CVE-2018-3639
XREF USN:3680-1
Plugin Information:
Published: 2018/06/13, Modified: 2018/06/13
Plugin Output

tcp/0


- Installed package : libvirt-bin_1.2.2-0ubuntu13.1.14
Fixed package : libvirt-bin_1.2.2-0ubuntu13.1.27

- Installed package : libvirt0_1.2.2-0ubuntu13.1.14
Fixed package : libvirt0_1.2.2-0ubuntu13.1.27
110662 - Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3691-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. (CVE-2018-2790)

Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Security component of OpenJDK did not restrict which classes could be used when deserializing keys from the JCEKS key stores. An attacker could use this to specially craft a JCEKS key store to execute arbitrary code. (CVE-2018-2794)

It was discovered that the Security component of OpenJDK in some situations did not properly limit the amount of memory allocated when performing deserialization. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-2795)

It was discovered that the Concurrency component of OpenJDK in some situations did not properly limit the amount of memory allocated when performing deserialization. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-2796)

It was discovered that the JMX component of OpenJDK in some situations did not properly limit the amount of memory allocated when performing deserialization. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-2797)

It was discovered that the AWT component of OpenJDK in some situations did not properly limit the amount of memory allocated when performing deserialization. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-2798)

It was discovered that the JAXP component of OpenJDK in some situations did not properly limit the amount of memory allocated when performing deserialization. An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-2799)

Moritz Bechler discovered that the RMI component of OpenJDK enabled HTTP transport for RMI servers by default. A remote attacker could use this to gain access to restricted services. (CVE-2018-2800)

It was discovered that a vulnerability existed in the Hotspot component of OpenJDK affecting confidentiality, data integrity, and availability. An attacker could use this to specially craft an Java application that caused a denial of service or bypassed sandbox restrictions. (CVE-2018-2814)

Apostolos Giannakidis discovered that the Serialization component of OpenJDK did not properly bound memory allocations in some situations.
An attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-2815).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected packages.
Risk Factor
Medium
CVSS Base Score
5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
References
Plugin Information:
Published: 2018/06/22, Modified: 2018/06/22
Plugin Output

tcp/0


- Installed package : icedtea-7-jre-jamvm_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : icedtea-7-jre-jamvm_7u181-2.6.14-0ubuntu0.1

- Installed package : openjdk-7-jre_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre_7u181-2.6.14-0ubuntu0.1

- Installed package : openjdk-7-jre-headless_7u79-2.5.6-0ubuntu1.14.04.1
Fixed package : openjdk-7-jre-headless_7u181-2.6.14-0ubuntu0.1
86190 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2748-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. (CVE-2015-5697)

Marc-Andre Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). (CVE-2015-6252).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-image-3.13-generic, linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency packages.
Risk Factor
Low
CVSS Base Score
2.1 (CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
1.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-5697
CVE CVE-2015-6252
XREF OSVDB:125431
XREF OSVDB:126403
XREF USN:2748-1
Plugin Information:
Published: 2015/09/29, Modified: 2016/10/26
Plugin Output

tcp/0


- Installed package : linux-image-3.13.0-62-generic_3.13.0-62.102
Fixed package : linux-image-3.13.0-65-generic_3.13.0-65.105
91422 - Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : dosfstools vulnerabilities (USN-2986-1)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Hanno Bock discovered that dosfstools incorrectly handled certain malformed filesystems. A local attacker could use this issue to cause dosfstools to crash, resulting in a denial of service, or possibly execute arbitrary code.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected dosfstools package.
Risk Factor
Low
CVSS v3.0 Base Score
6.2 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
2.1 (CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
1.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2015-8872
CVE CVE-2016-4804
XREF OSVDB:138403
XREF OSVDB:138404
XREF OSVDB:138508
XREF USN:2986-1
Plugin Information:
Published: 2016/06/01, Modified: 2016/12/01
Plugin Output

tcp/0


- Installed package : dosfstools_3.0.26-1
Fixed package : dosfstools_3.0.26-1ubuntu0.1
94287 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3109-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.53 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 16.10 have been updated to MySQL 5.7.16.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-53.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-16.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722 .html.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages.
Risk Factor
Low
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
4.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
3.5 (CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N)
CVSS Temporal Score
2.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-5584
CVE CVE-2016-7440
XREF OSVDB:144833
XREF OSVDB:145998
XREF USN:3109-1
Plugin Information:
Published: 2016/10/26, Modified: 2016/12/21
Plugin Output

tcp/0


- Installed package : mysql-server-5.5_5.5.46-0ubuntu0.14.04.2
Fixed package : mysql-server-5.5_5.5.53-0ubuntu0.14.04.1
94465 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : dbus vulnerabilities (USN-3116-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that DBus incorrectly validated the source of ActivationFailure signals. A local attacker could use this issue to cause a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-0245)

It was discovered that DBus incorrectly handled certain format strings. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue is only exposed to unprivileged users when the fix for CVE-2015-0245 is not applied, hence this issue is only likely to affect Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 16.10 have been updated as a preventative measure in the event that a new attack vector for this issue is discovered. (No CVE number).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected dbus and / or libdbus-1-3 packages.
Risk Factor
Low
CVSS Base Score
1.9 (CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
1.6 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2015-0245
XREF OSVDB:118407
XREF USN:3116-1
Plugin Information:
Published: 2016/11/02, Modified: 2016/11/04
Plugin Output

tcp/0


- Installed package : dbus_1.6.18-0ubuntu4.3
Fixed package : dbus_1.6.18-0ubuntu4.4

- Installed package : libdbus-1-3_1.6.18-0ubuntu4.3
Fixed package : libdbus-1-3_1.6.18-0ubuntu4.4
96336 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : exim4 vulnerability (USN-3164-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
Bjoern Jacke discovered that Exim incorrectly handled DKIM keys. In certain configurations, private DKIM signing keys could be leaked to the log files.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected exim4-daemon-heavy and / or exim4-daemon-light packages.
Risk Factor
Low
CVSS v3.0 Base Score
5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
5.4 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
2.1 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-9963
XREF OSVDB:148832
XREF USN:3164-1
Plugin Information:
Published: 2017/01/06, Modified: 2017/08/16
Plugin Output

tcp/0


- Installed package : exim4-daemon-light_4.82-3ubuntu2
Fixed package : exim4-daemon-light_4.82-3ubuntu2.2
99122 - Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : samba regression (USN-3242-2)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
USN-3242-1 fixed a vulnerability in Samba. The upstream fix introduced a regression when Samba is configured to disable following symbolic links.

This update fixes the problem.

Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected samba package.
Risk Factor
Low
CVSS Base Score
1.2 (CVSS2#AV:L/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
1.0 (CVSS2#E:F/RL:OF/RC:ND)
References
XREF OSVDB:154257
XREF USN:3242-2
Plugin Information:
Published: 2017/03/31, Modified: 2017/08/16
Plugin Output

tcp/0


- Installed package : samba_2:4.1.6+dfsg-1ubuntu2.14.04.9
Fixed package : samba_2:4.3.11+dfsg-0ubuntu0.14.04.7
100920 - Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : exim4 vulnerability (USN-3322-1) (Stack Clash)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that Exim did not properly deallocate memory when processing certain command line arguments. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code and gain administrative privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected exim4-daemon-heavy and / or exim4-daemon-light packages.
Risk Factor
Low
CVSS v3.0 Base Score
4.0 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
3.7 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
2.1 (CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
1.7 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-1000369
XREF OSVDB:159408
XREF USN:3322-1
Plugin Information:
Published: 2017/06/20, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : exim4-daemon-light_4.82-3ubuntu2
Fixed package : exim4-daemon-light_4.82-3ubuntu2.3
103187 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : bluez vulnerability (USN-3413-1) (BlueBorne)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that an information disclosure vulnerability existed in the Service Discovery Protocol (SDP) implementation in BlueZ. A physically proximate unauthenticated attacker could use this to disclose sensitive information. (CVE-2017-1000250).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected bluez and / or libbluetooth3 packages.
Risk Factor
Low
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS v3.0 Temporal Score
6.0 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
3.3 (CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
2.7 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-1000250
XREF OSVDB:165331
XREF USN:3413-1
Plugin Information:
Published: 2017/09/13, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libbluetooth3_4.101-0ubuntu13.1
Fixed package : libbluetooth3_4.101-0ubuntu13.3
103774 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : libxfont, libxfont1, libxfont2 vulnerabilities (USN-3442-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that libXfont incorrectly handled certain patterns in PatternMatch. A local attacker could use this issue to cause libXfont to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2017-13720)

It was discovered that libXfont incorrectly handled certain malformed PCF files. A local attacker could use this issue to cause libXfont to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2017-13722).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxfont1 and / or libxfont2 packages.
Risk Factor
Low
CVSS v3.0 Base Score
7.1 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H)
CVSS Base Score
3.6 (CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P)
CVSS Temporal Score
2.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-13720
CVE CVE-2017-13722
XREF OSVDB:167165
XREF OSVDB:167166
XREF USN:3442-1
Plugin Information:
Published: 2017/10/11, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libxfont1_1:1.4.7-1ubuntu0.2
Fixed package : libxfont1_1:1.4.7-1ubuntu0.3
104883 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxfont, libxfont1, libxfont2 vulnerability (USN-3500-1)
Synopsis
The remote Ubuntu host is missing one or more security-related patches.
Description
It was discovered that libXfont incorrectly followed symlinks when opening font files. A local unprivileged user could use this issue to cause the X server to access arbitrary files, including special device files.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libxfont1 and / or libxfont2 packages.
Risk Factor
Low
CVSS v3.0 Base Score
5.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVSS Base Score
2.1 (CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score
1.6 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-16611
XREF OSVDB:169993
XREF USN:3500-1
Plugin Information:
Published: 2017/11/30, Modified: 2018/01/30
Plugin Output

tcp/0


- Installed package : libxfont1_1:1.4.7-1ubuntu0.2
Fixed package : libxfont1_1:1.4.7-1ubuntu0.4
105038 - Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : linux-firmware vulnerabilities (USN-3505-1) (KRACK)
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-2017-13080, CVE-2017-13081).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected linux-firmware package.
Risk Factor
Low
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS Base Score
2.9 (CVSS2#AV:A/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
2.1 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
II
References
CVE CVE-2017-13080
CVE CVE-2017-13081
XREF OSVDB:159287
XREF OSVDB:161923
XREF OSVDB:167351
XREF OSVDB:167352
XREF OSVDB:170014
XREF OSVDB:170015
XREF USN:3505-1
XREF IAVA:2017-A-0310
Plugin Information:
Published: 2017/12/06, Modified: 2018/01/31
Plugin Output

tcp/0


- Installed package : linux-firmware_1.127.18
Fixed package : linux-firmware_1.127.24
11936 - OS Identification
Synopsis
It is possible to guess the remote operating system.
Description
Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP, SNMP, etc.), it is possible to guess the name of the remote operating system in use. It is also possible sometimes to guess the version of the operating system.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2003/12/09, Modified: 2018/04/19
Plugin Output

tcp/0


Remote operating system : Linux Kernel 3.13.0-62-generic on Ubuntu 14.04
Confidence level : 100
Method : LinuxDistribution


The remote host is running Linux Kernel 3.13.0-62-generic on Ubuntu 14.04
12053 - Host Fully Qualified Domain Name (FQDN) Resolution
Synopsis
It was possible to resolve the name of the remote host.
Description
Nessus was able to resolve the fully qualified domain name (FQDN) of the remote host.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/02/11, Modified: 2017/04/14
Plugin Output

tcp/0


172.16.0.3 resolves as blog.poltekom.ac.id.
18261 - Apache Banner Linux Distribution Disclosure
Synopsis
The name of the Linux distribution running on the remote host was found in the banner of the web server.
Description
Nessus was able to extract the banner of the Apache web server and determine which Linux distribution the remote host is running.
Solution
If you do not wish to display this information, edit 'httpd.conf' and set the directive 'ServerTokens Prod' and restart Apache.
n/a
Risk Factor
None
Plugin Information:
Published: 2005/05/15, Modified: 2017/03/13
Plugin Output

tcp/0


The Linux distribution detected was :
- Ubuntu 14.04 (trusty)
19506 - Nessus Scan Information
Synopsis
This plugin displays information about the Nessus scan.
Description
This plugin displays, for each tested host, information about the scan itself :

- The version of the plugin set.
- The type of scanner (Nessus or Nessus Home).
- The version of the Nessus Engine.
- The port scanner(s) used.
- The port range scanned.
- Whether credentialed or third-party patch management checks are possible.
- The date of the scan.
- The duration of the scan.
- The number of hosts scanned in parallel.
- The number of checks done in parallel.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2005/08/26, Modified: 2017/10/26
Plugin Output

tcp/0

Information about this scan :

Nessus version : 7.1.0
Plugin feed version : 201806222120
Scanner edition used : Nessus
Scan type : Normal
Scan policy used : Advanced Scan
Scanner IP : 172.16.1.201
Port scanner(s) : netstat
Port range : default
Thorough tests : no
Experimental tests : no
Paranoia level : 1
Report verbosity : 1
Safe checks : yes
Optimize the test : yes
Credentialed checks : yes, as 'puskom' via ssh
Attempt Least Privilege : no
Patch management checks : None
CGI scanning : disabled
Web application tests : disabled
Max hosts : 100
Max checks : 5
Recv timeout : 5
Backports : Detected
Allow post-scan editing: Yes
Scan Start Date : 2018/6/26 8:49 WIB
Scan duration : 1366 sec
22869 - Software Enumeration (SSH)
Synopsis
It was possible to enumerate installed software on the remote host via SSH.
Description
Nessus was able to list the software installed on the remote host by calling the appropriate command (e.g., 'rpm -qa' on RPM-based Linux distributions, qpkg, dpkg, etc.).
Solution
Remove any software that is not in compliance with your organization's acceptable use and security policies.
Risk Factor
None
Plugin Information:
Published: 2006/10/15, Modified: 2017/07/28
Plugin Output

tcp/0


Here is the list of packages installed on the remote Debian Linux system :

iF minergate-cli 4.05 amd64 Mine CryptoNote based and other popular cryptocurrencies with the easiest miner ever.
ii accountsservice 0.6.35-0ubuntu7.2 amd64 query and manipulate user account information
ii acl 2.2.52-1 amd64 Access control list utilities
ii acpid 1:2.0.21-1ubuntu2 amd64 Advanced Configuration and Power Interface event daemon
ii adduser 3.113+nmu3ubuntu3 all add and remove users and groups
ii apache2 2.4.7-1ubuntu4.8 amd64 Apache HTTP Server
ii apache2-bin 2.4.7-1ubuntu4.8 amd64 Apache HTTP Server (binary files and modules)
ii apache2-data 2.4.7-1ubuntu4.8 all Apache HTTP Server (common files)
ii apache2-mpm-prefork 2.4.7-1ubuntu4.8 amd64 transitional prefork MPM package for apache2
ii apache2-utils 2.4.7-1ubuntu4.8 amd64 Apache HTTP Server (utility programs for web servers)
ii apparmor 2.8.95~2430-0ubuntu5.3 amd64 User-space parser utility for AppArmor
ii apport 2.14.1-0ubuntu3.19 all automatically generate crash reports for debugging
ii apport-symptoms 0.20 all symptom scripts for apport
ii apt 1.0.1ubuntu2.10 amd64 commandline package manager
ii apt-show-versions 0.22.3 all lists available package versions with distribution
ii apt-transport-https 1.0.1ubuntu2.10 amd64 https download transport for APT
ii apt-utils 1.0.1ubuntu2.10 amd64 package management related utility programs
ii apt-xapian-index 0.45ubuntu4 all maintenance and search tools for a Xapian index of Debian packages
ii aptitude 0.6.8.2-1ubuntu4 amd64 terminal-based package manager
ii aptitude-common 0.6.8.2-1ubuntu4 all architecture indepedent files for the aptitude package manager
ii at 3.1.14-1ubuntu1 amd64 Delayed job execution and batch processing
ii at-spi2-core 2.10.2.is.2.10.1-0ubuntu1 amd64 Assistive Technology Service Provider Interface (dbus core)
ii attr 1:2.4.47-1ubuntu1 amd64 Utilities for manipulating filesystem extended attributes
ii augeas-lenses 1.2.0-0ubuntu1.1 all Set of lenses needed by libaugeas0 to parse config files
ii auth-client-config 0.9ubuntu1 all pam and NSS profile switcher
ii authbind 2.1.1 amd64 Allows non-root programs to bind() to low ports
ii autoconf 2.69-8.1~pmo1~trusty all automatic configure script builder
ii automake 1:1.14.1-3.1~pmo1~trusty all Tool for generating GNU Standards-compliant Makefiles
ii autotools-dev 20130810.1 all Update infrastructure for config.{guess,sub} files
ii bandwidthd 2.0.1+cvs20090917-7 amd64 Tracks usage of TCP/IP and builds html files with graphs
ii base-files 7.2ubuntu5.3 amd64 Debian base system miscellaneous files
ii base-passwd 3.5.33 amd64 Debian base system master password and group files
ii bash 4.3-7ubuntu1.5 amd64 GNU Bourne Again SHell
ii bash-completion 1:2.1-4ubuntu0.1 all programmable completion for the bash shell
ii bc 1.06.95-8ubuntu1 amd64 GNU bc arbitrary precision calculator language
ii bind9-host 1:9.9.5.dfsg-3ubuntu0.5 amd64 Version of 'host' bundled with BIND 9.X
ii binutils 2.24-5ubuntu14 amd64 GNU assembler, linker and binary utilities
ii biosdevname 0.4.1-0ubuntu6.2 amd64 apply BIOS-given names to network devices
ii bmon 1:3.1-1 amd64 portable bandwidth monitor and rate estimator
ii bridge-utils 1.5-6ubuntu2 amd64 Utilities for configuring the Linux Ethernet bridge
ii bsdmainutils 9.0.5ubuntu1 amd64 collection of more utilities from FreeBSD
ii bsdutils 1:2.20.1-5.1ubuntu20.7 amd64 Basic utilities from 4.4BSD-Lite
ii build-essential 11.6ubuntu6 amd64 Informational list of build-essential packages
ii busybox-initramfs 1:1.21.0-1ubuntu1 amd64 Standalone shell setup for initramfs
ii busybox-static 1:1.21.0-1ubuntu1 amd64 Standalone rescue shell with tons of builtin utilities
ii byobu 5.77-0ubuntu1.2 all powerful, text based window manager and shell multiplexer
ii bzip2 1.0.6-5 amd64 high-quality block-sorting file compressor - utilities
ii ca-certificates 20141019ubuntu0.14.04.1 all Common CA certificates
ii ca-certificates-java 20130815ubuntu1 all Common CA certificates (JKS keystore)
ii cgroup-lite 1.9 all Light-weight package to set up cgroups at system boot
ii cifs-utils 2:6.0-1ubuntu2 amd64 Common Internet File System utilities
ii colord 1.0.6-1 amd64 system service to manage device colour profiles -- system daemon
ii comerr-dev 2.1-1.42.9-3ubuntu1.3 amd64 common error description library - headers and static libraries
ii command-not-found 0.3ubuntu12 all Suggest installation of packages in interactive bash sessions
ii command-not-found-data 0.3ubuntu12 amd64 Set of data files for command-not-found.
ii console-setup 1.70ubuntu8 all console font and keymap setup program
ii coreutils 8.21-1ubuntu5.1 amd64 GNU core utilities
ii cpio 2.11+dfsg-1ubuntu1.1 amd64 GNU cpio -- a program to manage archives of files
ii cpp 4:4.8.2-1ubuntu6 amd64 GNU C preprocessor (cpp)
ii cpp-4.8 4.8.4-2ubuntu1~14.04 amd64 GNU C preprocessor
ii cpu-checker 0.7-0ubuntu4 amd64 tools to help evaluate certain CPU (or BIOS) features
ii crda 1.1.2-1ubuntu2 amd64 wireless Central Regulatory Domain Agent
ii cron 3.0pl1-124ubuntu2 amd64 process scheduling daemon
ii curl 7.35.0-1ubuntu2.14 amd64 command line tool for transferring data with URL syntax
ii dash 0.5.7-4ubuntu1 amd64 POSIX-compliant shell
ii dbconfig-common 1.8.47+nmu1 all common framework for packaging database applications
ii dbus 1.6.18-0ubuntu4.3 amd64 simple interprocess messaging system (daemon and utilities)
ii dbus-x11 1.6.18-0ubuntu4.3 amd64 simple interprocess messaging system (X11 deps)
ii dconf-gsettings-backend 0.20.0-1 amd64 simple configuration storage system - GSettings back-end
ii dconf-service 0.20.0-1 amd64 simple configuration storage system - D-Bus service
ii debconf 1.5.51ubuntu2 all Debian configuration management system
ii debconf-i18n 1.5.51ubuntu2 all full internationalization support for debconf
ii debianutils 4.4 amd64 Miscellaneous utilities specific to Debian
ii default-jre-headless 2:1.7-51 amd64 Standard Java or Java compatible Runtime (headless)
ii desktop-file-utils 0.22-1ubuntu1 amd64 Utilities for .desktop files
ii dh-python 1.20140128-1ubuntu8.2 all Debian helper tools for packaging Python libraries and applications
ii dictionaries-common 1.20.5 all Common utilities for spelling dictionary tools
ii diffutils 1:3.3-1 amd64 File comparison utilities
ii dkms 2.2.0.3-1.1ubuntu5.14.04.5 all Dynamic Kernel Module Support Framework
ii dmidecode 2.12-2 amd64 SMBIOS/DMI table decoder
ii dmsetup 2:1.02.77-6ubuntu2 amd64 Linux Kernel Device Mapper userspace library
ii dnscrypt-proxy 1.6.1-1pmo3~trusty amd64 tool for securing communications between a client and a DNS resolver
ii dnsmasq 2.68-1ubuntu0.1 all Small caching DNS proxy and DHCP/TFTP server
ii dnsmasq-base 2.68-1ubuntu0.1 amd64 Small caching DNS proxy and DHCP/TFTP server
ii dnsutils 1:9.9.5.dfsg-3ubuntu0.5 amd64 Clients provided with BIND
ii dosfstools 3.0.26-1 amd64 utilities for making and checking MS-DOS FAT filesystems
ii dpkg 1.17.5ubuntu5.4 amd64 Debian package management system
ii dpkg-dev 1.17.5ubuntu5.4 all Debian package development tools
ii e2fslibs 1.42.9-3ubuntu1.3 amd64 ext2/ext3/ext4 file system libraries
ii e2fsprogs 1.42.9-3ubuntu1.3 amd64 ext2/ext3/ext4 file system utilities
ii ebtables 2.0.10.4-3ubuntu1 amd64 Ethernet bridge frame table administration
ii ed 1.9-2 amd64 classic UNIX line editor
ii eject 2.1.5+deb1+cvs20081104-13.1 amd64 ejects CDs and operates CD-Changers under Linux
ii ethtool 1:3.13-1 amd64 display or change Ethernet device settings
ii exim4 4.82-3ubuntu2 all metapackage to ease Exim MTA (v4) installation
ii exim4-base 4.82-3ubuntu2 amd64 support files for all Exim MTA (v4) packages
ii exim4-config 4.82-3ubuntu2 all configuration for the Exim MTA (v4)
ii exim4-daemon-light 4.82-3ubuntu2 amd64 lightweight Exim MTA (v4) daemon
ii fail2ban 0.8.11-1 all ban hosts that cause multiple authentication errors
ii fakeroot 1.20-3ubuntu2 amd64 tool for simulating superuser privileges
ii file 1:5.14-2ubuntu3.3 amd64 Determines file type using "magic" numbers
ii findutils 4.4.2-7 amd64 utilities for finding files--find, xargs
ii fontconfig 2.11.0-0ubuntu4.1 amd64 generic font configuration library - support binaries
ii fontconfig-config 2.11.0-0ubuntu4.1 all generic font configuration library - configuration
ii fonts-dejavu 2.34-1ubuntu1 all metapackage to pull in fonts-dejavu-core and fonts-dejavu-extra
ii fonts-dejavu-core 2.34-1ubuntu1 all Vera font family derivate with additional characters
ii fonts-dejavu-extra 2.34-1ubuntu1 all Vera font family derivate with additional characters (extra variants)
ii fonts-liberation 1.07.3-3 all Fonts with the same metrics as Times, Arial and Courier
ii fonts-opensymbol 2:102.6+LibO4.2.8-0ubuntu3 all OpenSymbol TrueType font
ii fonts-sil-gentium 20081126:1.02-13 all extended Unicode Latin font ("a typeface for the nations")
ii fonts-sil-gentium-basic 1.1-7 all smart Unicode font families (Basic and Book Basic) based on Gentium
ii fonts-ubuntu-font-family-console 0.80-0ubuntu6 all Ubuntu Font Family Linux console fonts, sans-serif monospace
ii friendly-recovery 0.2.25 all Make recovery more user-friendly
ii ftp 0.17-28 amd64 classical file transfer client
ii fuse 2.9.2-4ubuntu4.14.04.1 amd64 Filesystem in Userspace
ii g++ 4:4.8.2-1ubuntu6 amd64 GNU C++ compiler
ii g++-4.8 4.8.4-2ubuntu1~14.04 amd64 GNU C++ compiler
ii gawk 1:4.0.1+dfsg-2.1ubuntu2 amd64 GNU awk, a pattern scanning and processing language
ii gcc 4:4.8.2-1ubuntu6 amd64 GNU C compiler
ii gcc-4.8 4.8.4-2ubuntu1~14.04 amd64 GNU C compiler
ii gcc-4.8-base 4.8.4-2ubuntu1~14.04 amd64 GCC, the GNU Compiler Collection (base package)
ii gcc-4.9-base 4.9.1-0ubuntu1 amd64 GCC, the GNU Compiler Collection (base package)
ii gconf-service 3.2.6-0ubuntu2 amd64 GNOME configuration database system (D-Bus service)
ii gconf-service-backend 3.2.6-0ubuntu2 amd64 GNOME configuration database system (D-Bus service)
ii gconf2 3.2.6-0ubuntu2 amd64 GNOME configuration database system (support tools)
ii gconf2-common 3.2.6-0ubuntu2 all GNOME configuration database system (common files)
ii gdisk 0.8.8-1ubuntu0.1 amd64 GPT fdisk text-mode partitioning tool
ii geoip-database 20140313-1 all IP lookup command line tools that use the GeoIP library (country database)
ii gettext-base 0.18.3.1-1ubuntu3 amd64 GNU Internationalization utilities for the base system
ii gir1.2-glib-2.0 1.40.0-1ubuntu0.2 amd64 Introspection data for GLib, GObject, Gio and GModule
ii git 1:1.9.1-1ubuntu0.1 amd64 fast, scalable, distributed revision control system
ii git-man 1:1.9.1-1ubuntu0.1 all fast, scalable, distributed revision control system (manual pages)
ii gnupg 1.4.16-1ubuntu2.3 amd64 GNU privacy guard - a free PGP replacement
ii gpgv 1.4.16-1ubuntu2.3 amd64 GNU privacy guard - signature verification tool
ii grep 2.16-1 amd64 GNU grep, egrep and fgrep
ii groff-base 1.22.2-5 amd64 GNU troff text-formatting system (base system components)
ii grub-common 2.02~beta2-9ubuntu1.4 amd64 GRand Unified Bootloader (common files)
ii grub-gfxpayload-lists 0.6 amd64 GRUB gfxpayload blacklist
ii grub-pc 2.02~beta2-9ubuntu1.4 amd64 GRand Unified Bootloader, version 2 (PC/BIOS version)
ii grub-pc-bin 2.02~beta2-9ubuntu1.4 amd64 GRand Unified Bootloader, version 2 (PC/BIOS binaries)
ii grub2-common 2.02~beta2-9ubuntu1.4 amd64 GRand Unified Bootloader (common files for version 2)
ii gvfs 1.20.3-0ubuntu1.2 amd64 userspace virtual filesystem - GIO module
ii gvfs-common 1.20.3-0ubuntu1.2 all userspace virtual filesystem - common data files
ii gvfs-daemons 1.20.3-0ubuntu1.2 amd64 userspace virtual filesystem - servers
ii gvfs-libs 1.20.3-0ubuntu1.2 amd64 userspace virtual filesystem - private libraries
ii gyp 0.1~svn1729-3ubuntu1 all Cross-platform build script generator
ii gzip 1.6-3ubuntu1 amd64 GNU compression utilities
ii hdparm 9.43-1ubuntu3 amd64 tune hard disk parameters for high performance
ii heirloom-mailx 12.5-2+deb7u1build0.14.04.1 amd64 feature-rich BSD mail(1)
ii hicolor-icon-theme 0.13-1 all default fallback theme for FreeDesktop.org icon themes
ii hostname 3.15ubuntu1 amd64 utility to set/show the host name or domain name
ii hunspell-en-us 20070829-4ubuntu3 all English_american dictionary for hunspell
ii icedtea-7-jre-jamvm 7u79-2.5.6-0ubuntu1.14.04.1 amd64 Alternative JVM for OpenJDK, using JamVM
ii ifupdown 0.7.47.2ubuntu4.1 amd64 high level tools to configure network interfaces
ii info 5.2.0.dfsg.1-2 amd64 Standalone GNU Info documentation browser
ii init-system-helpers 1.14 all helper tools for all init systems
ii initramfs-tools 0.103ubuntu4.2 all tools for generating an initramfs
ii initramfs-tools-bin 0.103ubuntu4.2 amd64 binaries used by initramfs-tools
ii initscripts 2.88dsf-41ubuntu6.2 amd64 scripts for initializing and shutting down the system
ii insserv 1.14.0-5ubuntu2 amd64 boot sequence organizer using LSB init.d script dependency information
ii install-info 5.2.0.dfsg.1-2 amd64 Manage installed documentation in info format
ii installation-report 2.54ubuntu1 all system installation report
ii iproute 1:3.12.0-2ubuntu1 all transitional dummy package for iproute2
ii iproute2 3.12.0-2ubuntu1 amd64 networking and traffic control tools
ii iptables 1.4.21-1ubuntu1 amd64 administration tools for packet filtering and NAT
ii iputils-ping 3:20121221-4ubuntu1.1 amd64 Tools to test the reachability of network hosts
ii iputils-tracepath 3:20121221-4ubuntu1.1 amd64 Tools to trace the network path to a remote host
ii ipxe-qemu 1.0.0+git-20131111.c3d1e78-2ubuntu1.1 all PXE boot firmware - ROM images for qemu
ii irqbalance 1.0.6-2ubuntu0.14.04.4 amd64 Daemon to balance interrupts for SMP systems
ii isc-dhcp-client 4.2.4-7ubuntu12.8 amd64 ISC DHCP client
ii isc-dhcp-common 4.2.4-7ubuntu12.8 amd64 common files used by all the isc-dhcp* packages
ii isc-dhcp-server 4.2.4-7ubuntu12.8 amd64 ISC DHCP server for automatic IP address assignment
ii iso-codes 3.52-1 all ISO language, territory, currency, script codes and their translations
ii java-common 0.51 all Base of all Java packages
ii javascript-common 11 all Base support for JavaScript library packages
ii kbd 1.15.5-1ubuntu1 amd64 Linux console font and keytable utilities
ii keyboard-configuration 1.70ubuntu8 all system-wide keyboard preferences
ii keyutils 1.5.6-1 amd64 Linux Key Management Utilities
ii klibc-utils 2.0.3-0ubuntu1 amd64 small utilities built with klibc for early boot
ii kmod 15-0ubuntu6 amd64 tools for managing Linux kernel modules
ii krb5-locales 1.12+dfsg-2ubuntu5.2 all Internationalization support for MIT Kerberos
ii krb5-multidev 1.12+dfsg-2ubuntu5.3 amd64 Development files for MIT Kerberos without Heimdal conflict
ii landscape-common 14.12-0ubuntu0.14.04 amd64 The Landscape administration system client - Common files
ii language-selector-common 0.129.3 all Language selector for Ubuntu
ii laptop-detect 0.13.7ubuntu2 amd64 attempt to detect a laptop
ii ldap-auth-client 0.5.3 all meta-package for LDAP authentication
ii ldap-auth-config 0.5.3 all Config package for LDAP authentication
ii ldap-utils 2.4.31-1+nmu2ubuntu8.4 amd64 OpenLDAP utilities
ii less 458-2 amd64 pager program similar to more
ii libaccountsservice0 0.6.35-0ubuntu7.2 amd64 query and manipulate user account information - shared libraries
ii libacl1 2.2.52-1 amd64 Access control list shared library
ii libaio1 0.3.109-4 amd64 Linux kernel AIO access library - shared library
ii libalgorithm-diff-perl 1.19.02-3 all module to find differences between files
ii libalgorithm-diff-xs-perl 0.04-2build4 amd64 module to find differences between files (XS accelerated)
ii libalgorithm-merge-perl 0.08-2 all Perl module for three-way merge of textual data
ii libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.14 amd64 server-side, HTML-embedded scripting language (Apache 2 module)
ii libapache2-mod-php5.6 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 server-side, HTML-embedded scripting language (Apache 2 module)
ii libapparmor-perl 2.8.95~2430-0ubuntu5.3 amd64 AppArmor library Perl bindings
ii libapparmor1 2.8.95~2430-0ubuntu5.3 amd64 changehat AppArmor library
ii libapr1 1.5.0-1 amd64 Apache Portable Runtime Library
ii libaprutil1 1.5.3-1 amd64 Apache Portable Runtime Utility Library
ii libaprutil1-dbd-sqlite3 1.5.3-1 amd64 Apache Portable Runtime Utility Library - SQLite3 Driver
ii libaprutil1-ldap 1.5.3-1 amd64 Apache Portable Runtime Utility Library - LDAP Driver
ii libapt-inst1.5 1.0.1ubuntu2.10 amd64 deb package format runtime library
ii libapt-pkg-perl 0.1.29build1 amd64 Perl interface to libapt-pkg
ii libapt-pkg4.12 1.0.1ubuntu2.10 amd64 package management runtime library
ii libarchive-extract-perl 0.70-1 all generic archive extracting module
ii libasan0 4.8.4-2ubuntu1~14.04 amd64 AddressSanitizer -- a fast memory error detector
ii libasn1-8-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - ASN.1 library
ii libasound2 1.0.27.2-3ubuntu7 amd64 shared library for ALSA applications
ii libasound2-data 1.0.27.2-3ubuntu7 all Configuration files and profiles for ALSA drivers
ii libasprintf0c2 0.18.3.1-1ubuntu3 amd64 GNU library to use fprintf and friends in C++
ii libasyncns0 0.8-4ubuntu2 amd64 Asynchronous name service query library
ii libatasmart4 0.19-3 amd64 ATA S.M.A.R.T. reading and parsing library
ii libatk-bridge2.0-0 2.10.2-2ubuntu1 amd64 AT-SPI 2 toolkit bridge - shared library
ii libatk-wrapper-java 0.30.4-4 all ATK implementation for Java using JNI
ii libatk-wrapper-java-jni 0.30.4-4 amd64 ATK implementation for Java using JNI (JNI bindings)
ii libatk1.0-0 2.10.0-2ubuntu2 amd64 ATK accessibility toolkit
ii libatk1.0-data 2.10.0-2ubuntu2 all Common files for the ATK accessibility toolkit
ii libatomic1 4.8.4-2ubuntu1~14.04 amd64 support library providing __atomic built-in functions
ii libatspi2.0-0 2.10.2.is.2.10.1-0ubuntu1 amd64 Assistive Technology Service Provider Interface - shared library
ii libattr1 1:2.4.47-1ubuntu1 amd64 Extended attribute shared library
ii libaudio2 1.9.4-1 amd64 Network Audio System - shared libraries
ii libaudit-common 1:2.3.2-2ubuntu1 all Dynamic library for security auditing - common files
ii libaudit1 1:2.3.2-2ubuntu1 amd64 Dynamic library for security auditing
ii libaugeas0 1.2.0-0ubuntu1.1 amd64 Augeas configuration editing library and API
ii libauthen-pam-perl 0.16-2build3 amd64 Perl interface to PAM library
ii libauthen-sasl-perl 2.1500-1 all Authen::SASL - SASL Authentication framework
ii libavahi-client3 0.6.31-4ubuntu1 amd64 Avahi client library
ii libavahi-common-data 0.6.31-4ubuntu1 amd64 Avahi common data files
ii libavahi-common3 0.6.31-4ubuntu1 amd64 Avahi common library
ii libavahi-glib1 0.6.31-4ubuntu1 amd64 Avahi GLib integration library
ii libbind9-90 1:9.9.5.dfsg-3ubuntu0.5 amd64 BIND9 Shared Library used by BIND
ii libblkid1 2.20.1-5.1ubuntu20.7 amd64 block device id library
ii libbluetooth3 4.101-0ubuntu13.1 amd64 Library to use the BlueZ Linux Bluetooth stack
ii libbonobo2-0 2.32.1-0ubuntu5 amd64 Bonobo CORBA interfaces library
ii libbonobo2-common 2.32.1-0ubuntu5 all Bonobo CORBA interfaces library -- support files
ii libboost-date-time1.54.0 1.54.0-4ubuntu3.1 amd64 set of date-time libraries based on generic programming concepts
ii libboost-iostreams1.54.0 1.54.0-4ubuntu3.1 amd64 Boost.Iostreams Library
ii libboost-system1.54.0 1.54.0-4ubuntu3.1 amd64 Operating system (e.g. diagnostics support) library
ii libboost-thread1.54.0 1.54.0-4ubuntu3.1 amd64 portable C++ multi-threading
ii libbrlapi0.6 5.0-2ubuntu2 amd64 braille display access via BRLTTY - shared library
ii libbsd0 0.6.0-2ubuntu1 amd64 utility functions from BSD systems - shared library
ii libbz2-1.0 1.0.6-5 amd64 high-quality block-sorting file compressor library - runtime
ii libc-ares-dev 1.10.0-2 amd64 asynchronous name resolver - development files
ii libc-ares2 1.10.0-2 amd64 asynchronous name resolver
ii libc-bin 2.19-0ubuntu6.6 amd64 Embedded GNU C Library: Binaries
ii libc-dev-bin 2.19-0ubuntu6.6 amd64 Embedded GNU C Library: Development binaries
ii libc6 2.19-0ubuntu6.6 amd64 Embedded GNU C Library: Shared libraries
ii libc6-dev 2.19-0ubuntu6.6 amd64 Embedded GNU C Library: Development Libraries and Header Files
ii libcaca0 0.99.beta18-1ubuntu5 amd64 colour ASCII art library
ii libcairo-gobject2 1.13.0~20140204-0ubuntu1.1 amd64 The Cairo 2D vector graphics library (GObject library)
ii libcairo2 1.13.0~20140204-0ubuntu1.1 amd64 The Cairo 2D vector graphics library
ii libcanberra0 0.30-0ubuntu3 amd64 simple abstract interface for playing event sounds
ii libcap-ng0 0.7.3-1ubuntu2 amd64 An alternate POSIX capabilities library
ii libcap2 1:2.24-0ubuntu2 amd64 support for getting/setting POSIX.1e capabilities
ii libcap2-bin 1:2.24-0ubuntu2 amd64 basic utility programs for using capabilities
ii libcdr-0.0-0 0.0.15-1ubuntu1 amd64 library for reading and converting Corel DRAW files
ii libcgmanager0 0.24-0ubuntu7.5 amd64 Central cgroup manager daemon (client library)
ii libck-connector0 0.4.5-3.1ubuntu2 amd64 ConsoleKit libraries
ii libclass-accessor-perl 0.34-1 all Perl module that automatically generates accessors
ii libcloog-isl4 0.18.2-1 amd64 Chunky Loop Generator (runtime library)
ii libclucene-contribs1 2.3.3.4-4build1 amd64 language specific text analyzers (runtime)
ii libclucene-core1 2.3.3.4-4build1 amd64 core library for full-featured text search engine (runtime)
ii libcmis-0.4-4 0.4.1-3ubuntu4 amd64 CMIS protocol client library
ii libcolamd2.8.0 1:4.2.1-3ubuntu1 amd64 column approximate minimum degree ordering library for sparse matrices
ii libcolord1 1.0.6-1 amd64 system service to manage device colour profiles -- runtime
ii libcolorhug1 1.0.6-1 amd64 library to access the ColorHug colourimeter -- runtime
ii libcomerr2 1.42.9-3ubuntu1.3 amd64 common error description library
ii libcommons-collections3-java 3.2.1-6 all Apache Commons Collections - Extended Collections API for Java
ii libcommons-dbcp-java 1.4-3ubuntu1 all Database Connection Pooling Services
ii libcommons-pool-java 1.6-2 all pooling implementation for Java objects
ii libconfuse-common 2.7-4ubuntu1 all Common files for libConfuse
ii libconfuse0 2.7-4ubuntu1 amd64 Library for parsing configuration files
ii libconvert-asn1-perl 0.26-1 all Perl module for encoding and decoding ASN.1 data structures
ii libcups2 1.7.2-0ubuntu1.6 amd64 Common UNIX Printing System(tm) - Core library
ii libcurl3 7.35.0-1ubuntu2.14 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
ii libcurl3-gnutls 7.35.0-1ubuntu2.5 amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
ii libcurl4-openssl-dev 7.35.0-1ubuntu2.14 amd64 development files and documentation for libcurl (OpenSSL flavour)
ii libcwidget3 0.5.16-3.5ubuntu1 amd64 high-level terminal interface library for C++ (runtime files)
ii libdatrie1 0.2.8-1 amd64 Double-array trie library
ii libdb5.3 5.3.28-3ubuntu3 amd64 Berkeley v5.3 Database Libraries [runtime]
ii libdbd-mysql-perl 4.025-1 amd64 Perl5 database interface to the MySQL database
ii libdbi-perl 1.630-1 amd64 Perl Database Interface (DBI)
ii libdbus-1-3 1.6.18-0ubuntu4.3 amd64 simple interprocess messaging system (library)
ii libdbus-glib-1-2 0.100.2-1 amd64 simple interprocess messaging system (GLib-based shared library)
ii libdconf1 0.20.0-1 amd64 simple configuration storage system - runtime library
ii libdebconfclient0 0.187ubuntu1 amd64 Debian Configuration Management System (C-implementation library)
ii libdevmapper-event1.02.1 2:1.02.77-6ubuntu2 amd64 Linux Kernel Device Mapper event support library
ii libdevmapper1.02.1 2:1.02.77-6ubuntu2 amd64 Linux Kernel Device Mapper userspace library
ii libdns100 1:9.9.5.dfsg-3ubuntu0.5 amd64 DNS Shared Library used by BIND
ii libdpkg-perl 1.17.5ubuntu5.4 all Dpkg perl modules
ii libdrm-intel1 2.4.60-2~ubuntu14.04.1 amd64 Userspace interface to intel-specific kernel DRM services -- runtime
ii libdrm-nouveau2 2.4.60-2~ubuntu14.04.1 amd64 Userspace interface to nouveau-specific kernel DRM services -- runtime
ii libdrm-radeon1 2.4.60-2~ubuntu14.04.1 amd64 Userspace interface to radeon-specific kernel DRM services -- runtime
ii libdrm2 2.4.60-2~ubuntu14.04.1 amd64 Userspace interface to kernel DRM services -- runtime
ii libecap2 0.2.0-1ubuntu4 amd64 eCAP library
ii libecj-java 3.9.0-1 all Eclipse Java compiler (library)
ii libedit2 3.1-20130712-2 amd64 BSD editline and history libraries
ii libelf1 0.158-0ubuntu5.2 amd64 library to read and write ELF files
ii libencode-locale-perl 1.03-1 all utility to determine the locale encoding
ii libept1.4.12 1.0.12 amd64 High-level library for managing Debian package information
ii liberror-perl 0.17-1.1 all Perl module for error/exception handling in an OO-ish way
ii libestr0 0.1.9-0ubuntu2 amd64 Helper functions for handling strings (lib)
ii libevent-2.0-5 2.0.21-stable-1ubuntu1.14.04.1 amd64 Asynchronous event notification library
ii libexif12 0.6.21-1ubuntu1 amd64 library to parse EXIF files
ii libexpat1 2.1.0-4ubuntu1.1 amd64 XML parsing C library - runtime library
ii libexttextcat-2.0-0 3.4.3-1ubuntu1 amd64 Language detection library
ii libexttextcat-data 3.4.3-1ubuntu1 all Language detection library - data files
ii libfakeroot 1.20-3ubuntu2 amd64 tool for simulating superuser privileges - shared libraries
ii libfdt1 1.4.0+dfsg-1 amd64 Flat Device Trees manipulation library
ii libffi6 3.1~rc1+r3.0.13-12ubuntu0.1 amd64 Foreign Function Interface library runtime
ii libfile-copy-recursive-perl 0.38-1 all Perl extension for recursively copying files and directories
ii libfile-fcntllock-perl 0.14-2build1 amd64 Perl module for file locking with fcntl(2)
ii libfile-listing-perl 6.04-1 all module to parse directory listings
ii libflac8 1.3.0-2ubuntu0.14.04.1 amd64 Free Lossless Audio Codec - runtime C library
ii libfont-afm-perl 1.20-1 all Font::AFM - Interface to Adobe Font Metrics files
ii libfontconfig1 2.11.0-0ubuntu4.1 amd64 generic font configuration library - runtime
ii libfontenc1 1:1.1.2-1 amd64 X11 font encoding library
ii libfreetype6 2.5.2-1ubuntu2.5 amd64 FreeType 2 font engine, shared library files
ii libfribidi0 0.19.6-1 amd64 Free Implementation of the Unicode BiDi algorithm
ii libfuse2 2.9.2-4ubuntu4.14.04.1 amd64 Filesystem in Userspace (library)
ii libgc1c2 1:7.2d-5ubuntu2 amd64 conservative garbage collector for C and C++
ii libgcc-4.8-dev 4.8.4-2ubuntu1~14.04 amd64 GCC support library (development files)
ii libgcc1 1:4.9.1-0ubuntu1 amd64 GCC support library
ii libgck-1-0 3.10.1-1 amd64 Glib wrapper library for PKCS#11 - runtime
ii libgconf-2-4 3.2.6-0ubuntu2 amd64 GNOME configuration database system (shared libraries)
ii libgconf2-4 3.2.6-0ubuntu2 amd64 GNOME configuration database system (dummy package)
ii libgcr-3-common 3.10.1-1 all Library for Crypto UI related tasks - common files
ii libgcr-base-3-1 3.10.1-1 amd64 Library for Crypto related tasks
ii libgcrypt11 1.5.3-2ubuntu4.5 amd64 LGPL Crypto library - runtime library
ii libgcrypt11-dev 1.5.3-2ubuntu4.5 amd64 LGPL Crypto library - development files
ii libgd3 2.2.3-3+deb.sury.org~trusty+0 amd64 GD Graphics Library
ii libgdbm3 1.8.3-12build1 amd64 GNU dbm database routines (runtime version)
ii libgdk-pixbuf2.0-0 2.30.7-0ubuntu1.2 amd64 GDK Pixbuf library
ii libgdk-pixbuf2.0-common 2.30.7-0ubuntu1.2 all GDK Pixbuf library - data files
ii libgeoip1 1.6.0-1 amd64 non-DNS IP-to-country resolver library
ii libgeronimo-jta-1.1-spec-java 1.1.1-3ubuntu1 all Geronimo API implementation of the JTA 1.1 spec
ii libgif4 4.1.6-11 amd64 library for GIF images (library)
ii libgirepository-1.0-1 1.40.0-1ubuntu0.2 amd64 Library for handling GObject introspection data (runtime library)
ii libgl1-mesa-dri 10.1.3-0ubuntu0.5 amd64 free implementation of the OpenGL API -- DRI modules
ii libgl1-mesa-glx 10.1.3-0ubuntu0.5 amd64 free implementation of the OpenGL API -- GLX runtime
ii libglapi-mesa 10.1.3-0ubuntu0.5 amd64 free implementation of the GL API -- shared library
ii libglib2.0-0 2.40.2-0ubuntu1 amd64 GLib library of C routines
ii libglib2.0-data 2.40.2-0ubuntu1 all Common files for GLib library
ii libglu1-mesa 9.0.0-2 amd64 Mesa OpenGL utility library (GLU)
ii libgmp10 2:5.1.3+dfsg-1ubuntu1 amd64 Multiprecision arithmetic library
ii libgnome2-0 2.32.1-4ubuntu1 amd64 The GNOME library - runtime files
ii libgnome2-bin 2.32.1-4ubuntu1 amd64 The GNOME library - binary files
ii libgnome2-common 2.32.1-4ubuntu1 all The GNOME library - common files
ii libgnomevfs2-0 1:2.24.4-1ubuntu6 amd64 GNOME Virtual File System (runtime libraries)
ii libgnomevfs2-common 1:2.24.4-1ubuntu6 amd64 GNOME Virtual File System (common files)
ii libgnutls-dev 2.12.23-12ubuntu2.8 amd64 GNU TLS library - development files
ii libgnutls-openssl27 2.12.23-12ubuntu2.8 amd64 GNU TLS library - OpenSSL wrapper
ii libgnutls26 2.12.23-12ubuntu2.8 amd64 GNU TLS library - runtime library
ii libgnutlsxx27 2.12.23-12ubuntu2.8 amd64 GNU TLS library - C++ runtime library
ii libgomp1 4.8.4-2ubuntu1~14.04 amd64 GCC OpenMP (GOMP) support library
ii libgpg-error-dev 1.12-0.2ubuntu1 amd64 library for common error values and messages in GnuPG components (development)
ii libgpg-error0 1.12-0.2ubuntu1 amd64 library for common error values and messages in GnuPG components
ii libgphoto2-6 2.5.3.1-1ubuntu2.2 amd64 gphoto2 digital camera library
ii libgphoto2-l10n 2.5.3.1-1ubuntu2.2 all gphoto2 digital camera library - localized messages
ii libgphoto2-port10 2.5.3.1-1ubuntu2.2 amd64 gphoto2 digital camera port library
ii libgpm2 1.20.4-6.1 amd64 General Purpose Mouse - shared library
ii libgraphite2-3 1.2.4-1ubuntu1 amd64 Font rendering engine for Complex Scripts -- library
ii libgsoap4 2.8.16-2 amd64 Runtime libraries for gSOAP
ii libgssapi-krb5-2 1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
ii libgssapi-perl 0.28-2build1 amd64 Perl extension providing access to the GSSAPIv2 library
ii libgssapi3-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - GSSAPI support library
ii libgssglue1 0.4-2ubuntu1 amd64 mechanism-switch gssapi library
ii libgssrpc4 1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - GSS enabled ONCRPC
ii libgstreamer-plugins-base1.0-0 1.2.4-1~ubuntu1 amd64 GStreamer libraries from the "base" set
ii libgstreamer1.0-0 1.2.4-0ubuntu1 amd64 Core GStreamer libraries and elements
ii libgtk-3-0 3.10.8-0ubuntu1.6 amd64 GTK+ graphical user interface library
ii libgtk-3-bin 3.10.8-0ubuntu1.6 amd64 programs for the GTK+ graphical user interface library
ii libgtk-3-common 3.10.8-0ubuntu1.6 all common files for the GTK+ graphical user interface library
ii libgtk2.0-0 2.24.23-0ubuntu1.3 amd64 GTK+ graphical user interface library
ii libgtk2.0-bin 2.24.23-0ubuntu1.3 amd64 programs for the GTK+ graphical user interface library
ii libgtk2.0-common 2.24.23-0ubuntu1.3 all common files for the GTK+ graphical user interface library
ii libgudev-1.0-0 1:204-5ubuntu20.15 amd64 GObject-based wrapper library for libudev
ii libgusb2 0.1.6-5 amd64 GLib wrapper around libusb1
ii libharfbuzz-icu0 0.9.27-1ubuntu1 amd64 OpenType text shaping engine ICU backend
ii libharfbuzz0b 0.9.27-1ubuntu1 amd64 OpenType text shaping engine (shared library)
ii libhcrypto4-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - crypto library
ii libhdb9-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - kadmin server library
ii libheimbase1-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - Base library
ii libheimntlm0-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - NTLM support library
ii libhsqldb1.8.0-java 1.8.0.10+dfsg-3ubuntu1 all Java SQL database engine
ii libhtml-form-perl 6.03-1 all module that represents an HTML form element
ii libhtml-format-perl 2.11-1 all module for transforming HTML into various formats
ii libhtml-parser-perl 3.71-1build1 amd64 collection of modules that parse HTML text documents
ii libhtml-tagset-perl 3.20-2 all Data tables pertaining to HTML
ii libhtml-template-perl 2.95-1 all module for using HTML templates with Perl
ii libhtml-tree-perl 5.03-1 all Perl module to represent and create HTML syntax trees
ii libhttp-cookies-perl 6.00-2 all HTTP cookie jars
ii libhttp-daemon-perl 6.01-1 all simple http server class
ii libhttp-date-perl 6.02-1 all module of date conversion routines
ii libhttp-message-perl 6.06-1 all perl interface to HTTP style messages
ii libhttp-negotiate-perl 6.00-2 all implementation of content negotiation
ii libhunspell-1.3-0 1.3.2-6ubuntu2.1 amd64 spell checker and morphological analyzer (shared library)
ii libhx509-5-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - X509 support library
ii libhyphen0 2.8.6-3ubuntu2 amd64 ALTLinux hyphenation library - shared library
ii libice6 2:1.0.8-2 amd64 X11 Inter-Client Exchange library
ii libicu52 52.1-3ubuntu0.4 amd64 International Components for Unicode
ii libidl-common 0.8.14-0.2ubuntu4 all library for parsing CORBA IDL files (common files)
ii libidl0 0.8.14-0.2ubuntu4 amd64 library for parsing CORBA IDL files
ii libidn11 1.28-1ubuntu2.2 amd64 GNU Libidn library, implementation of IETF IDN specifications
ii libidn11-dev 1.28-1ubuntu2.2 amd64 Development files for GNU Libidn, an IDN library
ii libieee1284-3 0.2.11-12 amd64 cross-platform library for parallel port access
ii libio-html-perl 1.00-1 all open an HTML file with automatic charset detection
ii libio-pty-perl 1:1.08-1build4 amd64 Perl module for pseudo tty IO
ii libio-socket-inet6-perl 2.71-1 all object interface for AF_INET6 domain sockets
ii libio-socket-ssl-perl 1.965-1ubuntu1 all Perl module implementing object oriented interface to SSL sockets
ii libio-string-perl 1.08-3 all Emulate IO::File interface for in-core strings
ii libisc95 1:9.9.5.dfsg-3ubuntu0.5 amd64 ISC Shared Library used by BIND
ii libisccc90 1:9.9.5.dfsg-3ubuntu0.5 amd64 Command Channel Library used by BIND
ii libisccfg90 1:9.9.5.dfsg-3ubuntu0.5 amd64 Config File Handling Library used by BIND
ii libisl10 0.12.2-1 amd64 manipulating sets and relations of integer points bounded by linear constraints
ii libitm1 4.8.4-2ubuntu1~14.04 amd64 GNU Transactional Memory Library
ii libiw30 30~pre9-8ubuntu1 amd64 Wireless tools - library
ii libjakarta-taglibs-standard-java 1.1.2-2ubuntu1.14.04.1 all Implementation of JSP Standard Tag Library (JSTL)
ii libjasper1 1.900.1-14ubuntu3.2 amd64 JasPer JPEG-2000 runtime library
ii libjaxp1.3-java 1.3.05-2ubuntu3 all Java XML parser and transformer APIs (DOM, SAX, JAXP, TrAX)
ii libjbig0 2.0-2ubuntu4.1 amd64 JBIGkit libraries
ii libjpeg-turbo8 1.3.0-0ubuntu2 amd64 IJG JPEG compliant runtime library.
ii libjpeg8 8c-2ubuntu8 amd64 Independent JPEG Group's JPEG runtime library (dependency package)
ii libjs-codemirror 2.23-1 all JavaScript editor interface for code-like content
ii libjs-jquery 1.7.2+dfsg-2ubuntu1 all JavaScript library for dynamic web applications
ii libjs-jquery-cookie 8-2 all jQuery cookie plugin
ii libjs-jquery-event-drag 8-2 all jQuery Event Drag
ii libjs-jquery-metadata 8-2 all jQuery plugin for parsing metadata from elements
ii libjs-jquery-mousewheel 8-2 all jQuery Mousewheel Plugin
ii libjs-jquery-tablesorter 8-2 all Flexible client-side table sorting
ii libjs-jquery-ui 1.10.1+dfsg-1 all JavaScript UI library for dynamic web applications
ii libjs-node-uuid 1.4.0-1 all simple, fast generation of RFC4122 UUIDs - JavaScript library
ii libjs-underscore 1.4.4-2ubuntu1 all JavaScript's functional programming helper library
ii libjson-c2 0.11-3ubuntu1.2 amd64 JSON manipulation library - shared library
ii libjson0 0.11-3ubuntu1.2 amd64 JSON manipulation library (transitional package)
ii libjstl1.1-java 1.1.2-2ubuntu1.14.04.1 all JSP Standard Tag Library API v1.1 Reference Implementation
ii libk5crypto3 1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - Crypto Library
ii libkadm5clnt-mit9 1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - Administration Clients
ii libkadm5srv-mit9 1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - KDC and Admin Server
ii libkdb5-7 1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - Kerberos database
ii libkdc2-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - KDC support library
ii libkeyutils1 1.5.6-1 amd64 Linux Key Management Utilities (library)
ii libklibc 2.0.3-0ubuntu1 amd64 minimal libc subset for use with initramfs
ii libkmod2 15-0ubuntu6 amd64 libkmod shared library
ii libkrb5-26-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - libraries
ii libkrb5-3 1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries
ii libkrb5-dev 1.12+dfsg-2ubuntu5.3 amd64 Headers and development libraries for MIT Kerberos
ii libkrb5support0 1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - Support library
ii liblangtag-common 0.5.1-2 all library to access tags for identifying languages -- data
ii liblangtag1 0.5.1-2 amd64 library to access tags for identifying languages
ii liblcms2-2 2.5-0ubuntu4 amd64 Little CMS 2 color management library
ii libldap-2.4-2 2.4.31-1+nmu2ubuntu8.4 amd64 OpenLDAP libraries
ii libldap2-dev 2.4.31-1+nmu2ubuntu8.4 amd64 OpenLDAP development libraries
ii libldb1 1:1.1.16-1 amd64 LDAP-like embedded database - shared library
ii libllvm3.4 1:3.4-1ubuntu3 amd64 Modular compiler and toolchain technologies, runtime library
ii liblocale-gettext-perl 1.05-7build3 amd64 module using libc functions for internationalization in Perl
ii liblockfile-bin 1.09-6ubuntu1 amd64 support binaries for and cli utilities based on liblockfile
ii liblockfile1 1.09-6ubuntu1 amd64 NFS-safe locking library
ii liblog-message-simple-perl 0.10-1 all simplified interface to Log::Message
ii libltdl7 2.4.2-1.7ubuntu1 amd64 A system independent dlopen wrapper for GNU libtool
ii liblwp-mediatypes-perl 6.02-1 all module to guess media type for a file or a URL
ii liblwp-protocol-https-perl 6.04-2ubuntu0.1 all HTTPS driver for LWP::UserAgent
ii liblwres90 1:9.9.5.dfsg-3ubuntu0.5 amd64 Lightweight Resolver Library used by BIND
ii liblzma5 5.1.1alpha+20120614-2ubuntu2 amd64 XZ-format compression library
ii libmagic1 1:5.14-2ubuntu3.3 amd64 File type determination library using "magic" numbers
ii libmailtools-perl 2.12-1 all Manipulate email in perl programs
ii libmcrypt4 2.5.8-3.1ubuntu1 amd64 De-/Encryption Library
ii libmhash2 0.9.9.9-4 amd64 Library for cryptographic hashing and message authentication
ii libmnl0 1.0.3-3ubuntu1 amd64 minimalistic Netlink communication library
ii libmodule-pluggable-perl 5.1-1 all module for giving modules the ability to have plugins
ii libmount1 2.20.1-5.1ubuntu20.7 amd64 block device id library
ii libmpc3 1.0.1-1ubuntu1 amd64 multiple precision complex floating-point library
ii libmpdec2 2.4.0-6 amd64 library for decimal floating point arithmetic (runtime library)
ii libmpfr4 3.1.2-1 amd64 multiple precision floating-point computation
ii libmspub-0.0-0 0.0.6-1ubuntu2 amd64 library for parsing the mspub file structure
ii libmysqlclient18 5.5.46-0ubuntu0.14.04.2 amd64 MySQL database client library
ii libmythes-1.2-0 2:1.2.2-1ubuntu2 amd64 simple thesaurus library
ii libncurses5 5.9+20140118-1ubuntu1 amd64 shared libraries for terminal handling
ii libncurses5-dev 5.9+20140118-1ubuntu1 amd64 developer's libraries for ncurses
ii libncursesw5 5.9+20140118-1ubuntu1 amd64 shared libraries for terminal handling (wide character support)
ii libneon27-gnutls 0.30.0-1ubuntu1 amd64 HTTP and WebDAV client library (GnuTLS enabled)
ii libnet-http-perl 6.06-1 all module providing low-level HTTP connection client
ii libnet-ldap-perl 1:0.5800-1 all client interface to LDAP servers
ii libnet-smtp-ssl-perl 1.01-3 all Perl module providing SSL support to Net::SMTP
ii libnet-ssleay-perl 1.58-1 amd64 Perl module for Secure Sockets Layer (SSL)
ii libnetcf1 1:0.2.3-4ubuntu1 amd64 cross-platform network configuration library
ii libnetfilter-conntrack3 1.0.4-1 amd64 Netfilter netlink-conntrack library
ii libnewt0.52 0.52.15-2ubuntu5 amd64 Not Erik's Windowing Toolkit - text mode windowing with slang
ii libnfnetlink0 1.0.1-2 amd64 Netfilter netlink library
ii libnfsidmap2 0.25-5 amd64 NFS idmapping library
ii libnih-dbus1 1.0.3-4ubuntu25 amd64 NIH D-Bus Bindings Library
ii libnih1 1.0.3-4ubuntu25 amd64 NIH Utility Library
ii libnl-3-200 3.2.21-1 amd64 library for dealing with netlink sockets
ii libnl-genl-3-200 3.2.21-1 amd64 library for dealing with netlink sockets - generic netlink
ii libnl-route-3-200 3.2.21-1 amd64 library for dealing with netlink sockets - route interface
ii libnspr4 2:4.10.10-0ubuntu0.14.04.1 amd64 NetScape Portable Runtime Library
ii libnss-ldap 264-2.2ubuntu4.14.04.1 amd64 NSS module for using LDAP as a naming service
ii libnss-winbind 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 Samba nameservice integration plugins
ii libnss3 2:3.19.2.1-0ubuntu0.14.04.1 amd64 Network Security Service libraries
ii libnss3-1d 2:3.19.2.1-0ubuntu0.14.04.1 amd64 Network Security Service libraries - transitional package
ii libnss3-nssdb 2:3.19.2.1-0ubuntu0.14.04.1 all Network Security Security libraries - shared databases
ii libntdb1 1.0-2ubuntu1 amd64 New Trivial Database - shared library
ii libnuma1 2.0.9~rc5-1ubuntu3.14.04.1 amd64 Libraries for controlling NUMA policy
ii libodbc1 2.2.14p2-5ubuntu5 amd64 ODBC library for Unix
ii libogg0 1.3.1-1ubuntu1 amd64 Ogg bitstream library
ii liborbit-2-0 1:2.14.19-0.3 amd64 high-performance CORBA implementation - common libraries
ii liborbit2 1:2.14.19-0.3 amd64 high-performance CORBA implementation - extra libraries
ii liborc-0.4-0 1:0.4.18-1ubuntu1 amd64 Library of Optimized Inner Loops Runtime Compiler
ii liborcus-0.6-0 0.5.1-7 amd64 library for processing spreadsheet documents
ii libp11-kit-dev 0.20.2-2ubuntu2 amd64 Library for loading and coordinating access to PKCS#11 modules - development
ii libp11-kit0 0.20.2-2ubuntu2 amd64 Library for loading and coordinating access to PKCS#11 modules - runtime
ii libpam-cap 1:2.24-0ubuntu2 amd64 PAM module for implementing capabilities
ii libpam-ldap 184-8.5ubuntu3 amd64 Pluggable Authentication Module for LDAP
ii libpam-modules 1.1.8-1ubuntu2 amd64 Pluggable Authentication Modules for PAM
ii libpam-modules-bin 1.1.8-1ubuntu2 amd64 Pluggable Authentication Modules for PAM - helper binaries
ii libpam-runtime 1.1.8-1ubuntu2 all Runtime support for the PAM library
ii libpam-systemd 204-5ubuntu20.15 amd64 system and service manager - PAM module
ii libpam-winbind 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 Windows domain authentication integration plugin
ii libpam0g 1.1.8-1ubuntu2 amd64 Pluggable Authentication Modules library
ii libpango-1.0-0 1.36.3-1ubuntu1.1 amd64 Layout and rendering of internationalized text
ii libpangocairo-1.0-0 1.36.3-1ubuntu1.1 amd64 Layout and rendering of internationalized text
ii libpangoft2-1.0-0 1.36.3-1ubuntu1.1 amd64 Layout and rendering of internationalized text
ii libpaper-utils 1.1.24+nmu2ubuntu3 amd64 library for handling paper characteristics (utilities)
ii libpaper1 1.1.24+nmu2ubuntu3 amd64 library for handling paper characteristics
ii libparse-debianchangelog-perl 1.2.0-1ubuntu1 all parse Debian changelogs and output them in other formats
ii libparted0debian1 2.3-19ubuntu1.14.04.1 amd64 disk partition manipulator - shared library
ii libpcap0.8 1.5.3-2 amd64 system interface for user-level packet capture
ii libpci3 1:3.2.1-1ubuntu5 amd64 Linux PCI Utilities (shared library)
ii libpciaccess0 0.13.2-1 amd64 Generic PCI access library for X
ii libpcre3 1:8.31-2ubuntu2.1 amd64 Perl 5 Compatible Regular Expression Library - runtime files
ii libpcsclite1 1.8.10-1ubuntu1 amd64 Middleware to access a smart card using PC/SC (library)
ii libperl5.18 5.18.2-2ubuntu1 amd64 shared Perl library
ii libpipeline1 1.3.0-1 amd64 pipeline manipulation library
ii libpixman-1-0 0.30.2-2ubuntu1 amd64 pixel-manipulation library for X and cairo
ii libplymouth2 0.8.8-0ubuntu17.1 amd64 graphical boot animation and logger - shared libraries
ii libpng12-0 1.2.50-1ubuntu2.14.04.1 amd64 PNG library - runtime
ii libpod-latex-perl 0.61-1 all module to convert Pod data to formatted LaTeX
ii libpolkit-agent-1-0 0.105-4ubuntu2.14.04.1 amd64 PolicyKit Authentication Agent API
ii libpolkit-backend-1-0 0.105-4ubuntu2.14.04.1 amd64 PolicyKit backend API
ii libpolkit-gobject-1-0 0.105-4ubuntu2.14.04.1 amd64 PolicyKit Authorization API
ii libpoppler44 0.24.5-2ubuntu4.3 amd64 PDF rendering library
ii libpopt0 1.16-8ubuntu1 amd64 lib for parsing cmdline parameters
ii libprocps3 1:3.3.9-1ubuntu2.2 amd64 library for accessing process information from /proc
ii libpulse0 1:4.0-0ubuntu11.1 amd64 PulseAudio client libraries
ii libpython-stdlib 2.7.5-5ubuntu3 amd64 interactive high-level object-oriented language (default python version)
ii libpython2.7 2.7.6-8ubuntu0.2 amd64 Shared Python runtime library (version 2.7)
ii libpython2.7-minimal 2.7.6-8ubuntu0.2 amd64 Minimal subset of the Python language (version 2.7)
ii libpython2.7-stdlib 2.7.6-8ubuntu0.2 amd64 Interactive high-level object-oriented language (standard library, version 2.7)
ii libpython3-stdlib 3.4.0-0ubuntu2 amd64 interactive high-level object-oriented language (default python3 version)
ii libpython3.4 3.4.3-1ubuntu1~14.04.3 amd64 Shared Python runtime library (version 3.4)
ii libpython3.4-minimal 3.4.3-1ubuntu1~14.04.3 amd64 Minimal subset of the Python language (version 3.4)
ii libpython3.4-stdlib 3.4.3-1ubuntu1~14.04.3 amd64 Interactive high-level object-oriented language (standard library, version 3.4)
ii libqt4-declarative 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 Declarative module
ii libqt4-network 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 network module
ii libqt4-opengl 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 OpenGL module
ii libqt4-script 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 script module
ii libqt4-sql 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 SQL module
ii libqt4-sql-mysql 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 MySQL database driver
ii libqt4-xml 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 XML module
ii libqt4-xmlpatterns 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 XML patterns module
ii libqtcore4 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 core module
ii libqtdbus4 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 D-Bus module library
ii libqtgui4 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 amd64 Qt 4 GUI module
ii libquadmath0 4.8.4-2ubuntu1~14.04 amd64 GCC Quad-Precision Math Library
ii librados2 0.80.10-0ubuntu1.14.04.3 amd64 RADOS distributed object store client library
ii libraptor2-0 2.0.13-1 amd64 Raptor 2 RDF syntax library
ii librasqal3 0.9.32-1 amd64 Rasqal RDF query library
ii librbd1 0.80.10-0ubuntu1.14.04.3 amd64 RADOS block device client library
ii librdf0 1.0.17-1 amd64 Redland Resource Description Framework (RDF) library
ii libreadline5 5.2+dfsg-2 amd64 GNU readline and history libraries, run-time libraries
ii libreadline6 6.3-4ubuntu2 amd64 GNU readline and history libraries, run-time libraries
ii libreoffice 1:4.2.8-0ubuntu3 amd64 office productivity suite (metapackage)
ii libreoffice-avmedia-backend-gstreamer 1:4.2.8-0ubuntu3 amd64 GStreamer backend for LibreOffice
ii libreoffice-base 1:4.2.8-0ubuntu3 amd64 office productivity suite -- database
ii libreoffice-base-core 1:4.2.8-0ubuntu3 amd64 office productivity suite -- shared library
ii libreoffice-base-drivers 1:4.2.8-0ubuntu3 amd64 Database connectvity drivers for LibreOffice
ii libreoffice-calc 1:4.2.8-0ubuntu3 amd64 office productivity suite -- spreadsheet
ii libreoffice-common 1:4.2.8-0ubuntu3 all office productivity suite -- arch-independent files
ii libreoffice-core 1:4.2.8-0ubuntu3 amd64 office productivity suite -- arch-dependent files
ii libreoffice-draw 1:4.2.8-0ubuntu3 amd64 office productivity suite -- drawing
ii libreoffice-gnome 1:4.2.8-0ubuntu3 amd64 office productivity suite -- GNOME integration
ii libreoffice-gtk 1:4.2.8-0ubuntu3 amd64 office productivity suite -- GTK+ integration
ii libreoffice-impress 1:4.2.8-0ubuntu3 amd64 office productivity suite -- presentation
ii libreoffice-java-common 1:4.2.8-0ubuntu3 all office productivity suite -- arch-independent Java support files
ii libreoffice-math 1:4.2.8-0ubuntu3 amd64 office productivity suite -- equation editor
ii libreoffice-pdfimport 1:4.2.8-0ubuntu3 amd64 PDF Import component for LibreOffice
ii libreoffice-report-builder-bin 1:4.2.8-0ubuntu3 amd64 LibreOffice component for building database reports -- libraries
ii libreoffice-sdbc-firebird 1:4.2.8-0ubuntu3 amd64 Firebird SDBC driver for LibreOffice
ii libreoffice-sdbc-hsqldb 1:4.2.8-0ubuntu3 amd64 HSQLDB SDBC driver for LibreOffice
ii libreoffice-style-galaxy 1:4.2.8-0ubuntu3 all office productivity suite -- Galaxy (Default) symbol style
ii libreoffice-style-human 1:4.2.8-0ubuntu3 all office productivity suite -- Human symbol style
ii libreoffice-writer 1:4.2.8-0ubuntu3 amd64 office productivity suite -- word processor
ii libroken18-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - roken support library
ii librtmp-dev 2.4+20121230.gitdf6c518-1ubuntu0.1 amd64 toolkit for RTMP streams (development files)
ii librtmp0 2.4+20121230.gitdf6c518-1ubuntu0.1 amd64 toolkit for RTMP streams (shared library)
ii libsane 1.0.23-3ubuntu3.1 amd64 API library for scanners
ii libsane-common 1.0.23-3ubuntu3.1 amd64 API library for scanners -- documentation and support files
ii libsasl2-2 2.1.25.dfsg1-17build1 amd64 Cyrus SASL - authentication abstraction library
ii libsasl2-modules 2.1.25.dfsg1-17build1 amd64 Cyrus SASL - pluggable authentication modules
ii libsasl2-modules-db 2.1.25.dfsg1-17build1 amd64 Cyrus SASL - pluggable authentication modules (DB)
ii libsdl1.2debian 1.2.15-8ubuntu1.1 amd64 Simple DirectMedia Layer
ii libseccomp2 2.1.0+dfsg-1 amd64 high level interface to Linux seccomp filter
ii libsecret-1-0 0.16-0ubuntu1 amd64 Secret store
ii libsecret-common 0.16-0ubuntu1 all Secret store (common files)
ii libselinux1 2.2.2-1ubuntu0.1 amd64 SELinux runtime shared libraries
ii libsemanage-common 2.2-1 all Common files for SELinux policy management libraries
ii libsemanage1 2.2-1 amd64 SELinux policy management library
ii libsepol1 2.2-1ubuntu0.1 amd64 SELinux library for manipulating binary security policies
ii libservlet3.0-java 7.0.52-1ubuntu0.3 all Servlet 3.0 and JSP 2.2 Java API classes
ii libsigc++-2.0-0c2a 2.2.10-0.2ubuntu2 amd64 type-safe Signal Framework for C++ - runtime
ii libsigsegv2 2.10-2 amd64 Library for handling page faults in a portable way
ii libslang2 2.2.4-15ubuntu1 amd64 S-Lang programming library - runtime version
ii libslp1 1.2.1-9ubuntu0.2 amd64 OpenSLP libraries
ii libsm6 2:1.2.1-2 amd64 X11 Session Management library
ii libsmbclient 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 shared library for communication with SMB/CIFS servers
ii libsndfile1 1.0.25-7ubuntu2 amd64 Library for reading/writing audio files
ii libsocket6-perl 0.25-1 amd64 Perl extensions for IPv6
ii libsodium18 1.0.8-5pmo1~trusty amd64 Network communication, cryptographic and signing library
ii libspice-server1 0.12.4-0nocelt2ubuntu1.2 amd64 Implements the server side of the SPICE protocol
ii libsqlite3-0 3.8.2-1ubuntu2.1 amd64 SQLite 3 shared library
ii libss2 1.42.9-3ubuntu1.3 amd64 command-line interface parsing library
ii libssl-dev 1.0.1f-1ubuntu2.15 amd64 Secure Sockets Layer toolkit - development files
ii libssl-doc 1.0.1f-1ubuntu2.15 all Secure Sockets Layer toolkit - development documentation
ii libssl0.9.8 0.9.8o-7ubuntu3.2.14.04.1 amd64 SSL shared libraries
ii libssl1.0.0 1.0.1f-1ubuntu2.15 amd64 Secure Sockets Layer toolkit - shared libraries
ii libssl1.1 1.1.0f-2~ubuntu14.04.1+deb.sury.org+1 amd64 Secure Sockets Layer toolkit - shared libraries
ii libstdc++-4.8-dev 4.8.4-2ubuntu1~14.04 amd64 GNU Standard C++ Library v3 (development files)
ii libstdc++6 4.8.4-2ubuntu1~14.04 amd64 GNU Standard C++ Library v3
ii libsub-name-perl 0.05-1build4 amd64 module for assigning a new name to referenced sub
ii libsystemd-daemon0 204-5ubuntu20.15 amd64 systemd utility library
ii libsystemd-login0 204-5ubuntu20.15 amd64 systemd login utility library
ii libtalloc2 2.1.0-1 amd64 hierarchical pool based memory allocator
ii libtasn1-6 3.4-3ubuntu0.6 amd64 Manage ASN.1 structures (runtime)
ii libtasn1-6-dev 3.4-3ubuntu0.6 amd64 Manage ASN.1 structures (development)
ii libtdb1 1.2.12-1 amd64 Trivial Database - shared library
ii libterm-readkey-perl 2.31-1 amd64 perl module for simple terminal control
ii libterm-ui-perl 0.42-1 all Term::ReadLine UI made easy
ii libtevent0 0.9.19-1 amd64 talloc-based event loop library - shared library
ii libtext-charwidth-perl 0.04-7build3 amd64 get display widths of characters on the terminal
ii libtext-iconv-perl 1.7-5build2 amd64 converts between character sets in Perl
ii libtext-soundex-perl 3.4-1build1 amd64 implementation of the soundex algorithm
ii libtext-wrapi18n-perl 0.06-7 all internationalized substitute of Text::Wrap
ii libthai-data 0.1.20-3 all Data files for Thai language support library
ii libthai0 0.1.20-3 amd64 Thai language support library
ii libtiff5 4.0.3-7ubuntu0.3 amd64 Tag Image File Format (TIFF) library
ii libtimedate-perl 2.3000-1 all collection of modules to manipulate date/time information
ii libtinfo-dev 5.9+20140118-1ubuntu1 amd64 developer's library for the low-level terminfo library
ii libtinfo5 5.9+20140118-1ubuntu1 amd64 shared low-level terminfo library for terminal handling
ii libtirpc1 0.2.2-5ubuntu2 amd64 transport-independent RPC library
ii libtomcat7-java 7.0.52-1ubuntu0.3 all Servlet and JSP engine -- core libraries
ii libtsan0 4.8.4-2ubuntu1~14.04 amd64 ThreadSanitizer -- a Valgrind-based detector of data races (runtime)
ii libtxc-dxtn-s2tc0 0~git20131104-1.1 amd64 Texture compression library for Mesa
ii libudev1 204-5ubuntu20.15 amd64 libudev shared library
ii libudisks2-0 2.1.3-1ubuntu0.1 amd64 GObject based library to access udisks2
ii liburi-perl 1.60-1 all module to manipulate and access URI strings
ii libusb-0.1-4 2:0.1.12-23.3ubuntu1 amd64 userspace USB programming library
ii libusb-1.0-0 2:1.0.17-1ubuntu2 amd64 userspace USB programming library
ii libusbredirparser1 0.6-2ubuntu1.1 amd64 Parser for the usbredir protocol (runtime)
ii libustr-1.0-1 1.0.4-3ubuntu2 amd64 Micro string library: shared library
ii libuuid1 2.20.1-5.1ubuntu20.7 amd64 Universally Unique ID library
ii libv4l-0 1.0.1-1 amd64 Collection of video4linux support libraries
ii libv4lconvert0 1.0.1-1 amd64 Video4linux frame format conversion library
ii libv8-3.14-dev 3.14.5.8-5ubuntu2 amd64 V8 JavaScript engine - development files for 3.14 branch
ii libv8-3.14.5 3.14.5.8-5ubuntu2 amd64 V8 JavaScript engine - runtime library
ii libvirt-bin 1.2.2-0ubuntu13.1.14 amd64 programs for the libvirt library
ii libvirt0 1.2.2-0ubuntu13.1.14 amd64 library for interfacing with different virtualization systems
ii libvisio-0.0-0 0.0.31-1ubuntu2 amd64 library for parsing the visio file structure
ii libvncserver0 0.9.9+dfsg-1ubuntu1.1 amd64 API to write one's own vnc server
ii libvorbis0a 1.3.2-1.3ubuntu1 amd64 The Vorbis General Audio Compression Codec (Decoder library)
ii libvorbisenc2 1.3.2-1.3ubuntu1 amd64 The Vorbis General Audio Compression Codec (Encoder library)
ii libvorbisfile3 1.3.2-1.3ubuntu1 amd64 The Vorbis General Audio Compression Codec (High Level API)
ii libvpx1 1.3.0-2 amd64 VP8 video codec (shared library)
ii libwayland-client0 1.4.0-1ubuntu1 amd64 wayland compositor infrastructure - client library
ii libwayland-cursor0 1.4.0-1ubuntu1 amd64 wayland compositor infrastructure - cursor library
ii libwbclient0 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 Samba winbind client library
ii libwebp5 0.4.4-1+deb.sury.org~trusty+1 amd64 Lossy compression of digital photographic images.
ii libwind0-heimdal 1.6~git20131207+dfsg-1ubuntu1.1 amd64 Heimdal Kerberos - stringprep implementation
ii libwpd-0.9-9 0.9.9-1 amd64 Library for handling WordPerfect documents (shared library)
ii libwpg-0.2-2 0.2.2-1ubuntu1 amd64 WordPerfect graphics import/convert library (shared library)
ii libwps-0.2-2 0.2.9-2ubuntu1 amd64 Works text file format import filter library (shared library)
ii libwrap0 7.6.q-25 amd64 Wietse Venema's TCP wrappers library
ii libwww-perl 6.05-2 all simple and consistent interface to the world-wide web
ii libwww-robotrules-perl 6.01-1 all database of robots.txt-derived permissions
ii libx11-6 2:1.6.2-1ubuntu2 amd64 X11 client-side library
ii libx11-data 2:1.6.2-1ubuntu2 all X11 client-side library
ii libx11-xcb1 2:1.6.2-1ubuntu2 amd64 Xlib/XCB interface library
ii libx86-1 1.1+ds1-10 amd64 x86 real-mode library
ii libxalan2-java 2.7.1-9 all XSL Transformations (XSLT) processor in Java
ii libxapian22 1.2.16-2ubuntu1 amd64 Search engine library
ii libxau6 1:1.0.8-1 amd64 X11 authorisation library
ii libxaw7 2:1.0.12-1 amd64 X11 Athena Widget library
ii libxcb-dri2-0 1.10-2ubuntu1 amd64 X C Binding, dri2 extension
ii libxcb-dri3-0 1.10-2ubuntu1 amd64 X C Binding, dri3 extension
ii libxcb-glx0 1.10-2ubuntu1 amd64 X C Binding, glx extension
ii libxcb-present0 1.10-2ubuntu1 amd64 X C Binding, present extension
ii libxcb-render0 1.10-2ubuntu1 amd64 X C Binding, render extension
ii libxcb-shape0 1.10-2ubuntu1 amd64 X C Binding, shape extension
ii libxcb-shm0 1.10-2ubuntu1 amd64 X C Binding, shm extension
ii libxcb-sync1 1.10-2ubuntu1 amd64 X C Binding, sync extension
ii libxcb1 1.10-2ubuntu1 amd64 X C Binding
ii libxcomposite1 1:0.4.4-1 amd64 X11 Composite extension library
ii libxcursor1 1:1.1.14-1 amd64 X cursor management library
ii libxdamage1 1:1.1.4-1ubuntu1 amd64 X11 damaged region extension library
ii libxdmcp6 1:1.1.1-1 amd64 X11 Display Manager Control Protocol library
ii libxen-4.4 4.4.2-0ubuntu0.14.04.3 amd64 Public libs for Xen
ii libxenstore3.0 4.4.2-0ubuntu0.14.04.3 amd64 Xenstore communications library for Xen
ii libxerces2-java 2.11.0-7 all Validating XML parser for Java with DOM level 3 support
ii libxext6 2:1.3.2-1ubuntu0.0.14.04.1 amd64 X11 miscellaneous extension library
ii libxfixes3 1:5.0.1-1ubuntu1.1 amd64 X11 miscellaneous 'fixes' extension library
ii libxfont1 1:1.4.7-1ubuntu0.2 amd64 X11 font rasterisation library
ii libxft2 2.3.1-2 amd64 FreeType-based font drawing library for X
ii libxi6 2:1.7.1.901-1ubuntu1.1 amd64 X11 Input extension library
ii libxinerama1 2:1.1.3-1 amd64 X11 Xinerama extension library
ii libxkbcommon0 0.4.1-0ubuntu1 amd64 library interface to the XKB compiler - shared library
ii libxml-commons-external-java 1.4.01-2build1 all XML Commons external code - DOM, SAX, and JAXP, etc
ii libxml-commons-resolver1.1-java 1.2-7build1 all XML entity and URI resolver library
ii libxml2 2.9.1+dfsg1-3ubuntu4.5 amd64 GNOME XML library
ii libxml2-utils 2.9.1+dfsg1-3ubuntu4.5 amd64 XML utilities
ii libxmu6 2:1.1.1-1 amd64 X11 miscellaneous utility library
ii libxmuu1 2:1.1.1-1 amd64 X11 miscellaneous micro-utility library
ii libxpm4 1:3.5.10-1 amd64 X11 pixmap library
ii libxrandr2 2:1.4.2-1 amd64 X11 RandR extension library
ii libxrender1 1:0.9.8-1build0.14.04.1 amd64 X Rendering Extension client library
ii libxshmfence1 1.1-2 amd64 X shared memory fences - shared library
ii libxslt1.1 1.1.28-2build1 amd64 XSLT 1.0 processing library - runtime library
ii libxt6 1:1.1.4-1 amd64 X11 toolkit intrinsics library
ii libxtables10 1.4.21-1ubuntu1 amd64 netfilter xtables library
ii libxtst6 2:1.2.2-1 amd64 X11 Testing -- Record extension library
ii libxv1 2:1.0.10-1 amd64 X11 Video extension library
ii libxxf86dga1 2:1.1.4-1 amd64 X11 Direct Graphics Access extension library
ii libxxf86vm1 1:1.1.3-1 amd64 X11 XFree86 video mode extension library
ii libyajl2 2.0.4-4 amd64 Yet Another JSON Library
ii libzip4 1.1.2-1.1+deb.sury.org~trusty+1 amd64 library for reading, creating, and modifying zip archives (runtime)
ii linux-firmware 1.127.18 all Firmware for Linux kernel drivers
ii linux-generic 3.13.0.62.69 amd64 Complete Generic Linux kernel and headers
ii linux-headers-3.13.0-32 3.13.0-32.57 all Header files related to Linux kernel version 3.13.0
ii linux-headers-3.13.0-32-generic 3.13.0-32.57 amd64 Linux kernel headers for version 3.13.0 on 64 bit x86 SMP
ii linux-headers-3.13.0-62 3.13.0-62.102 all Header files related to Linux kernel version 3.13.0
ii linux-headers-3.13.0-62-generic 3.13.0-62.102 amd64 Linux kernel headers for version 3.13.0 on 64 bit x86 SMP
ii linux-headers-generic 3.13.0.62.69 amd64 Generic Linux kernel headers
ii linux-image-3.13.0-32-generic 3.13.0-32.57 amd64 Linux kernel image for version 3.13.0 on 64 bit x86 SMP
ii linux-image-3.13.0-62-generic 3.13.0-62.102 amd64 Linux kernel image for version 3.13.0 on 64 bit x86 SMP
ii linux-image-extra-3.13.0-32-generic 3.13.0-32.57 amd64 Linux kernel extra modules for version 3.13.0 on 64 bit x86 SMP
ii linux-image-extra-3.13.0-62-generic 3.13.0-62.102 amd64 Linux kernel extra modules for version 3.13.0 on 64 bit x86 SMP
ii linux-image-generic 3.13.0.62.69 amd64 Generic Linux kernel image
ii linux-libc-dev 3.13.0-68.111 amd64 Linux Kernel Headers for development
ii locales 2.13+git20120306-12.1 all common files for locale support
ii lockfile-progs 0.1.17 amd64 Programs for locking and unlocking files and mailboxes
ii login 1:4.1.5.1-1ubuntu9.1 amd64 system login tools
ii logrotate 3.8.7-1ubuntu1 amd64 Log rotation utility
ii lp-solve 5.5.0.13-7build1 amd64 Solve (mixed integer) linear programming problems
ii lsb-base 4.1+Debian11ubuntu6 all Linux Standard Base 4.1 init script functionality
ii lsb-release 4.1+Debian11ubuntu6 all Linux Standard Base version reporting utility
ii lshw 02.16-2ubuntu1.3 amd64 information about hardware configuration
ii lsof 4.86+dfsg-1ubuntu2 amd64 Utility to list open files
ii ltrace 0.7.3-4ubuntu5.1 amd64 Tracks runtime library calls in dynamically linked programs
ii lvm2 2.02.98-6ubuntu2 amd64 Linux Logical Volume Manager
ii m4 1.4.17-2ubuntu1 amd64 a macro processing language
ii make 3.81-8.2ubuntu3 amd64 An utility for Directing compilation.
ii makedev 2.3.1-93ubuntu1 all creates device files in /dev
ii man-db 2.6.7.1-1ubuntu1 amd64 on-line manual pager
ii manpages 3.54-1ubuntu1 all Manual pages about using a GNU/Linux system
ii manpages-dev 3.54-1ubuntu1 all Manual pages about using GNU/Linux for development
ii mawk 1.3.3-17ubuntu2 amd64 a pattern scanning and text processing language
ii memtest86+ 4.20-1.1ubuntu8 amd64 thorough real-mode memory tester
ii mime-support 3.54ubuntu1.1 all MIME files 'mime.types' & 'mailcap', and support programs
ii mlocate 0.26-1ubuntu1 amd64 quickly find files on the filesystem based on their name
ii module-init-tools 15-0ubuntu6 all transitional dummy package (module-init-tools to kmod)
ii mount 2.20.1-5.1ubuntu20.7 amd64 Tools for mounting and manipulating filesystems
ii mountall 2.53 amd64 filesystem mounting tool
ii msr-tools 1.3-2 amd64 Utilities for modifying MSRs from userspace
ii mtr-tiny 0.85-2 amd64 Full screen ncurses traceroute tool
ii multiarch-support 2.19-0ubuntu6.6 amd64 Transitional package to ensure multiarch compatibility
ii mysql-client-5.5 5.5.46-0ubuntu0.14.04.2 amd64 MySQL database client binaries
ii mysql-client-core-5.5 5.5.46-0ubuntu0.14.04.2 amd64 MySQL database core client binaries
ii mysql-common 5.5.46-0ubuntu0.14.04.2 all MySQL database common files, e.g. /etc/mysql/my.cnf
ii mysql-server 5.5.46-0ubuntu0.14.04.2 all MySQL database server (metapackage depending on the latest version)
ii mysql-server-5.5 5.5.46-0ubuntu0.14.04.2 amd64 MySQL database server binaries and system database setup
ii mysql-server-core-5.5 5.5.46-0ubuntu0.14.04.2 amd64 MySQL database server binaries
ii nano 2.2.6-1ubuntu1 amd64 small, friendly text editor inspired by Pico
ii ncurses-base 5.9+20140118-1ubuntu1 all basic terminal type definitions
ii ncurses-bin 5.9+20140118-1ubuntu1 amd64 terminal-related programs and man pages
ii ncurses-term 5.9+20140118-1ubuntu1 all additional terminal type definitions
ii net-tools 1.60-25ubuntu2.1 amd64 The NET-3 networking toolkit
ii netbase 5.2 all Basic TCP/IP networking system
ii netcat-openbsd 1.105-7ubuntu1 amd64 TCP/IP swiss army knife
ii nfs-common 1:1.2.8-6ubuntu1.2 amd64 NFS support files common to client and server
ii nfs-kernel-server 1:1.2.8-6ubuntu1.2 amd64 support for NFS kernel server
ii node-abbrev 1.0.4-2 all Like ruby abbrev module, but for Node.js
ii node-ansi 0.2.1-1 all Advanced ANSI formatting tool for Node.js
ii node-archy 0.0.2-1 all Pretty-print nested hierarchies module for Node.js
ii node-async 0.2.5-1 all higher-order functions and common patterns for asynchronous Javascript
ii node-block-stream 0.0.7-1 all Stream of fixed-size blocks, with zero-padding when necessary
ii node-combined-stream 0.0.4-1 all Append streams one after another - module for Node.js
ii node-cookie-jar 0.3.1-1 all Cookie handling for HTTP clients - module for Node.js
ii node-delayed-stream 0.0.5-1 all Buffer stream events for later handling - module for Node.js
ii node-forever-agent 0.5.1-1 all HTTP agent supporting keep-alive requests - module for Node.js
ii node-form-data 0.1.0-1 all Create multipart/form-data streams module for Node.js
ii node-fstream 0.1.24-1 all Advanced filesystem streaming tools for Node.js
ii node-fstream-ignore 0.0.6-2 all Directory reader configurable by .ignore module for Node.js
ii node-github-url-from-git 1.1.1-1 all Convert github git or gist url to an http url - Node.js module
ii node-glob 3.2.6-1 all glob functionality for Node.js
ii node-graceful-fs 2.0.0-2 all drop-in replacement improving the Node.js fs module
ii node-gyp 0.10.10-2 all Native addon build tool for Node.js
ii node-inherits 2.0.0-1 all Exposes inherits function from Node.js environment
ii node-ini 1.1.0-1 all ini format parser and serializer for Node.js
ii node-json-stringify-safe 5.0.0-1 all JSON.stringify with circular references module for Node.js
ii node-lockfile 0.4.1-1 all Asynchronous file lock module for Node.js
ii node-lru-cache 2.3.1-1 all least-recently-used cache object for Node.js
ii node-mime 1.2.11-1 all library for mime-type mapping for Node.js
ii node-minimatch 0.2.12-1 all Convert glob expressions into RegExp objects for Node.js
ii node-mkdirp 0.3.5-1 all Node.js module to recursively create directories
ii node-mute-stream 0.0.3-1 all Pass-through stream that can be muted module for Node.js
ii node-node-uuid 1.4.0-1 all simple, fast generation of RFC4122 UUIDs - Node module
ii node-nopt 2.1.2-1 all Command-line option parser for Node.js
ii node-normalize-package-data 0.2.2-1 all Normalizes package metadata - Node.js module
ii node-npmlog 0.0.4-1 all Logger with custom levels and colored output for Node.js
ii node-once 1.1.1-1 all Run a function only once with this module for Node.js
ii node-osenv 0.0.3-1 all Environment settings lookup module for Node.js
ii node-qs 0.6.5-1 all querystring parser library for Node.js
ii node-read 1.0.4-1 all Read user input from stdin module for Node.js
ii node-read-package-json 1.1.3-1 all Read package.json for npm module for Node.js
ii node-request 2.26.1-1 all simplified HTTP request client module for Node.js
ii node-retry 0.6.0-1 all Retry strategies for failed operations module for Node.js
ii node-rimraf 2.2.2-2 all Deep deletion (like rm -rf) module for Node.js
ii node-semver 2.1.0-2 all Semantic Versioning for Node.js
ii node-sha 1.2.3-1 all Check and get file or stream hashes - module for Node.js
ii node-sigmund 1.0.0-1 all Quick and dirty signatures for Objects module for Node.js
ii node-slide 1.1.4-1 all Simple chain and asyncMap flow control module for Node.js
ii node-tar 0.1.18-1 all read and write portable tar archives module for Node.js
ii node-tunnel-agent 0.3.1-1 all HTTP proxy tunneling agent module for Node.js
ii node-which 1.0.5-2 all Cross-platform 'which' module for Node.js
ii nodejs 0.10.25~dfsg2-2ubuntu1 amd64 evented I/O for V8 javascript
ii nodejs-dev 0.10.25~dfsg2-2ubuntu1 amd64 evented I/O for V8 javascript (development files)
ii npm 1.3.10~dfsg-1 all package manager for Node.js
ii ntfs-3g 1:2013.1.13AR.1-2ubuntu2 amd64 read/write NTFS driver for FUSE
ii ntpdate 1:4.2.6.p5+dfsg-3ubuntu2.14.04.5 amd64 client for setting system time from NTP servers
ii openjdk-7-jre 7u79-2.5.6-0ubuntu1.14.04.1 amd64 OpenJDK Java runtime, using Hotspot JIT
ii openjdk-7-jre-headless 7u79-2.5.6-0ubuntu1.14.04.1 amd64 OpenJDK Java runtime, using Hotspot JIT (headless)
ii openssh-client 1:6.6p1-2ubuntu2.10 amd64 secure shell (SSH) client, for secure access to remote machines
ii openssh-server 1:6.6p1-2ubuntu2.10 amd64 secure shell (SSH) server, for secure access from remote machines
ii openssh-sftp-server 1:6.6p1-2ubuntu2.3 amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines
ii openssl 1.0.1f-1ubuntu2.15 amd64 Secure Sockets Layer toolkit - cryptographic utility
ii os-prober 1.63ubuntu1 amd64 utility to detect other OSes on a set of drives
ii owncloud 6.0.1+dfsg-1ubuntu1.2 all empty package
ii parted 2.3-19ubuntu1.14.04.1 amd64 disk partition manipulator
ii passwd 1:4.1.5.1-1ubuntu9.1 amd64 change and administer password and group data
ii patch 2.7.1-4ubuntu2.3 amd64 Apply a diff file to an original
ii pciutils 1:3.2.1-1ubuntu5 amd64 Linux PCI Utilities
ii perl 5.18.2-2ubuntu1 amd64 Larry Wall's Practical Extraction and Report Language
ii perl-base 5.18.2-2ubuntu1 amd64 minimal Perl system
ii perl-modules 5.18.2-2ubuntu1 all Core Perl modules
ii php-common 1:54+ubuntu14.04.1+deb.sury.org+1 all Common files for PHP packages
ii php-gettext 1.0.11-1 all read gettext MO files directly, without requiring anything other than PHP
ii php-pear 5.5.9+dfsg-1ubuntu4.14 all PEAR - PHP Extension and Application Repository
ii php5 5.5.9+dfsg-1ubuntu4.14 all server-side, HTML-embedded scripting language (metapackage)
ii php5-cli 5.5.9+dfsg-1ubuntu4.14 amd64 command-line interpreter for the php5 scripting language
ii php5-common 5.5.9+dfsg-1ubuntu4.14 amd64 Common files for packages built from the php5 source
ii php5-curl 5.5.9+dfsg-1ubuntu4.14 amd64 CURL module for php5
ii php5-gd 5.5.9+dfsg-1ubuntu4.14 amd64 GD module for php5
ii php5-intl 5.5.9+dfsg-1ubuntu4.14 amd64 internationalisation module for php5
ii php5-json 1.3.2-2build1 amd64 JSON module for php5
ii php5-ldap 5.5.9+dfsg-1ubuntu4.14 amd64 LDAP module for php5
ii php5-mcrypt 5.4.6-0ubuntu5 amd64 MCrypt module for php5
ii php5-mysql 5.5.9+dfsg-1ubuntu4.14 amd64 MySQL module for php5
ii php5-readline 5.5.9+dfsg-1ubuntu4.14 amd64 Readline module for php5
ii php5-xmlrpc 5.5.9+dfsg-1ubuntu4.14 amd64 XML-RPC module for php5
ii php5.6 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 all server-side, HTML-embedded scripting language (metapackage)
ii php5.6-cli 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 command-line interpreter for the PHP scripting language
ii php5.6-common 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 documentation, examples and common module for PHP
ii php5.6-curl 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 CURL module for PHP
ii php5.6-gd 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 GD module for PHP
ii php5.6-intl 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 Internationalisation module for PHP
ii php5.6-json 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 JSON module for PHP
ii php5.6-mbstring 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 MBSTRING module for PHP
ii php5.6-mcrypt 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 libmcrypt module for PHP
ii php5.6-mysql 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 MySQL module for PHP
ii php5.6-opcache 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 Zend OpCache module for PHP
ii php5.6-readline 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 readline module for PHP
ii php5.6-xml 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 DOM, SimpleXML, WDDX, XML, and XSL module for PHP
ii php5.6-xsl 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 all XSL module for PHP (dummy)
ii php5.6-zip 5.6.31-4+ubuntu14.04.1+deb.sury.org+4 amd64 Zip module for PHP
ii phpmyadmin 4:4.0.10-1 all MySQL web administration tool
ii pkg-config 0.28-1ubuntu1.01~trusty amd64 manage compile and link flags for libraries
ii plymouth 0.8.8-0ubuntu17.1 amd64 graphical boot animation and logger - main package
ii plymouth-theme-ubuntu-text 0.8.8-0ubuntu17.1 amd64 graphical boot animation and logger - ubuntu-logo theme
ii pm-utils 1.4.1-13ubuntu0.1 all utilities and scripts for power management
ii policykit-1 0.105-4ubuntu2.14.04.1 amd64 framework for managing administrative policies and privileges
ii policykit-1-gnome 0.105-1ubuntu4 amd64 GNOME authentication agent for PolicyKit-1
ii popularity-contest 1.57ubuntu1 all Vote for your favourite packages automatically
ii powermgmt-base 1.31build1 amd64 Common utils and configs for power management
ii ppp 2.4.5-5.1ubuntu2.2 amd64 Point-to-Point Protocol (PPP) - daemon
ii pppconfig 2.3.19ubuntu1 all A text menu based utility for configuring ppp
ii pppoeconf 1.20ubuntu1 all configures PPPoE/ADSL connections
ii procps 1:3.3.9-1ubuntu2.2 amd64 /proc file system utilities
ii psmisc 22.20-1ubuntu2 amd64 utilities that use the proc file system
ii python 2.7.5-5ubuntu3 amd64 interactive high-level object-oriented language (default version)
ii python-apt 0.9.3.5ubuntu1 amd64 Python interface to libapt-pkg
ii python-apt-common 0.9.3.5ubuntu1 all Python interface to libapt-pkg (locales)
ii python-chardet 2.0.1-2build2 all universal character encoding detector
ii python-configobj 4.7.2+ds-5build1 all simple but powerful config file reader and writer for Python
ii python-crypto 2.6.1-4build1 amd64 cryptographic algorithms and protocols for Python
ii python-debian 0.1.21+nmu2ubuntu2 all Python modules to work with Debian-related data formats
ii python-dnspython 1.11.1-1build1 all DNS toolkit for Python
ii python-gdbm 2.7.5-1ubuntu1 amd64 GNU dbm database support for Python
ii python-ldb 1:1.1.16-1 amd64 Python bindings for LDB
ii python-minimal 2.7.5-5ubuntu3 amd64 minimal subset of the Python language (default version)
ii python-ntdb 1.0-2ubuntu1 amd64 Python bindings for NTDB
ii python-openssl 0.13-2ubuntu6 amd64 Python 2 wrapper around the OpenSSL library
ii python-pam 0.4.2-13.1ubuntu3 amd64 Python interface to the PAM library
ii python-pkg-resources 3.3-1ubuntu2 all Package Discovery and Resource Access using pkg_resources
ii python-pyinotify 0.9.4-1build1 all simple Linux inotify Python bindings
ii python-requests 2.2.1-1ubuntu0.3 all elegant and simple HTTP library for Python, built for human beings
ii python-samba 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 Python bindings for Samba
ii python-serial 2.6-1build1 all pyserial - module encapsulating access for the serial port
ii python-six 1.5.2-1ubuntu1 all Python 2 and 3 compatibility library (Python 2 interface)
ii python-talloc 2.1.0-1 amd64 hierarchical pool based memory allocator - Python bindings
ii python-tdb 1.2.12-1 amd64 Python bindings for TDB
ii python-twisted-bin 13.2.0-1ubuntu1 amd64 Event-based framework for internet applications
ii python-twisted-core 13.2.0-1ubuntu1 all Event-based framework for internet applications
ii python-urllib3 1.7.1-1ubuntu4 all HTTP library with thread-safe connection pooling for Python
ii python-xapian 1.2.16-2ubuntu1 amd64 Xapian search engine interface for Python
ii python-zope.interface 4.0.5-1ubuntu4 amd64 Interfaces for Python
ii python2.7 2.7.6-8ubuntu0.2 amd64 Interactive high-level object-oriented language (version 2.7)
ii python2.7-minimal 2.7.6-8ubuntu0.2 amd64 Minimal subset of the Python language (version 2.7)
ii python3 3.4.0-0ubuntu2 amd64 interactive high-level object-oriented language (default python3 version)
ii python3-apport 2.14.1-0ubuntu3.19 all Python 3 library for Apport crash report handling
ii python3-apt 0.9.3.5ubuntu1 amd64 Python 3 interface to libapt-pkg
ii python3-commandnotfound 0.3ubuntu12 all Python 3 bindings for command-not-found.
ii python3-dbus 1.2.0-2build2 amd64 simple interprocess messaging system (Python 3 interface)
ii python3-distupgrade 1:0.220.8 all manage release upgrades
ii python3-gdbm 3.4.3-1~14.04.2 amd64 GNU dbm database support for Python 3.x
ii python3-gi 3.12.0-1ubuntu1 amd64 Python 3 bindings for gobject-introspection libraries
ii python3-minimal 3.4.0-0ubuntu2 amd64 minimal subset of the Python language (default python3 version)
ii python3-newt 0.52.15-2ubuntu5 amd64 NEWT module for Python3
ii python3-problem-report 2.14.1-0ubuntu3.19 all Python 3 library to handle problem reports
ii python3-pycurl 7.19.3-0ubuntu3 amd64 Python 3 bindings to libcurl
ii python3-software-properties 0.92.37.6 all manage the repositories that you install software from
ii python3-uno 1:4.2.8-0ubuntu3 amd64 Python-UNO bridge
ii python3-update-manager 1:0.196.14 all python 3.x module for update-manager
ii python3.4 3.4.3-1ubuntu1~14.04.3 amd64 Interactive high-level object-oriented language (version 3.4)
ii python3.4-minimal 3.4.3-1ubuntu1~14.04.3 amd64 Minimal subset of the Python language (version 3.4)
ii qemu-keymaps 2.0.0+dfsg-2ubuntu1.20 all QEMU keyboard maps
ii qemu-kvm 2.0.0+dfsg-2ubuntu1.20 amd64 QEMU Full virtualization
ii qemu-system-common 2.0.0+dfsg-2ubuntu1.20 amd64 QEMU full system emulation binaries (common files)
ii qemu-system-x86 2.0.0+dfsg-2ubuntu1.20 amd64 QEMU full system emulation binaries (x86)
ii qemu-utils 2.0.0+dfsg-2ubuntu1.20 amd64 QEMU utilities
ii qtcore4-l10n 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 all Qt 4 core module translations
ii readline-common 6.3-4ubuntu2 all GNU readline and history libraries, common files
ii resolvconf 1.69ubuntu1.1 all name server information handler
ii rpcbind 0.2.1-2ubuntu2.2 amd64 converts RPC program numbers into universal addresses
ii rsync 3.1.0-2ubuntu0.1 amd64 fast, versatile, remote (and local) file-copying tool
ii rsyslog 7.4.4-1ubuntu2.6 amd64 reliable system and kernel logging daemon
ii run-one 1.17-0ubuntu1 all run just one instance of a command and its args at a time
ii samba 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 SMB/CIFS file, print, and login server for Unix
ii samba-common 2:4.1.6+dfsg-1ubuntu2.14.04.9 all common files used by both the Samba server and client
ii samba-common-bin 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 Samba common files used by both the server and the client
ii samba-doc 2:4.1.6+dfsg-1ubuntu2.14.04.9 all Samba documentation
ii samba-dsdb-modules 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 Samba Directory Services Database
ii samba-libs 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 Samba core libraries
ii samba-vfs-modules 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 Samba Virtual FileSystem plugins
ii screen 4.1.0~20120320gitdb59704-9 amd64 terminal multiplexer with VT100/ANSI terminal emulation
ii seabios 1.7.4-4ubuntu1 all Legacy BIOS implementation
ii sed 4.2.2-4ubuntu1 amd64 The GNU sed stream editor
ii sensible-utils 0.0.9 all Utilities for sensible alternative selection
ii sgml-base 1.26+nmu4ubuntu1 all SGML infrastructure and SGML catalog file support
ii shared-mime-info 1.2-0ubuntu3 amd64 FreeDesktop.org shared MIME database and spec
ii sharutils 1:4.14-1ubuntu1 amd64 shar, unshar, uuencode, uudecode
ii smbclient 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 command-line SMB/CIFS clients for Unix
ii software-properties-common 0.92.37.6 all manage the repositories that you install software from (common)
ii sound-theme-freedesktop 0.8-1 all freedesktop.org sound theme
ii squid 3.3.8-1ubuntu6.4 amd64 dependency package from squid to squid3
ii squid-langpack 20121005-1 all Localized error pages for Squid
ii squid3 3.3.8-1ubuntu6.4 amd64 Full featured Web Proxy cache (HTTP proxy)
ii squid3-common 3.3.8-1ubuntu6.4 all Full featured Web Proxy cache (HTTP proxy) - common files
ii ssh-import-id 3.21-0ubuntu1 all securely retrieve an SSH public key and install it locally
ii ssl-cert 1.0.33 all simple debconf wrapper for OpenSSL
ii strace 4.8-1ubuntu5 amd64 A system call tracer
ii sudo 1.8.9p5-1ubuntu1.2 amd64 Provide limited super user privileges to specific users
ii systemd-services 204-5ubuntu20.15 amd64 systemd runtime services
ii systemd-shim 6-2bzr1 amd64 shim for systemd
ii sysv-rc 2.88dsf-41ubuntu6.2 all System-V-like runlevel change mechanism
ii sysvinit-utils 2.88dsf-41ubuntu6.2 amd64 System-V-like utilities
ii tar 1.27.1-1 amd64 GNU version of the tar archiving utility
ii tasksel 2.88ubuntu15 all Tool for selecting tasks for installation on Debian systems
ii tasksel-data 2.88ubuntu15 all Official tasks used for installation of Debian systems
ii tcpd 7.6.q-25 amd64 Wietse Venema's TCP wrapper utilities
ii tcpdump 4.5.1-2ubuntu1.2 amd64 command-line network traffic analyzer
ii tdb-tools 1.2.12-1 amd64 Trivial Database - bundled binaries
ii telnet 0.17-36build2 amd64 The telnet client
ii time 1.7-24 amd64 GNU time program for measuring CPU resource usage
ii tmux 1.8-5 amd64 terminal multiplexer
ii tomcat7 7.0.52-1ubuntu0.3 all Servlet and JSP engine
ii tomcat7-admin 7.0.52-1ubuntu0.3 all Servlet and JSP engine -- admin web applications
ii tomcat7-common 7.0.52-1ubuntu0.3 all Servlet and JSP engine -- common files
ii tomcat7-docs 7.0.52-1ubuntu0.3 all Servlet and JSP engine -- documentation
ii tomcat7-examples 7.0.52-1ubuntu0.3 all Servlet and JSP engine -- example web applications
ii tzdata 2015g-0ubuntu0.14.04 all time zone and daylight-saving time data
ii tzdata-java 2015g-0ubuntu0.14.04 all time zone and daylight-saving time data for use by java runtimes
ii ubuntu-keyring 2012.05.19 all GnuPG keys of the Ubuntu archive
ii ubuntu-minimal 1.325 amd64 Minimal core of Ubuntu
ii ubuntu-release-upgrader-core 1:0.220.8 all manage release upgrades
ii ubuntu-standard 1.325 amd64 The Ubuntu standard system
ii ubuntu-virt-server 1.4 all Common packages necessary for hosting virtual machines
ii ucf 3.0027+nmu1 all Update Configuration File(s): preserve user changes to config files
ii udev 204-5ubuntu20.15 amd64 /dev/ and hotplug management daemon
ii udisks2 2.1.3-1ubuntu0.1 amd64 D-BUS service to access and manipulate storage devices
ii ufw 0.34~rc-0ubuntu2 all program for managing a Netfilter firewall
ii unattended-upgrades 0.82.1ubuntu2.3 all automatic installation of security upgrades
ii uno-libs3 4.2.8-0ubuntu3 amd64 LibreOffice UNO runtime environment -- public shared libraries
ii unrar 1:5.0.10-1ubuntu0.14.04.1 amd64 Unarchiver for .rar files (non-free version)
ii unzip 6.0-9ubuntu1.5 amd64 De-archiver for .zip files
ii update-inetd 4.43 all inetd configuration file updater
ii update-manager-core 1:0.196.14 all manage release upgrades
ii update-notifier-common 0.154.1ubuntu1 all Files shared between update-notifier and other packages
ii upstart 1.12.1-0ubuntu4.2 amd64 event-based init daemon
ii ure 4.2.8-0ubuntu3 amd64 LibreOffice UNO runtime environment
ii ureadahead 0.100.0-16 amd64 Read required files in advance
ii usbutils 1:007-2ubuntu1 amd64 Linux USB utilities
ii util-linux 2.20.1-5.1ubuntu20.7 amd64 Miscellaneous system utilities
ii uuid-runtime 2.20.1-5.1ubuntu20.7 amd64 runtime components for the Universally Unique ID library
ii vagrant 1:1.7.2 amd64 no description given
ii vbetool 1.1-3 amd64 run real-mode video BIOS code to alter hardware state
ii vim 2:7.4.052-1ubuntu3 amd64 Vi IMproved - enhanced vi editor
ii vim-common 2:7.4.052-1ubuntu3 amd64 Vi IMproved - Common files
ii vim-runtime 2:7.4.052-1ubuntu3 all Vi IMproved - Runtime files
ii vim-tiny 2:7.4.052-1ubuntu3 amd64 Vi IMproved - enhanced vi editor - compact version
ii virtualbox 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.1 amd64 x86 virtualization solution - base binaries
ii virtualbox-dkms 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.1 all x86 virtualization solution - kernel module sources for dkms
ii virtualbox-qt 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.1 amd64 x86 virtualization solution - Qt based user interface
ii vsftpd 3.0.2-1ubuntu2.14.04.1 amd64 lightweight, efficient FTP server written for security
ii w3m 0.5.3-15 amd64 WWW browsable pager with excellent tables/frames support
ii watershed 7 amd64 reduce superfluous executions of idempotent command
ii webmin 1.770 all web-based administration interface for Unix systems
ii wget 1.15-1ubuntu1.14.04.1 amd64 retrieves files from the web
ii whiptail 0.52.15-2ubuntu5 amd64 Displays user-friendly dialog boxes from shell scripts
ii whois 5.1.1 amd64 intelligent WHOIS client
ii winbind 2:4.1.6+dfsg-1ubuntu2.14.04.9 amd64 service to resolve user and group information from Windows NT servers
ii wireless-regdb 2013.02.13-1ubuntu1 all wireless regulatory database
ii wireless-tools 30~pre9-8ubuntu1 amd64 Tools for manipulating Linux Wireless Extensions
ii wpasupplicant 2.1-0ubuntu1.4 amd64 client support for WPA and WPA2 (IEEE 802.11i)
ii x11-common 1:7.7+1ubuntu8.1 all X Window System (X.Org) infrastructure
ii x11-utils 7.7+1 amd64 X11 utilities
ii xauth 1:1.0.7-1ubuntu1 amd64 X authentication utility
ii xfonts-encodings 1:1.0.4-1ubuntu1 all Encodings for X.Org fonts
ii xfonts-mathml 6ubuntu1 all Type1 Symbol font for MathML
ii xfonts-utils 1:7.7+1 amd64 X Window System font utility programs
ii xkb-data 2.10.1-1ubuntu1 all X Keyboard Extension (XKB) configuration data
ii xml-core 0.13+nmu2 all XML infrastructure and XML catalog file support
ii xz-utils 5.1.1alpha+20120614-2ubuntu2 amd64 XZ-format compression utilities
ii yasm 1.2.0-1ubuntu1 amd64 modular assembler with multiple syntaxes support
ii zip 3.0-8 amd64 Archiver for .zip files
ii zlib1g 1:1.2.8.dfsg-1ubuntu1 amd64 compression library - runtime
ii zlib1g-dev 1:1.2.8.dfsg-1ubuntu1 amd64 compression library - development
rc ajenti 1.2.22.23 all Server administration web interface
rc libmemcached10 1.0.8-1ubuntu2 amd64 C and C++ client library to the memcached server
rc libmemcachedutil2 1.0.8-1ubuntu2 amd64 library implementing connection pooling for libmemcached
rc libpam-smbpass 2:4.1.6+dfsg-1ubuntu2.14.04.2 amd64 pluggable authentication module for Samba
rc libpq5 9.3.6-0ubuntu0.14.04 amd64 PostgreSQL C client library
rc libwebpmux1 0.4.0-4 amd64 Lossy compression of digital photographic images.
rc php5-pgsql 5.5.9+dfsg-1ubuntu4.6 amd64 PostgreSQL module for php5
rc php5-sqlite 5.5.9+dfsg-1ubuntu4.6 amd64 SQLite module for php5
rc proftpd-basic 1.3.5~rc3-2.1ubuntu2 amd64 Versatile, virtual-hosting FTP daemon - binaries
rc python-support 1.0.15 all automated rebuilding support for Python modules
rc slapd 2.4.31-1+nmu2ubuntu8 amd64 OpenLDAP server (slapd)
25202 - Enumerate IPv6 Interfaces via SSH
Synopsis
Nessus was able to enumerate the IPv6 interfaces on the remote host.
Description
Nessus was able to enumerate the network interfaces configured with IPv6 addresses by connecting to the remote host via SSH using the supplied credentials.
Solution
Disable IPv6 if you are not actually using it. Otherwise, disable any unused IPv6 interfaces.
Risk Factor
None
Plugin Information:
Published: 2007/05/11, Modified: 2017/01/26
Plugin Output

tcp/0


The following IPv6 interfaces are set on the remote host :

- fe80::223:8bff:fe64:8746 (on interface eth2)
- ::1 (on interface lo)
25203 - Enumerate IPv4 Interfaces via SSH
Synopsis
Nessus was able to enumerate the IPv4 interfaces on the remote host.
Description
Nessus was able to enumerate the network interfaces configured with IPv4 addresses by connecting to the remote host via SSH using the supplied credentials.
Solution
Disable any unused IPv4 interfaces.
Risk Factor
None
Plugin Information:
Published: 2007/05/11, Modified: 2017/01/26
Plugin Output

tcp/0


The following IPv4 addresses are set on the remote host :

- 172.16.0.3 (on interface eth2)
- 127.0.0.1 (on interface lo)
25220 - TCP/IP Timestamps Supported
Synopsis
The remote service implements TCP timestamps.
Description
The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2011/03/20
Plugin Output

tcp/0

33276 - Enumerate MAC Addresses via SSH
Synopsis
Nessus was able to enumerate MAC addresses on the remote host.
Description
Nessus was able to enumerate MAC addresses by connecting to the remote host via SSH with the supplied credentials.
Solution
Disable any unused interfaces.
Risk Factor
None
Plugin Information:
Published: 2008/06/30, Modified: 2017/01/26
Plugin Output

tcp/0


The following MAC addresses exist on the remote host :

- 00:23:8b:64:87:46 (interface eth2)
- 00:23:8b:64:87:44 (interface eth0)
- 00:23:8b:64:87:45 (interface eth1)
- 00:23:8b:64:87:47 (interface eth3)
35716 - Ethernet Card Manufacturer Detection
Synopsis
The manufacturer can be identified from the Ethernet OUI.
Description
Each ethernet MAC address starts with a 24-bit Organizationally Unique Identifier (OUI). These OUIs are registered by IEEE.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/02/19, Modified: 2017/11/17
Plugin Output

tcp/0


The following card manufacturers were identified :

00:23:8b:64:87:47 : QUANTA COMPUTER INC.
00:23:8b:64:87:45 : QUANTA COMPUTER INC.
00:23:8b:64:87:46 : QUANTA COMPUTER INC.
00:23:8b:64:87:44 : QUANTA COMPUTER INC.
45590 - Common Platform Enumeration (CPE)
Synopsis
It was possible to enumerate CPE names that matched on the remote system.
Description
By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host.

Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2010/04/21, Modified: 2017/06/06
Plugin Output

tcp/0


The remote operating system matched the following CPE :

cpe:/o:canonical:ubuntu_linux:14.04

Following application CPE's matched on the remote system :

cpe:/a:openbsd:openssh:6.6 -> OpenBSD OpenSSH 6.6
cpe:/a:samba:samba:4.1.6 -> Samba 4.1.6
cpe:/a:apache:http_server:2.4.7 -> Apache Software Foundation Apache HTTP Server 2.4.7
cpe:/a:php:php:5.5.9 -> PHP 5.5.9
46180 - Additional DNS Hostnames
Synopsis
Nessus has detected potential virtual hosts.
Description
Hostnames different from the current hostname have been collected by miscellaneous plugins. Nessus has generated a list of hostnames that point to the remote host. Note that these are only the alternate hostnames for vhosts discovered on a web server.

Different web servers may be hosted on name-based virtual hosts.
See Also
Solution
If you want to test them, re-scan using the special vhost syntax, such as :

www.example.com[192.0.32.10]
Risk Factor
None
Plugin Information:
Published: 2010/04/29, Modified: 2017/04/27
Plugin Output

tcp/0

The following hostnames point to the remote host :
- singa
- singa.poltekom.ac.id
54615 - Device Type
Synopsis
It is possible to guess the remote device type.
Description
Based on the remote operating system, it is possible to determine what the remote system type is (eg: a printer, router, general-purpose computer, etc).
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/05/23, Modified: 2011/05/23
Plugin Output

tcp/0

Remote device type : general-purpose
Confidence level : 100
55472 - Device Hostname
Synopsis
It was possible to determine the remote system hostname.
Description
This plugin reports a device's hostname collected via SSH or WMI.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/06/30, Modified: 2018/06/06
Plugin Output

tcp/0


Hostname : singa
singa (hostname command)
56468 - Time of Last System Startup
Synopsis
The system has been started.
Description
Using the supplied credentials, Nessus was able to determine when the host was last started.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/10/12, Modified: 2018/06/19
Plugin Output

tcp/0


reboot system boot 3.13.0-62-generi Thu Jun 7 15:46 - 08:50 (18+17:03)

wtmp begins Thu Jun 7 15:46:56 2018
58651 - Netstat Active Connections
Synopsis
Active connections are enumerated via the 'netstat' command.
Description
This plugin runs 'netstat' on the remote machine to enumerate all active 'ESTABLISHED' or 'LISTENING' tcp/udp connections.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2012/04/10, Modified: 2018/06/19
Plugin Output

tcp/0


Netstat output :
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:54995 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 172.16.0.3:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.2:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:54903 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:40441 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:39515 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:34659 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN
tcp 0 0 172.16.0.3:22 172.16.1.66:49631 ESTABLISHED
tcp 0 80 172.16.0.3:22 172.16.1.201:52030 ESTABLISHED
tcp6 0 0 ::1:53 :::* LISTEN
tcp6 0 0 fe80::223:8bff:fe64::53 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
tcp6 0 0 :::443 :::* LISTEN
tcp6 0 0 :::38747 :::* LISTEN
tcp6 0 0 :::445 :::* LISTEN
tcp6 0 0 :::2112 :::* LISTEN
tcp6 0 0 :::53505 :::* LISTEN
tcp6 0 0 :::2049 :::* LISTEN
tcp6 0 0 :::35362 :::* LISTEN
tcp6 0 0 127.0.0.1:8005 :::* LISTEN
tcp6 0 0 :::41609 :::* LISTEN
tcp6 0 0 :::139 :::* LISTEN
tcp6 0 0 :::44269 :::* LISTEN
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::8080 :::* LISTEN
tcp6 0 0 :::80 :::* LISTEN
tcp6 0 0 172.16.0.3:443 172.16.0.33:53624 TIME_WAIT
tcp6 0 0 172.16.0.3:443 172.16.0.33:53621 TIME_WAIT
udp 0 0 0.0.0.0:35433 0.0.0.0:*
udp 0 0 0.0.0.0:868 0.0.0.0:*
udp 0 0 0.0.0.0:39888 0.0.0.0:*
udp 0 0 0.0.0.0:46053 0.0.0.0:*
udp 0 0 127.0.0.1:1002 0.0.0.0:*
udp 0 0 0.0.0.0:36587 0.0.0.0:*
udp 0 0 0.0.0.0:10000 0.0.0.0:*
udp 0 0 0.0.0.0:55256 0.0.0.0:*
udp 0 0 0.0.0.0:2049 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 172.16.0.3:53 0.0.0.0:*
udp 0 0 127.0.0.2:53 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
udp 0 0 0.0.0.0:59515 0.0.0.0:*
udp 0 0 172.16.1.255:137 0.0.0.0:*
udp 0 0 172.16.0.3:137 0.0.0.0:*
udp 0 0 0.0.0.0:137 0.0.0.0:*
udp 0 0 172.16.1.255:138 0.0.0.0:*
udp 0 0 172.16.0.3:138 0.0.0.0:*
udp 0 0 0.0.0.0:138 0.0.0.0:*
udp6 0 0 :::57753 :::*
udp6 0 0 :::52017 :::*
udp6 0 0 :::868 :::*
udp6 0 0 :::58577 :::*
udp6 0 0 ::1:40239 ::1:36817 ESTABLISHED
udp6 0 0 :::58854 :::*
udp6 0 0 :::36405 :::*
udp6 0 0 :::40550 :::*
udp6 0 0 ::1:36817 ::1:40239 ESTABLISHED
udp6 0 0 :::2049 :::*
udp6 0 0 ::1:53 :::*
udp6 0 0 fe80::223:8bff:fe64::53 :::*
udp6 0 0 :::111 :::*
raw 0 0 0.0.0.0:1 0.0.0.0:* 7
raw6 0 0 :::58 :::* 7
64582 - Netstat Connection Information
Synopsis
Nessus was able to parse the results of the 'netstat' command on the remote host.
Description
The remote host has listening ports or established connections that Nessus was able to extract from the results of the 'netstat' command.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2013/02/13, Modified: 2018/05/16
Plugin Output

tcp/0

tcp4 (listen)
src: [host=0.0.0.0, port=54995]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=127.0.0.1, port=53]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=172.16.0.3, port=53]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=21]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=127.0.0.2, port=53]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=22]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=54903]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=40441]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=127.0.0.1, port=25]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=39515]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=445]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=2049]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=34659]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=3306]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=139]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=111]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=10000]
dst: [host=0.0.0.0, port=*]

tcp4 (established)
src: [host=172.16.0.3, port=22]
dst: [host=172.16.1.66, port=49631]

tcp4 (established)
src: [host=172.16.0.3, port=22]
dst: [host=172.16.1.201, port=52030]

tcp6 (listen)
src: [host=::1, port=53]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=fe80::223:8bff:fe64:, port=53]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=22]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::1, port=25]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=443]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=38747]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=445]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=2112]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=53505]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=2049]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=35362]
dst: [host=::, port=*]

tcp46 (listen)
src: [host=127.0.0.1, port=8005]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=41609]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=139]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=44269]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=111]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=8080]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=80]
dst: [host=::, port=*]

tcp46 (established)
src: [host=172.16.0.3, port=443]
dst: [host=172.16.0.33, port=53624]

tcp46 (established)
src: [host=172.16.0.3, port=443]
dst: [host=172.16.0.33, port=53621]

udp4 (listen)
src: [host=0.0.0.0, port=35433]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=868]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=39888]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=46053]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=127.0.0.1, port=1002]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=36587]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=10000]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=55256]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=2049]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=127.0.0.1, port=53]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=172.16.0.3, port=53]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=127.0.0.2, port=53]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=111]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=59515]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=172.16.1.255, port=137]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=172.16.0.3, port=137]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=137]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=172.16.1.255, port=138]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=172.16.0.3, port=138]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=138]
dst: [host=0.0.0.0, port=*]

udp6 (listen)
src: [host=::, port=57753]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=52017]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=868]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=58577]
dst: [host=::, port=*]

udp6 (established)
src: [host=::1, port=40239]
dst: [host=::1, port=36817]

udp6 (listen)
src: [host=::, port=58854]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=36405]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=40550]
dst: [host=::, port=*]

udp6 (established)
src: [host=::1, port=36817]
dst: [host=::1, port=40239]

udp6 (listen)
src: [host=::, port=2049]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::1, port=53]
dst: [host=::, port=*]

udp6 (listen)
src: [host=fe80::223:8bff:fe64:, port=53]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=111]
dst: [host=::, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=1]
dst: [host=0.0.0.0, port=*]

udp6 (listen)
src: [host=::, port=58]
dst: [host=::, port=*]
66334 - Patch Report
Synopsis
The remote host is missing several patches.
Description
The remote host is missing one or more security patches. This plugin lists the newest version of each patch to install to make sure the remote host is up-to-date.
Solution
Install the patches listed below.
Risk Factor
None
Plugin Information:
Published: 2013/07/08, Modified: 2018/06/20
Plugin Output

tcp/0



. You need to take the following 97 actions :


[ Samba Badlock Vulnerability (90509) ]

+ Action to take : Upgrade to Samba version 4.2.11 / 4.3.8 / 4.4.2 or later.


[ Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : dpkg vulnerability (USN-2820-1) (87108) ]

+ Action to take : Update the affected dpkg package.


[ Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : grub2 vulnerability (USN-2836-1) (87408) ]

+ Action to take : Update the affected grub2-common package.


[ Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : ldb vulnerabilities (USN-2856-1) (87756) ]

+ Action to take : Update the affected libldb1 package.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libpng vulnerabilities (USN-2861-1) (87774) ]

+ Action to take : Update the affected libpng12-0 package.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : dosfstools vulnerabilities (USN-2986-1) (91422) ]

+ Action to take : Update the affected dosfstools package.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : nspr vulnerability (USN-3028-1) (92009) ]

+ Action to take : Update the affected libnspr4 package.


[ Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : cpio vulnerabilities (USN-2906-1) (88894) ]

+ Action to take : Update the affected cpio package.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : gtk+2.0, gtk+3.0 vulnerability (USN-2898-1) (88749) ]

+ Action to take : Update the affected libgtk-3-0 and / or libgtk2.0-0 packages.


[ Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : pam regression (USN-2935-2) (89997) ]

+ Action to take : Update the affected libpam-modules package.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : pam vulnerabilities (USN-2935-1) (89996) ]

+ Action to take : Update the affected libpam-modules package.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : pcre3 vulnerabilities (USN-2943-1) (90306) ]

+ Action to take : Update the affected libpcre3 package.

+Impact : Taking this action will resolve 25 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : libxslt vulnerabilities (USN-3271-1) (99725) ]

+ Action to take : Update the affected libxslt1.1 package.

+Impact : Taking this action will resolve 6 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : apparmor vulnerability (USN-3247-1) (99094) ]

+ Action to take : Update the affected apparmor package.


[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : curl vulnerabilities (USN-3123-1) (94574) ]

+ Action to take : Update the affected libcurl3, libcurl3-gnutls and / or libcurl3-nss packages.

+Impact : Taking this action will resolve 16 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : dbus vulnerabilities (USN-3116-1) (94465) ]

+ Action to take : Update the affected dbus and / or libdbus-1-3 packages.


[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : eject vulnerability (USN-3246-1) (99025) ]

+ Action to take : Update the affected eject package.


[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libevent vulnerabilities (USN-3228-1) (97721) ]

+ Action to take : Update the affected libevent-2.0-5 package.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libgc vulnerability (USN-3197-1) (97208) ]

+ Action to take : Update the affected libgc1c2 package.


[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libxpm vulnerability (USN-3185-1) (96954) ]

+ Action to take : Update the affected libxpm4 package.


[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : samba vulnerabilities (USN-3158-1) (95949) ]

+ Action to take : Update the affected libsmbclient, samba and / or winbind packages.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : tar vulnerability (USN-3132-1) (95054) ]

+ Action to take : Update the affected tar package.


[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : vim vulnerability (USN-3139-1) (95386) ]

+ Action to take : Update the affected packages.


[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : fontconfig vulnerability (USN-3063-1) (93025) ]

+ Action to take : Update the affected fontconfig and / or libfontconfig1 packages.


[ Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : python2.7, python3.2, python3.4, python3.5 vulnerabilities (USN-3134-1) (httpoxy) (95284) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 4 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS : libdbd-mysql-perl vulnerabilities (USN-3103-1) (94069) ]

+ Action to take : Update the affected libdbd-mysql-perl package.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 12.04 LTS / 14.04 LTS : pixman vulnerability (USN-2918-1) (89659) ]

+ Action to take : Update the affected libpixman-1-0 package.


[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : bash vulnerabilities (USN-3294-1) (100268) ]

+ Action to take : Update the affected bash package.

+Impact : Taking this action will resolve 4 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : expat vulnerability (USN-3356-1) (101835) ]

+ Action to take : Update the affected lib64expat1 and / or libexpat1 packages.

+Impact : Taking this action will resolve 4 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : freetype vulnerabilities (USN-3282-1) (100101) ]

+ Action to take : Update the affected libfreetype6 package.

+Impact : Taking this action will resolve 4 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : heimdal vulnerability (USN-3353-1) (Orpheus' Lyre) (101769) ]

+ Action to take : Update the affected libkrb5-26-heimdal package.


[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : libnl3 vulnerability (USN-3311-1) (100663) ]

+ Action to take : Update the affected libnl-3-200 package.


[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : libsndfile vulnerabilities (USN-3306-1) (100590) ]

+ Action to take : Update the affected libsndfile1 package.

+Impact : Taking this action will resolve 11 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : samba vulnerability (USN-3353-2) (Orpheus' Lyre) (101770) ]

+ Action to take : Update the affected samba-libs package.


[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : shadow regression (USN-3276-2) (100248) ]

+ Action to take : Update the affected login, passwd and / or uidmap packages.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : sudo vulnerability (USN-3304-1) (100549) ]

+ Action to take : Update the affected sudo and / or sudo-ldap packages.


[ Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : apt vulnerability (USN-3156-1) (95808) ]

+ Action to take : Update the affected apt package.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxcursor vulnerability (USN-3501-1) (104884) ]

+ Action to take : Update the affected libxcursor1 package.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxfont, libxfont1, libxfont2 vulnerability (USN-3500-1) (104883) ]

+ Action to take : Update the affected libxfont1 and / or libxfont2 packages.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxml2 vulnerability (USN-3513-1) (105254) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 37 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : linux-firmware vulnerabilities (USN-3505-1) (KRACK) (105038) ]

+ Action to take : Update the affected linux-firmware package.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : augeas vulnerability (USN-3400-1) (102681) ]

+ Action to take : Update the affected augeas-tools and / or libaugeas0 packages.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : bluez vulnerability (USN-3413-1) (BlueBorne) (103187) ]

+ Action to take : Update the affected bluez and / or libbluetooth3 packages.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : c-ares vulnerability (USN-3395-1) (102583) ]

+ Action to take : Update the affected libc-ares2 package.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : ca-certificates update (USN-3432-1) (103643) ]

+ Action to take : Update the affected ca-certificates package.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : db5.3 vulnerability (USN-3489-1) (104739) ]

+ Action to take : Update the affected db5.3-util and / or libdb5.3 packages.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : dnsmasq vulnerabilities (USN-3430-1) (103641) ]

+ Action to take : Update the affected dnsmasq, dnsmasq-base and / or dnsmasq-utils packages.

+Impact : Taking this action will resolve 6 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : graphite2 vulnerabilities (USN-3398-1) (102679) ]

+ Action to take : Update the affected libgraphite2-3 package.

+Impact : Taking this action will resolve 26 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : nss vulnerability (USN-3431-1) (103642) ]

+ Action to take : Update the affected libnss3 package.

+Impact : Taking this action will resolve 12 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : python2.7 vulnerability (USN-3496-1) (104844) ]

+ Action to take : Update the affected python2.7 and / or python2.7-minimal packages.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : python3.4, python3.5 vulnerability (USN-3496-3) (104845) ]

+ Action to take : Update the affected packages.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : tcpdump vulnerabilities (USN-3415-1) (103218) ]

+ Action to take : Update the affected tcpdump package.

+Impact : Taking this action will resolve 131 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : wpa vulnerabilities (USN-3455-1) (KRACK) (103863) ]

+ Action to take : Update the affected hostapd and / or wpasupplicant packages.

+Impact : Taking this action will resolve 11 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : curl vulnerabilities (USN-3648-1) (109893) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 16 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : file vulnerabilities (USN-3686-1) (110552) ]

+ Action to take : Update the affected file and / or libmagic1 packages.

+Impact : Taking this action will resolve 5 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : git vulnerabilities (USN-3671-1) (110395) ]

+ Action to take : Update the affected git package.

+Impact : Taking this action will resolve 9 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : gnupg, gnupg2 vulnerabilities (USN-3675-1) (110475) ]

+ Action to take : Update the affected gnupg and / or gpg packages.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : libgcrypt11, libgcrypt20 vulnerability (USN-3689-1) (110623) ]

+ Action to take : Update the affected libgcrypt11 and / or libgcrypt20 packages.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : libvirt vulnerability and update (USN-3680-1) (Spectre) (110515) ]

+ Action to take : Update the affected libvirt-bin and / or libvirt0 packages.

+Impact : Taking this action will resolve 12 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : perl vulnerability (USN-3684-1) (110533) ]

+ Action to take : Update the affected perl package.

+Impact : Taking this action will resolve 12 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : php5, php7.0, php7.1, php7.2 vulnerabilities (USN-3646-1) (109812) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 100 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : poppler vulnerabilities (USN-3647-1) (109863) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 29 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : procps vulnerabilities (USN-3658-1) (110094) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 5 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : qemu update (USN-3679-1) (Spectre) (110514) ]

+ Action to take : Update the affected qemu, qemu-system and / or qemu-system-x86 packages.

+Impact : Taking this action will resolve 155 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : spice, spice-protocol vulnerability (USN-3659-1) (110124) ]

+ Action to take : Update the affected libspice-protocol-dev and / or libspice-server1 packages.

+Impact : Taking this action will resolve 6 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : tomcat7, tomcat8 vulnerabilities (USN-3665-1) (110264) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 31 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : wget vulnerability (USN-3643-1) (109681) ]

+ Action to take : Update the affected wget package.

+Impact : Taking this action will resolve 5 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : apache2 vulnerabilities (USN-3627-1) (109199) ]

+ Action to take : Update the affected apache2-bin package.

+Impact : Taking this action will resolve 16 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : eglibc, glibc vulnerabilities (USN-3534-1) (106134) ]

+ Action to take : Update the affected libc6 package.

+Impact : Taking this action will resolve 29 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : exim4 vulnerability (USN-3565-1) (106791) ]

+ Action to take : Update the affected exim4-daemon-heavy and / or exim4-daemon-light packages.

+Impact : Taking this action will resolve 5 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : gdk-pixbuf vulnerabilities (USN-3532-1) (106074) ]

+ Action to take : Update the affected libgdk-pixbuf2.0-0 package.

+Impact : Taking this action will resolve 10 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : icu vulnerability (USN-3610-1) (108708) ]

+ Action to take : Update the affected libicu52, libicu55 and / or libicu57 packages.

+Impact : Taking this action will resolve 9 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : isc-dhcp vulnerabilities (USN-3586-1) (107117) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 4 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libreoffice vulnerability (USN-3579-1) (106945) ]

+ Action to take : Update the affected libreoffice-core package.

+Impact : Taking this action will resolve 8 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvncserver vulnerability (USN-3618-1) (108841) ]

+ Action to take : Update the affected libvncclient1, libvncserver0 and / or libvncserver1 packages.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvorbis vulnerability (USN-3604-1) (108582) ]

+ Action to take : Update the affected libvorbis0a package.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3629-1) (109311) ]

+ Action to take : Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages.

+Impact : Taking this action will resolve 179 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : openssl vulnerability (USN-3628-1) (109200) ]

+ Action to take : Update the affected libssl1.0.0 package.

+Impact : Taking this action will resolve 35 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : patch vulnerabilities (USN-3624-1) (109002) ]

+ Action to take : Update the affected patch package.

+Impact : Taking this action will resolve 3 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : python-crypto vulnerability (USN-3616-1) (108833) ]

+ Action to take : Update the affected python-crypto and / or python3-crypto packages.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : rsync vulnerabilities (USN-3543-1) (106295) ]

+ Action to take : Update the affected rsync package.

+Impact : Taking this action will resolve 5 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : samba vulnerabilities (USN-3595-1) (108335) ]

+ Action to take : Update the affected samba and / or samba-dsdb-modules packages.

+Impact : Taking this action will resolve 30 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : sensible-utils vulnerability (USN-3584-1) (107023) ]

+ Action to take : Update the affected sensible-utils package.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : sharutils vulnerability (USN-3605-1) (108583) ]

+ Action to take : Update the affected sharutils package.


[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : squid3 vulnerabilities (USN-3557-1) (106619) ]

+ Action to take : Update the affected squid3 package.

+Impact : Taking this action will resolve 18 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : tiff vulnerabilities (USN-3606-1) (108657) ]

+ Action to take : Update the affected libtiff-tools and / or libtiff5 packages.

+Impact : Taking this action will resolve 81 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : w3m vulnerabilities (USN-3555-1) (106581) ]

+ Action to take : Update the affected w3m package.

+Impact : Taking this action will resolve 36 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : wayland vulnerability (USN-3622-1) (108950) ]

+ Action to take : Update the affected packages.


[ Ubuntu 14.04 LTS / 16.04 LTS : elfutils vulnerabilities (USN-3670-1) (110382) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 9 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS : harfbuzz vulnerabilities (USN-3067-1) (93106) ]

+ Action to take : Update the affected libharfbuzz0b package.

+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS : jasper vulnerabilities (USN-3295-1) (100294) ]

+ Action to take : Update the affected libjasper1 package.

+Impact : Taking this action will resolve 13 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS / 16.04 LTS : twisted vulnerability (USN-3585-1) (107146) ]

+ Action to take : Update the affected packages.


[ Ubuntu 14.04 LTS : apport vulnerability (USN-3664-2) (110320) ]

+ Action to take : Update the affected apport package.

+Impact : Taking this action will resolve 7 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS : lcms2 vulnerability (USN-2961-1) (90916) ]

+ Action to take : Update the affected liblcms2-2 and / or liblcms2-utils packages.


[ Ubuntu 14.04 LTS : libffi vulnerability (USN-3454-1) (Stack Clash) (103835) ]

+ Action to take : Update the affected libffi6 package.


[ Ubuntu 14.04 LTS : linux vulnerabilities (USN-3674-1) (110474) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 242 different vulnerabilities (CVEs).



[ Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3691-1) (110662) ]

+ Action to take : Update the affected packages.

+Impact : Taking this action will resolve 119 different vulnerabilities (CVEs).


95928 - Linux User List Enumeration
Synopsis
Nessus was able to enumerate local users and groups on the remote host.
Description
Using the supplied credentials, Nessus was able to enumerate the local users and groups on the remote host.
Solution
None
Risk Factor
None
Plugin Information:
Published: 2016/12/19, Modified: 2018/05/16
Plugin Output

tcp/0


----------[ User Accounts ]----------

User : poltekom
Home folder : /home/poltekom
Start script : /bin/bash
Groups : lpadmin
libvirtd
cdrom
poltekom
sambashare
sudo
plugdev
dip
adm

User : puskom
Home folder : /home/puskom
Start script : /bin/bash
Groups : puskom

User : openldap
Home folder : /var/lib/ldap
Start script : /bin/false
Groups : openldap

User : proftpd
Home folder : /var/run/proftpd
Start script : /bin/false
Groups : nogroup

User : ftp
Home folder : /srv/ftp
Start script : /bin/false
Groups : nogroup
ftp

User : statd
Home folder : /var/lib/nfs
Start script : /bin/false
Groups : nogroup

User : Debian-exim
Home folder : /var/spool/exim4
Start script : /bin/false
Groups : Debian-exim

User : colord
Home folder : /var/lib/colord
Start script : /bin/false
Groups : colord

User : sandbox
Home folder : /var/www/sandbox
Start script : /bin/bash
Groups : users
ftp-users
ftp
www-data

User : siakad
Home folder : /var/www/siamonipem
Start script :
Groups : siakad

User : dnscrypt
Home folder : /run/dnscrypt
Start script : /bin/false
Groups : dnscrypt

User : dhcpd
Home folder : /var/run
Start script : /bin/false
Groups : dhcpd

User : pelor
Home folder : /home/pelor
Start script : /bin/bash
Groups : pelor

----------[ System Accounts ]----------

User : root
Home folder : /root
Start script : /bin/bash
Groups : root

User : daemon
Home folder : /usr/sbin
Start script : /usr/sbin/nologin
Groups : daemon

User : bin
Home folder : /bin
Start script : /usr/sbin/nologin
Groups : bin

User : sys
Home folder : /dev
Start script : /usr/sbin/nologin
Groups : sys

User : sync
Home folder : /bin
Start script : /bin/sync
Groups : nogroup

User : games
Home folder : /usr/games
Start script : /usr/sbin/nologin
Groups : games

User : man
Home folder : /var/cache/man
Start script : /usr/sbin/nologin
Groups : man

User : lp
Home folder : /var/spool/lpd
Start script : /usr/sbin/nologin
Groups : lp

User : mail
Home folder : /var/mail
Start script : /usr/sbin/nologin
Groups : mail

User : news
Home folder : /var/spool/news
Start script : /usr/sbin/nologin
Groups : news

User : uucp
Home folder : /var/spool/uucp
Start script : /usr/sbin/nologin
Groups : uucp

User : proxy
Home folder : /bin
Start script : /usr/sbin/nologin
Groups : proxy

User : www-data
Home folder : /var/www
Start script : /usr/sbin/nologin
Groups : www-data

User : backup
Home folder : /var/backups
Start script : /usr/sbin/nologin
Groups : backup

User : list
Home folder : /var/list
Start script : /usr/sbin/nologin
Groups : list

User : irc
Home folder : /var/run/ircd
Start script : /usr/sbin/nologin
Groups : irc

User : gnats
Home folder : /var/lib/gnats
Start script : /usr/sbin/nologin
Groups : gnats

User : nobody
Home folder : /nonexistent
Start script : /usr/sbin/nologin
Groups : nogroup

User : libuuid
Home folder : /var/lib/libuuid
Start script :
Groups : libuuid

User : syslog
Home folder : /home/syslog
Start script : /bin/false
Groups : syslog
adm

User : mysql
Home folder : /nonexistent
Start script : /bin/false
Groups : mysql

User : messagebus
Home folder : /var/run/dbus
Start script : /bin/false
Groups : messagebus

User : dnsmasq
Home folder : /var/lib/misc
Start script : /bin/false
Groups : nogroup

User : landscape
Home folder : /var/lib/landscape
Start script : /bin/false
Groups : landscape

User : sshd
Home folder : /var/run/sshd
Start script : /usr/sbin/nologin
Groups : nogroup

User : libvirt-qemu
Home folder : /var/lib/libvirt
Start script : /bin/false
Groups : kvm

User : libvirt-dnsmasq
Home folder : /var/lib/libvirt/dnsmasq
Start script : /bin/false
Groups : libvirtd

User : tomcat7
Home folder : /usr/share/tomcat7
Start script : /bin/false
Groups : tomcat7
97993 - OS Identification and Installed Software Enumeration over SSH v2 (Using New SSH Library)
Synopsis
Information about the remote host can be disclosed via an authenticated session.
Description
Nessus was able to login to the remote host using SSH or local commands and extract the list of installed packages.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2017/05/30, Modified: 2018/06/11
Plugin Output

tcp/0


It was possible to log into the remote host via SSH using 'password' authentication.

The output of "uname -a" is :
Linux singa 3.13.0-62-generic #102-Ubuntu SMP Tue Aug 11 14:29:36 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

The remote Debian system is :
jessie/sid

This is a Ubuntu system

Local security checks have been enabled for this host.
Runtime : 3.744429 seconds
102094 - SSH Commands Require Privilege Escalation
Synopsis
This plugin reports the SSH commands that failed with a response indicating that privilege escalation is required to run them.
Description
This plugin reports the SSH commands that failed with a response indicating that privilege escalation is required to run them. Either privilege escalation credentials were not provided, or the command failed to run with the provided privilege escalation credentials.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2017/08/01, Modified: 2018/05/24
Plugin Output

tcp/0


Login account : puskom
Commands failed due to lack of privilege escalation :
- Escalation account : (none)
Escalation method : (none)
Plugins :
- Plugin Filename : bios_get_info_ssh.nasl
Plugin ID : 34098
Plugin Name : BIOS version (SSH)
- Command : "LC_ALL=C dmidecode"
Response : "# dmidecode 2.12"
Error : "\n/dev/mem: Permission denied\n"
- Command : "LC_ALL=C /usr/sbin/dmidecode"
Response : "# dmidecode 2.12"
Error : "\n/dev/mem: Permission denied\n"
- Plugin Filename : enumerate_aws_ami_nix.nasl
Plugin ID : 90191
Plugin Name : Amazon Web Services EC2 Instance Metadata Enumeration (Unix)
- Command : "dmidecode -s system-version 2>&1"
Response : "/dev/mem: Permission denied"
Error : ""
- Plugin Filename : localusers_pwexpiry.nasl
Plugin ID : 83303
Plugin Name : Unix / Linux - Local Users Information : Passwords Never Expire
- Command : "cat /etc/shadow"
Response : null
Error : "\ncat: /etc/shadow\n: Permission denied\n"
- Plugin Filename : oracle_enum_products_nix.nbin
Plugin ID : 71642
Plugin Name : Oracle Installed Software Enumeration (Linux / Unix)
- Command : "find /srv /home /u01 -maxdepth 10 -not \\( -path /srv/backups -prune \\) -not \\( -path /srv/ftp -prune \\) -not \\( -path /srv/tftp -prune \\) -not \\( -path /srv/rsync -prune \\) -not \\( -path /srv/cvs -prune \\) -not \\( -path /srv/svn -prune \\) -not \\( -path /srv/git -prune \\) -not \\( -path /srv/gitosis -prune \\) -not \\( -path /srv/salt -prune \\) -not \\( -path /srv/swift -prune \\) -not \\( -path /srv/plone -prune \\) -name oraInst.loc"
Response : null
Error : "\nfind: `/home/poltekom/.cache'\n: Permission denied\nfind: `/home/poltekom/.config': Permission denied\n\nfind: `/home/poltekom/.ssh': Permission denied\n\nfind: `/u01': No such file or directory\n"
- Plugin Filename : ssh_get_info2.nasl
Plugin ID : 97993
Plugin Name : OS Identification and Installed Software Enumeration over SSH v2 (Using New SSH Library)
- Command : "lsmod | grep -q iptable_filter && iptables -L -n -v -t filter"
Response : null
Error : "\niptables v1.4.21: can't initialize iptables table `filter': Permission denied (you must be root)\n\nPerhaps iptables or your kernel needs to be upgraded.\n"
- Command : "lsmod | grep -q _conntrack_ipv4 && iptables -L -n -v -t nat"
Response : null
Error : "\niptables v1.4.21: can't initialize iptables table `nat': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\n"
- Command : "lsmod | grep -q iptable_mangle && iptables -L -n -v -t mangle"
Response : null
Error : "\niptables v1.4.21: can't initialize iptables table `mangle': Permission denied (you must be root)\n\nPerhaps iptables or your kernel needs to be upgraded.\n"
106203 - DHCP server Detection (Linux)
Synopsis
A DHCP server is installed on the remote host.
Description
A DHCP server is installed on the remote host.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2018/01/19, Modified: 2018/06/22
Plugin Output

tcp/0


Type : isc-dhcpd
Version : 4.2.4

10287 - Traceroute Information
Synopsis
It was possible to obtain traceroute information.
Description
Makes a traceroute to the remote host.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 1999/11/27, Modified: 2017/08/22
Plugin Output

udp/0

For your information, here is the traceroute from 172.16.1.201 to 172.16.0.3 :
172.16.1.201
172.16.0.3

Hop Count: 1

10092 - FTP Server Detection
Synopsis
An FTP server is listening on a remote port.
Description
It is possible to obtain the banner of the remote FTP server by connecting to a remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 1999/10/12, Modified: 2018/02/12
Plugin Output

tcp/21


The remote FTP banner is :

220 (vsFTPd 3.0.2)
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/21

Port 21/tcp was found to be open
22964 - Service Detection
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/08/19, Modified: 2018/05/03
Plugin Output

tcp/21

An FTP server is running on this port.
39519 - Backported Security Patch Detection (FTP)
Synopsis
Security patches are backported.
Description
Security patches may have been 'backported' to the remote FTP server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/06/25, Modified: 2015/07/07
Plugin Output

tcp/21


Local checks have been enabled.
52703 - vsftpd Detection
Synopsis
An FTP server is listening on the remote port.
Description
The remote host is running vsftpd, an FTP server for UNIX-like systems written in C.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/03/17, Modified: 2013/03/21
Plugin Output

tcp/21


Source : 220 (vsFTPd 3.0.2)
Version : 3.0.2

90317 - SSH Weak Algorithms Supported
Synopsis
The remote SSH server is configured to allow weak encryption algorithms or no algorithm at all.
Description
Nessus has detected that the remote SSH server is configured to use the Arcfour stream cipher or no cipher at all. RFC 4253 advises against using Arcfour due to an issue with weak keys.
See Also
Solution
Contact the vendor or consult product documentation to remove the weak ciphers.
Risk Factor
Medium
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
Plugin Information:
Published: 2016/04/04, Modified: 2016/12/14
Plugin Output

tcp/22


The following weak server-to-client encryption algorithms are supported :

arcfour
arcfour128
arcfour256

The following weak client-to-server encryption algorithms are supported :

arcfour
arcfour128
arcfour256
70658 - SSH Server CBC Mode Ciphers Enabled
Synopsis
The SSH server is configured to use Cipher Block Chaining.
Description
The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext.

Note that this plugin only checks for the options of the SSH server and does not check for vulnerable software versions.
Solution
Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.
Risk Factor
Low
CVSS Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
2.6 (CVSS2#E:ND/RL:ND/RC:ND)
References
BID 32319
CVE CVE-2008-5161
XREF OSVDB:50035
XREF OSVDB:50036
XREF CERT:958563
XREF CWE:200
Plugin Information:
Published: 2013/10/28, Modified: 2016/05/12
Plugin Output

tcp/22


The following client-to-server Cipher Block Chaining (CBC) algorithms
are supported :

3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
blowfish-cbc
cast128-cbc
rijndael-cbc@lysator.liu.se

The following server-to-client Cipher Block Chaining (CBC) algorithms
are supported :

3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
blowfish-cbc
cast128-cbc
rijndael-cbc@lysator.liu.se
71049 - SSH Weak MAC Algorithms Enabled
Synopsis
The remote SSH server is configured to allow MD5 and 96-bit MAC algorithms.
Description
The remote SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are considered weak.

Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software versions.
Solution
Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms.
Risk Factor
Low
CVSS Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
Plugin Information:
Published: 2013/11/22, Modified: 2016/12/14
Plugin Output

tcp/22


The following client-to-server Message Authentication Code (MAC) algorithms
are supported :

hmac-md5
hmac-md5-96
hmac-md5-96-etm@openssh.com
hmac-md5-etm@openssh.com
hmac-sha1-96
hmac-sha1-96-etm@openssh.com

The following server-to-client Message Authentication Code (MAC) algorithms
are supported :

hmac-md5
hmac-md5-96
hmac-md5-96-etm@openssh.com
hmac-md5-etm@openssh.com
hmac-sha1-96
hmac-sha1-96-etm@openssh.com
10267 - SSH Server Type and Version Information
Synopsis
An SSH server is listening on this port.
Description
It is possible to obtain information about the remote SSH server by sending an empty authentication request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 1999/10/12, Modified: 2017/12/19
Plugin Output

tcp/22


SSH version : SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.10
SSH supported authentication : publickey,password
10881 - SSH Protocol Versions Supported
Synopsis
A SSH server is running on the remote host.
Description
This plugin determines the versions of the SSH protocol supported by the remote SSH daemon.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/03/06, Modified: 2017/05/30
Plugin Output

tcp/22

The remote SSH daemon supports the following versions of the
SSH protocol :

- 1.99
- 2.0
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/22

Port 22/tcp was found to be open
22964 - Service Detection
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/08/19, Modified: 2018/05/03
Plugin Output

tcp/22

An SSH server is running on this port.
39520 - Backported Security Patch Detection (SSH)
Synopsis
Security patches are backported.
Description
Security patches may have been 'backported' to the remote SSH server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/06/25, Modified: 2015/07/07
Plugin Output

tcp/22


Local checks have been enabled.
70657 - SSH Algorithms and Languages Supported
Synopsis
An SSH server is listening on this port.
Description
This script detects which algorithms and languages are supported by the remote service for encrypting communications.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2013/10/28, Modified: 2017/08/28
Plugin Output

tcp/22


Nessus negotiated the following encryption algorithm with the server :

The server supports the following options for kex_algorithms :

curve25519-sha256@libssh.org
diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha256
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521

The server supports the following options for server_host_key_algorithms :

ecdsa-sha2-nistp256
ssh-dss
ssh-ed25519
ssh-rsa

The server supports the following options for encryption_algorithms_client_to_server :

3des-cbc
aes128-cbc
aes128-ctr
aes128-gcm@openssh.com
aes192-cbc
aes192-ctr
aes256-cbc
aes256-ctr
aes256-gcm@openssh.com
arcfour
arcfour128
arcfour256
blowfish-cbc
cast128-cbc
chacha20-poly1305@openssh.com
rijndael-cbc@lysator.liu.se

The server supports the following options for encryption_algorithms_server_to_client :

3des-cbc
aes128-cbc
aes128-ctr
aes128-gcm@openssh.com
aes192-cbc
aes192-ctr
aes256-cbc
aes256-ctr
aes256-gcm@openssh.com
arcfour
arcfour128
arcfour256
blowfish-cbc
cast128-cbc
chacha20-poly1305@openssh.com
rijndael-cbc@lysator.liu.se

The server supports the following options for mac_algorithms_client_to_server :

hmac-md5
hmac-md5-96
hmac-md5-96-etm@openssh.com
hmac-md5-etm@openssh.com
hmac-ripemd160
hmac-ripemd160-etm@openssh.com
hmac-ripemd160@openssh.com
hmac-sha1
hmac-sha1-96
hmac-sha1-96-etm@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha2-256
hmac-sha2-256-etm@openssh.com
hmac-sha2-512
hmac-sha2-512-etm@openssh.com
umac-128-etm@openssh.com
umac-128@openssh.com
umac-64-etm@openssh.com
umac-64@openssh.com

The server supports the following options for mac_algorithms_server_to_client :

hmac-md5
hmac-md5-96
hmac-md5-96-etm@openssh.com
hmac-md5-etm@openssh.com
hmac-ripemd160
hmac-ripemd160-etm@openssh.com
hmac-ripemd160@openssh.com
hmac-sha1
hmac-sha1-96
hmac-sha1-96-etm@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha2-256
hmac-sha2-256-etm@openssh.com
hmac-sha2-512
hmac-sha2-512-etm@openssh.com
umac-128-etm@openssh.com
umac-128@openssh.com
umac-64-etm@openssh.com
umac-64@openssh.com

The server supports the following options for compression_algorithms_client_to_server :

none
zlib@openssh.com

The server supports the following options for compression_algorithms_server_to_client :

none
zlib@openssh.com
90707 - SSH SCP Protocol Detection
Synopsis
The remote host supports the SCP protocol over SSH.
Description
The remote host supports the Secure Copy (SCP) protocol over SSH.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2016/04/26, Modified: 2017/08/28
Plugin Output

tcp/22

110385 - Authentication Success Insufficient Access
Synopsis
Nessus was able to log into the remote host using the provided credentials. The provided credentials were not sufficient to do all requested local checks.
Description
Nessus was able to execute credentialed checks because it was possible to log into the remote host using provided credentials, however the credentials were not sufficiently privileged to allow all requested local checks.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2018/06/06, Modified: 2018/06/06
Plugin Output

tcp/22


Nessus was able to log into the following host, however
the supplied credentials did not have sufficient privileges
for all planned checks:

Protocol : SSH
Port : 22

11002 - DNS Server Detection
Synopsis
A DNS server is listening on the remote host.
Description
The remote service is a Domain Name System (DNS) server, which provides a mapping between hostnames and IP addresses.
See Also
Solution
Disable this service if it is not needed or restrict access to internal hosts only if the service is available externally.
Risk Factor
None
Plugin Information:
Published: 2003/02/13, Modified: 2017/05/16
Plugin Output

tcp/53

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/53

Port 53/udp was found to be open
72779 - DNS Server Version Detection
Synopsis
Nessus was able to obtain version information on the remote DNS server.
Description
Nessus was able to obtain version information by sending a special TXT record query to the remote host.

Note that this version is not necessarily accurate and could even be forged, as some DNS servers send the information based on a configuration file.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2014/03/03, Modified: 2014/11/05
Plugin Output

udp/53


DNS server answer for "version.bind" (over UDP) :

dnsmasq-2.68

10107 - HTTP Server Type and Version
Synopsis
A web server is running on the remote host.
Description
This plugin attempts to determine the type and the version of the remote web server.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2000/01/04, Modified: 2018/05/23
Plugin Output

tcp/80

The remote web server type is :

Apache/2.4.7 (Ubuntu)
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/80

Port 80/tcp was found to be open
22964 - Service Detection
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/08/19, Modified: 2018/05/03
Plugin Output

tcp/80

A web server is running on this port.
24260 - HyperText Transfer Protocol (HTTP) Information
Synopsis
Some information about the remote HTTP configuration can be extracted.
Description
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc...

This test is informational only and does not denote any security problem.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/01/30, Modified: 2017/11/13
Plugin Output

tcp/80


Response Code : HTTP/1.1 200 OK

Protocol version : HTTP/1.1
SSL : no
Keep-Alive : yes
Options allowed : (Not implemented)
Headers :

Date: Tue, 26 Jun 2018 01:50:12 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Vary: Accept-Encoding
Content-Length: 77
Keep-Alive: timeout=5, max=300
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Response Body :

<html><center>
<font size='5'>Hacked By B0c4H_Id30T</font></center></html>
39521 - Backported Security Patch Detection (WWW)
Synopsis
Security patches are backported.
Description
Security patches may have been 'backported' to the remote HTTP server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/06/25, Modified: 2015/07/07
Plugin Output

tcp/80


Local checks have been enabled.
48204 - Apache HTTP Server Version
Synopsis
It is possible to obtain the version number of the remote Apache HTTP server.
Description
The remote host is running the Apache HTTP Server, an open source web server. It was possible to read the version number from the banner.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2010/07/30, Modified: 2018/01/22
Plugin Output

tcp/80


URL : http://blog.poltekom.ac.id/
Version : 2.4.99
backported : 1
os : ConvertedUbuntu
48243 - PHP Version Detection
Synopsis
It was possible to obtain the version number of the remote PHP installation.
Description
Nessus was able to determine the version of PHP available on the remote web server.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2010/08/04, Modified: 2017/07/07
Plugin Output

tcp/80


Nessus was able to identify the following PHP version information :

Version : 5.5.9-1ubuntu4.14
Source : X-Powered-By: PHP/5.5.9-1ubuntu4.14
84574 - Backported Security Patch Detection (PHP)
Synopsis
Security patches have been backported.
Description
Security patches may have been 'backported' to the remote PHP install without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2015/07/07, Modified: 2015/07/07
Plugin Output

tcp/80


Local checks have been enabled.

53335 - RPC portmapper (TCP)
Synopsis
An ONC RPC portmapper is running on the remote host.
Description
The RPC portmapper is running on this port.

The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/04/08, Modified: 2011/08/29
Plugin Output

tcp/111

10223 - RPC portmapper Service Detection
Synopsis
An ONC RPC portmapper is running on the remote host.
Description
The RPC portmapper is running on this port.

The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request.
Solution
n/a
Risk Factor
None
References
Plugin Information:
Published: 1999/08/19, Modified: 2014/02/19
Plugin Output

udp/111

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

udp/111


The following RPC services are available on UDP port 111 :

- program: 100000 (portmapper), version: 4
- program: 100000 (portmapper), version: 3
- program: 100000 (portmapper), version: 2
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/111

Port 111/udp was found to be open

10150 - Windows NetBIOS / SMB Remote Host Information Disclosure
Synopsis
It was possible to obtain the network name of the remote host.
Description
The remote host is listening on UDP port 137 or TCP port 445, and replies to NetBIOS nbtscan or SMB requests.

Note that this plugin gathers information to be used in other plugins, but does not itself generate a report.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 1999/10/12, Modified: 2018/06/06
Plugin Output

udp/137

The following 7 NetBIOS names have been gathered :

SINGA = Computer name
SINGA = Messenger Service
SINGA = File Server Service
__MSBROWSE__ = Master Browser
WORKGROUP = Workgroup / Domain name
WORKGROUP = Master Browser
WORKGROUP = Browser Service Elections

This SMB server seems to be a Samba server - its MAC address is NULL.
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/137

Port 137/udp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/138

Port 138/udp was found to be open

11011 - Microsoft Windows SMB Service Detection
Synopsis
A file / print sharing service is listening on the remote host.
Description
The remote service understands the CIFS (Common Internet File System) or Server Message Block (SMB) protocol, used to provide shared access to files, printers, etc between nodes on a network.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/06/05, Modified: 2015/06/02
Plugin Output

tcp/139


An SMB server is running on this port.
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/139

Port 139/tcp was found to be open

20007 - SSL Version 2 and 3 Protocol Detection
Synopsis
The remote service encrypts traffic using a protocol with known weaknesses.
Description
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL are affected by several cryptographic flaws, including:

- An insecure padding scheme with CBC ciphers.

- Insecure session renegotiation and resumption schemes.

An attacker can exploit these flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected service and clients.

Although SSL/TLS has a secure means for choosing the highest supported version of the protocol (so that these versions will be used only if the client or server support nothing better), many web browsers implement this in an unsafe way that allows an attacker to downgrade a connection (such as in POODLE). Therefore, it is recommended that these protocols be disabled entirely.

NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC's definition of 'strong cryptography'.
See Also
Solution
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.1 (with approved cipher suites) or higher instead.
Risk Factor
Medium
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Published: 2005/10/12, Modified: 2017/07/11
Plugin Output

tcp/443


- SSLv3 is enabled and the server supports at least one cipher.
42873 - SSL Medium Strength Cipher Suites Supported
Synopsis
The remote service supports the use of medium strength SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.

Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.
See Also
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Published: 2009/11/23, Modified: 2017/09/01
Plugin Output

tcp/443


Here is the list of medium strength SSL ciphers supported by the remote server :

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
51192 - SSL Certificate Cannot Be Trusted
Synopsis
The SSL certificate for this service cannot be trusted.
Description
The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below :

- First, the top of the certificate chain sent by the server might not be descended from a known public certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed certificate, or when intermediate certificates are missing that would connect the top of the certificate chain to a known public certificate authority.

- Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the certificate's 'notAfter' dates.

- Third, the certificate chain may contain a signature that either didn't match the certificate's information or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a signing algorithm that Nessus either does not support or does not recognize.

If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.
See Also
Solution
Purchase or generate a proper certificate for this service.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
Plugin Information:
Published: 2010/12/15, Modified: 2017/05/18
Plugin Output

tcp/443


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : O=CloudFlare, Inc./OU=CloudFlare Origin CA/CN=CloudFlare Origin Certificate
|-Issuer : C=US/O=CloudFlare, Inc./OU=CloudFlare Origin SSL Certificate Authority/L=San Francisco/ST=California
65821 - SSL RC4 Cipher Suites Supported (Bar Mitzvah)
Synopsis
The remote service supports the use of the RC4 cipher.
Description
The remote host supports the use of RC4 in one or more cipher suites.
The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness.

If plaintext is repeatedly encrypted (e.g., HTTP cookies), and an attacker is able to obtain many (i.e., tens of millions) ciphertexts, the attacker may be able to derive the plaintext.
See Also
Solution
Reconfigure the affected application, if possible, to avoid use of RC4 ciphers. Consider using TLS 1.2 with AES-GCM suites subject to browser and web server support.
Risk Factor
Low
CVSS Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
2.2 (CVSS2#E:F/RL:TF/RC:ND)
References
BID 58796
BID 73684
CVE CVE-2013-2566
CVE CVE-2015-2808
XREF OSVDB:91162
XREF OSVDB:117855
Plugin Information:
Published: 2013/04/05, Modified: 2018/05/21
Plugin Output

tcp/443


List of RC4 cipher suites supported by the remote server :

High Strength Ciphers (>= 112-bit key)

ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
10107 - HTTP Server Type and Version
Synopsis
A web server is running on the remote host.
Description
This plugin attempts to determine the type and the version of the remote web server.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2000/01/04, Modified: 2018/05/23
Plugin Output

tcp/443

The remote web server type is :

Apache/2.4.7 (Ubuntu)
10863 - SSL Certificate Information
Synopsis
This plugin displays the SSL certificate.
Description
This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2008/05/19, Modified: 2015/12/30
Plugin Output

tcp/443

Subject Name:

Organization: CloudFlare, Inc.
Organization Unit: CloudFlare Origin CA
Common Name: CloudFlare Origin Certificate

Issuer Name:

Country: US
Organization: CloudFlare, Inc.
Organization Unit: CloudFlare Origin SSL Certificate Authority
Locality: San Francisco
State/Province: California

Serial Number: 14 67 0C 28 6F 5E 69 19 B9 D0 80 EF A3 4A 44 4D 38 EF FA E3

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Feb 07 07:52:00 2017 GMT
Not Valid After: Feb 04 07:52:00 2032 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 E2 F5 B3 9E 63 13 AD 85 30 2D FC 43 0F 0F C4 75 D6 25 45
C4 50 0D AB BB 2E 4A FC 87 FE FB 34 8B 4E B2 FC EF A4 CB 31
FF C0 92 F7 F6 2A 5E 1B F4 A2 1B 42 DE B2 0C 48 40 F4 A6 9C
7B 37 37 A4 81 89 25 2B F0 32 F6 45 3D 68 1F 0A A3 42 D2 07
2B A1 F5 D5 A6 F8 AF 6D C6 CB 0E 19 B1 31 34 2B 26 64 24 58
6D 51 76 D9 FA 0A 1E CA 18 C8 5C 25 DA 64 CF 58 A1 BE C4 A2
44 15 01 B5 3B 31 8F C1 70 99 E8 96 1A 89 19 44 54 5C 02 99
E3 98 0D EB 9D 40 23 CC 03 9B A9 11 2E 68 93 E4 BF 1A F0 E3
27 59 FE 88 0E 0E FE 23 B6 FE 37 C5 2D 36 0A 35 40 22 A4 C5
32 A1 EB 10 84 13 F4 96 8F 1F 6C 62 79 70 C9 10 31 8F CF DE
1F B3 F1 63 38 0F B1 2A C2 48 75 CC 8A 19 B3 34 5F 18 E0 30
86 5A DF 84 0C 85 93 CB ED DD F8 0D E7 24 B8 98 0B 84 70 6F
89 A1 DB 3D AC EF E8 5D 58 39 BD AC 07 F4 44 B6 B5
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 42 39 14 78 98 24 97 4A B1 2C 36 2D BE 09 4B 9F A5 D8 B0
A5 A1 6F 0A DF F3 16 29 5B 0B 8A 47 B6 F2 9D 4B 01 AA 43 49
44 C1 E4 10 CB C2 D8 1F 1D 0F 30 6D B6 5E BC 28 DA C9 10 B1
CD 44 82 16 FD 0B 01 E2 77 BE 49 37 2C C1 50 9F F7 0E CE EA
04 64 4A F3 E3 7B 5B AE 41 5F 70 3D BF 75 6D 2A 12 42 70 F6
91 F1 2E F4 6F D6 FC B4 AA 4C 97 2E 4B 9B 28 DA 2C 11 34 04
6C 7C BD E4 63 BC 9C 51 CC E9 54 3C 71 67 94 41 6F 69 F5 F9
94 A7 2B DC 8A AA 97 5F B4 23 49 05 B0 48 AC 6D 88 85 11 BD
91 35 74 16 51 6A A2 4F 38 90 93 27 A8 E2 81 A5 6B D1 10 A1
FE F5 E3 F1 23 83 C3 66 F4 AF 90 1A 32 E8 F9 93 7E 7A 3A AC
52 00 3C 03 C1 36 73 91 9C D6 89 23 F2 40 99 46 A7 E8 F9 74
83 16 70 F8 09 56 59 D7 76 44 04 D1 03 4C FA 19 CF D2 BA B1
7E 61 60 5D A9 34 83 CB 63 B5 B1 E3 8B DF 83 25 6C

Extension: Key Usage (2.5.29.15)
Critical: 1
Key Usage: Digital Signature, Key Encipherment


Extension: Extended Key Usage (2.5.29.37)
Critical: 0
Purpose#1: Web Server Authentication (1.3.6.1.5.5.7.3.1)


Extension: Basic Constraints (2.5.29.19)
Critical: 1


Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 6C CF E8 FA F6 20 9C 60 DD D7 61 FA 4F 63 58 50 38 45 03 54


Extension: Authority Key Identifier (2.5.29.35)
Critical: 0
Key Identifier: 24 E8 53 57 5D 7C 34 40 87 A9 EB 94 DB BA E1 16 78 FC 29 A4


Extension: Authority Information Access (1.3.6.1.5.5.7.1.1)
Critical: 0
Method#1: Online Certificate Status Protocol
URI: http://ocsp.cloudflare.com/origin_ca


Extension: Subject Alternative Name (2.5.29.17)
Critical: 0
DNS: *.poltekom.ac.id
DNS: poltekom.ac.id


Extension: CRL Distribution Points (2.5.29.31)
Critical: 0
URI: http://crl.cloudflare.com/origin_ca.crl


Fingerprints :

SHA-256 Fingerprint: 93 1D 1B 9E 15 32 55 35 A9 6B 24 27 D7 E9 7C 5D EA 7C 3A 27
86 D9 61 86 6A 99 57 BF 1E 2B 8C B5
SHA-1 Fingerprint: 2E 10 4E B1 9A 7F 2B 4A D3 E1 99 2D 66 24 6B 18 8A 7C 5C FB
MD5 Fingerprint: 3D 44 03 12 27 40 E3 67 0E 25 48 2F 32 8F DC D3
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/443

Port 443/tcp was found to be open
21643 - SSL Cipher Suites Supported
Synopsis
The remote service encrypts communications using SSL.
Description
This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2006/06/05, Modified: 2018/03/29
Plugin Output

tcp/443


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-GCM(128) Mac=SHA256
DHE-RSA-AES256-SHA384 Kx=DH Au=RSA Enc=AES-GCM(256) Mac=SHA384
ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-GCM(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-GCM(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-GCM(128) Mac=SHA256
RSA-AES256-SHA384 Kx=RSA Au=RSA Enc=AES-GCM(256) Mac=SHA384
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
DHE-RSA-SEED-SHA Kx=DH Au=RSA Enc=SEED-CBC(128) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SEED-SHA Kx=RSA Au=RSA Enc=SEED-CBC(128) Mac=SHA1
DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA256
DHE-RSA-AES256-SHA256 Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA256
ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256


SSL Version : TLSv11
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
DHE-RSA-SEED-SHA Kx=DH Au=RSA Enc=SEED-CBC(128) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SEED-SHA Kx=RSA Au=RSA Enc=SEED-CBC(128) Mac=SHA1


SSL Version : TLSv1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
DHE-RSA-SEED-SHA Kx=DH Au=RSA Enc=SEED-CBC(128) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SEED-SHA Kx=RSA Au=RSA Enc=SEED-CBC(128) Mac=SHA1


SSL Version : SSLv3
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
DHE-RSA-SEED-SHA Kx=DH Au=RSA Enc=SEED-CBC(128) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SEED-SHA Kx=RSA Au=RSA Enc=SEED-CBC(128) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
22964 - Service Detection
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/08/19, Modified: 2018/05/03
Plugin Output

tcp/443

A TLSv1 server answered on this port.

tcp/443

A web server is running on this port through TLSv1.
24260 - HyperText Transfer Protocol (HTTP) Information
Synopsis
Some information about the remote HTTP configuration can be extracted.
Description
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc...

This test is informational only and does not denote any security problem.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/01/30, Modified: 2017/11/13
Plugin Output

tcp/443


Response Code : HTTP/1.1 200 OK

Protocol version : HTTP/1.1
SSL : yes
Keep-Alive : yes
Options allowed : (Not implemented)
Headers :

Date: Tue, 26 Jun 2018 01:50:12 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Vary: Accept-Encoding
Content-Length: 77
Keep-Alive: timeout=5, max=300
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Response Body :

<html><center>
<font size='5'>Hacked By B0c4H_Id30T</font></center></html>
39521 - Backported Security Patch Detection (WWW)
Synopsis
Security patches are backported.
Description
Security patches may have been 'backported' to the remote HTTP server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/06/25, Modified: 2015/07/07
Plugin Output

tcp/443


Local checks have been enabled.
48204 - Apache HTTP Server Version
Synopsis
It is possible to obtain the version number of the remote Apache HTTP server.
Description
The remote host is running the Apache HTTP Server, an open source web server. It was possible to read the version number from the banner.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2010/07/30, Modified: 2018/01/22
Plugin Output

tcp/443


URL : https://blog.poltekom.ac.id/
Version : 2.4.99
backported : 1
os : ConvertedUbuntu
48243 - PHP Version Detection
Synopsis
It was possible to obtain the version number of the remote PHP installation.
Description
Nessus was able to determine the version of PHP available on the remote web server.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2010/08/04, Modified: 2017/07/07
Plugin Output

tcp/443


Nessus was able to identify the following PHP version information :

Version : 5.5.9-1ubuntu4.14
Source : X-Powered-By: PHP/5.5.9-1ubuntu4.14
50845 - OpenSSL Detection
Synopsis
The remote service appears to use OpenSSL to encrypt traffic.
Description
Based on its response to a TLS request with a specially crafted server name extension, it seems that the remote service is using the OpenSSL library to encrypt traffic.

Note that this plugin can only detect OpenSSL implementations that have enabled support for TLS extensions (RFC 4366).
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2010/11/30, Modified: 2013/10/18
Plugin Output

tcp/443

51891 - SSL Session Resume Supported
Synopsis
The remote host allows resuming SSL sessions.
Description
This script detects whether a host allows resuming SSL sessions by performing a full SSL handshake to receive a session ID, and then reconnecting with the previously used session ID. If the server accepts the session ID in the second connection, the server maintains a cache of sessions that can be resumed.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/02/07, Modified: 2013/10/18
Plugin Output

tcp/443


This port supports resuming SSLv3 sessions.
56984 - SSL / TLS Versions Supported
Synopsis
The remote service encrypts communications.
Description
This plugin detects which SSL and TLS versions are supported by the remote service for encrypting communications.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/12/01, Modified: 2018/02/15
Plugin Output

tcp/443


This port supports SSLv3/TLSv1.0/TLSv1.1/TLSv1.2.
57041 - SSL Perfect Forward Secrecy Cipher Suites Supported
Synopsis
The remote service supports the use of SSL Perfect Forward Secrecy ciphers, which maintain confidentiality even if the key is stolen.
Description
The remote host supports the use of SSL ciphers that offer Perfect Forward Secrecy (PFS) encryption. These cipher suites ensure that recorded SSL traffic cannot be broken at a future date if the server's private key is compromised.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/12/07, Modified: 2017/06/12
Plugin Output

tcp/443


Here is the list of SSL PFS ciphers supported by the remote server :

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-GCM(128) Mac=SHA256
DHE-RSA-AES256-SHA384 Kx=DH Au=RSA Enc=AES-GCM(256) Mac=SHA384
ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-GCM(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-GCM(256) Mac=SHA384
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
DHE-RSA-SEED-SHA Kx=DH Au=RSA Enc=SEED-CBC(128) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA256
DHE-RSA-AES256-SHA256 Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA256
ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
70544 - SSL Cipher Block Chaining Cipher Suites Supported
Synopsis
The remote service supports the use of SSL Cipher Block Chaining ciphers, which combine previous blocks with subsequent ones.
Description
The remote host supports the use of SSL ciphers that operate in Cipher Block Chaining (CBC) mode. These cipher suites offer additional security over Electronic Codebook (ECB) mode, but have the potential to leak information if used improperly.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2013/10/22, Modified: 2013/10/22
Plugin Output

tcp/443


Here is the list of SSL CBC ciphers supported by the remote server :

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1
DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
DHE-RSA-SEED-SHA Kx=DH Au=RSA Enc=SEED-CBC(128) Mac=SHA1
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
SEED-SHA Kx=RSA Au=RSA Enc=SEED-CBC(128) Mac=SHA1
DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA256
DHE-RSA-AES256-SHA256 Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA256
ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
84502 - HSTS Missing From HTTPS Server
Synopsis
The remote web server is not enforcing HSTS.
Description
The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS). The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.
See Also
Solution
Configure the remote web server to use HSTS.
Risk Factor
None
Plugin Information:
Published: 2015/07/02, Modified: 2015/07/02
Plugin Output

tcp/443


The remote HTTPS server does not send the HTTP
"Strict-Transport-Security" header.
84574 - Backported Security Patch Detection (PHP)
Synopsis
Security patches have been backported.
Description
Security patches may have been 'backported' to the remote PHP install without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2015/07/07, Modified: 2015/07/07
Plugin Output

tcp/443


Local checks have been enabled.
104743 - TLS Version 1.0 Protocol Detection
Synopsis
The remote service encrypts traffic using an older version of TLS.
Description
The remote service accepts connections encrypted using TLS 1.0. TLS 1.0 has a number of cryptographic design flaws. Modern implementations of TLS 1.0 mitigate these problems, but newer versions of TLS like 1.1 and 1.2 are designed against these flaws and should be used whenever possible.

PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30, 2018, except for POS POI terminals (and the SSL/TLS termination points to which they connect) that can be verified as not being susceptible to any known exploits.
Solution
Enable support for TLS 1.1 and 1.2, and disable support for TLS 1.0.
Risk Factor
None
Plugin Information:
Published: 2017/11/22, Modified: 2018/04/24
Plugin Output

tcp/443

TLSv1 is enabled and the server supports at least one cipher.

57608 - SMB Signing not required
Synopsis
Signing is not required on the remote SMB server.
Description
Signing is not required on the remote SMB server. An unauthenticated, remote attacker can exploit this to conduct man-in-the-middle attacks against the SMB server.
See Also
Solution
Enforce message signing in the host's configuration. On Windows, this is found in the policy setting 'Microsoft network server: Digitally sign communications (always)'. On Samba, the setting is called 'server signing'. See the 'see also' links for further details.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS v3.0 Temporal Score
4.6 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score
3.7 (CVSS2#E:U/RL:OF/RC:C)
Plugin Information:
Published: 2012/01/19, Modified: 2018/05/02
Plugin Output

tcp/445

90509 - Samba Badlock Vulnerability
Synopsis
An SMB server running on the remote host is affected by the Badlock vulnerability.
Description
The version of Samba, a CIFS/SMB server for Linux and Unix, running on the remote host is affected by a flaw, known as Badlock, that exists in the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) protocols due to improper authentication level negotiation over Remote Procedure Call (RPC) channels. A man-in-the-middle attacker who is able to able to intercept the traffic between a client and a server hosting a SAM database can exploit this flaw to force a downgrade of the authentication level, which allows the execution of arbitrary Samba network calls in the context of the intercepted user, such as viewing or modifying sensitive security data in the Active Directory (AD) database or disabling critical services.
See Also
Solution
Upgrade to Samba version 4.2.11 / 4.3.8 / 4.4.2 or later.
Risk Factor
Medium
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.6 (CVSS2#E:F/RL:OF/RC:ND)
References
BID 86002
CVE CVE-2016-2118
XREF OSVDB:136339
XREF CERT:813296
Plugin Information:
Published: 2016/04/13, Modified: 2016/07/25
Plugin Output

tcp/445


Nessus detected that the Samba Badlock patch has not been applied.
10394 - Microsoft Windows SMB Log In Possible
Synopsis
It was possible to log into the remote host.
Description
The remote host is running a Microsoft Windows operating system or Samba, a CIFS/SMB server for Unix. It was possible to log into it using one of the following accounts :

- NULL session
- Guest account
- Supplied credentials
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2000/05/09, Modified: 2018/06/06
Plugin Output

tcp/445

- NULL sessions are enabled on the remote host.
10395 - Microsoft Windows SMB Shares Enumeration
Synopsis
It is possible to enumerate remote network shares.
Description
By connecting to the remote host, Nessus was able to enumerate the network share names.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2000/05/09, Modified: 2018/05/16
Plugin Output

tcp/445


Here are the SMB shares available on the remote host :

- IPC$
- print$
10785 - Microsoft Windows SMB NativeLanManager Remote System Information Disclosure
Synopsis
It was possible to obtain information about the remote operating system.
Description
Nessus was able to obtain the remote operating system name and version (Windows and/or Samba) by sending an authentication request to port 139 or 445. Note that this plugin requires SMB1 to be enabled on the host.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2001/10/17, Modified: 2017/11/30
Plugin Output

tcp/445

The remote Operating System is : Unix
The remote native LAN manager is : Samba 4.1.6-Ubuntu
The remote SMB Domain Name is : SINGA
10859 - Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration
Synopsis
It is possible to obtain the host SID for the remote host.
Description
By emulating the call to LsaQueryInformationPolicy(), it was possible to obtain the host SID (Security Identifier).

The host SID can then be used to get the list of local users.
See Also
Solution
You can prevent anonymous lookups of the host SID by setting the 'RestrictAnonymous' registry setting to an appropriate value.

Refer to the 'See also' section for guidance.
Risk Factor
None
References
BID 959
CVE CVE-2000-1200
XREF OSVDB:715
Plugin Information:
Published: 2002/02/13, Modified: 2015/11/18
Plugin Output

tcp/445


The remote host SID value is :

1-5-21-2140563558-3164349447-1809426676

The value of 'RestrictAnonymous' setting is : unknown
10860 - SMB Use Host SID to Enumerate Local Users
Synopsis
Nessus was able to enumerate local users.
Description
Using the host security identifier (SID), Nessus was able to enumerate local users on the remote Windows system.
Solution
n/a
Risk Factor
None
References
XREF OSVDB:714
Plugin Information:
Published: 2002/02/13, Modified: 2018/05/16
Plugin Output

tcp/445


- nobody (id 501, Guest account)
- poltekom (id 1000)
- puskom (id 1001)
- manager (id 1002)

Note that, in addition to the Administrator and Guest accounts, Nessus
has enumerated only those local users with IDs between 1000 and 1200.
To use a different range, edit the scan policy and change the 'Start
UID' and/or 'End UID' preferences for this plugin, then re-run the
scan.
11011 - Microsoft Windows SMB Service Detection
Synopsis
A file / print sharing service is listening on the remote host.
Description
The remote service understands the CIFS (Common Internet File System) or Server Message Block (SMB) protocol, used to provide shared access to files, printers, etc between nodes on a network.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/06/05, Modified: 2015/06/02
Plugin Output

tcp/445


A CIFS server is running on this port.
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/445

Port 445/tcp was found to be open
17651 - Microsoft Windows SMB : Obtains the Password Policy
Synopsis
It is possible to retrieve the remote host's password policy using the supplied credentials.
Description
Using the supplied credentials it was possible to extract the password policy for the remote Windows host. The password policy must conform to the Informational System Policy.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2005/03/30, Modified: 2015/01/12
Plugin Output

tcp/445

The following password policy is defined on the remote host:

Minimum password len: 5
Password history len: 0
Maximum password age (d): No limit
Password must meet complexity requirements: Disabled
Minimum password age (d): 0
Forced logoff time (s): Not set
Locked account time (s): 1800
Time between failed logon (s): 1800
Number of invalid logon before locked out (s): 0
25240 - Samba Server Detection
Synopsis
An SMB server is running on the remote host.
Description
The remote host is running Samba, a CIFS/SMB server for Linux and Unix.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2013/01/07
Plugin Output

tcp/445

60119 - Microsoft Windows SMB Share Permissions Enumeration
Synopsis
It was possible to enumerate the permissions of remote network shares.
Description
By using the supplied credentials, Nessus was able to enumerate the permissions of network shares. User permissions are enumerated for each network share that has a list of access control entries (ACEs).
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2012/07/25, Modified: 2018/05/16
Plugin Output

tcp/445


Share path : \\SINGA\IPC$
Local path : C:\tmp
Comment : IPC Service (singa server (Samba, Ubuntu))
[*] Allow ACE for Everyone: 0x001f01ff
FILE_GENERIC_READ: YES
FILE_GENERIC_WRITE: YES
FILE_GENERIC_EXECUTE: YES

Share path : \\SINGA\print$
Local path : C:\var\lib\samba\printers
Comment : Printer Drivers
[*] Allow ACE for Everyone: 0x001f01ff
FILE_GENERIC_READ: YES
FILE_GENERIC_WRITE: YES
FILE_GENERIC_EXECUTE: YES
96982 - Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check)
Synopsis
The remote Windows host supports the SMBv1 protocol.
Description
The remote Windows host supports Server Message Block Protocol version 1 (SMBv1). Microsoft recommends that users discontinue the use of SMBv1 due to the lack of security features that were included in later SMB versions. Additionally, the Shadow Brokers group reportedly has an exploit that affects SMB; however, it is unknown if the exploit affects SMBv1 or another version. In response to this, US-CERT recommends that users disable SMBv1 per SMB best practices to mitigate these potential issues.
See Also
Solution
Disable SMBv1 according to the vendor instructions in Microsoft KB2696547. Additionally, block SMB directly by blocking TCP port 445 on all network boundary devices. For SMB over the NetBIOS API, block TCP ports 137 / 139 and UDP ports 137 / 138 on all network boundary devices.
Risk Factor
None
References
XREF OSVDB:151058
Plugin Information:
Published: 2017/02/03, Modified: 2017/02/16
Plugin Output

tcp/445


The remote host supports SMBv1.
100871 - Microsoft Windows SMB Versions Supported (remote check)
Synopsis
It was possible to obtain information about the version of SMB running on the remote host.
Description
Nessus was able to obtain the version of SMB running on the remote host by sending an authentication request to port 139 or 445.

Note that this plugin is a remote check and does not work on agents.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2017/06/19, Modified: 2017/06/19
Plugin Output

tcp/445


The remote host supports the following versions of SMB :
SMBv1
SMBv2
104887 - Samba Version
Synopsis
It was possible to obtain the samba version from the remote operating system.
Description
Nessus was able to obtain the samba version from the remote operating by sending an authentication request to port 139 or 445. Note that this plugin requires SMB1 to be enabled on the host.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2017/11/30, Modified: 2017/11/30
Plugin Output

tcp/445


The remote Samba Version is : Samba 4.1.6-Ubuntu
106716 - Microsoft Windows SMB2 Dialects Supported (remote check)
Synopsis
It was possible to obtain information about the dialects of SMB2 available on the remote host.
Description
Nessus was able to obtain the set of SMB2 dialects running on the remote host by sending an authentication request to port 139 or 445.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2018/02/09, Modified: 2018/02/09
Plugin Output

tcp/445


The remote host supports the following SMB dialects :
_version_ _introduced in windows version_
2.0.2 Windows 2008
2.1 Windows 7
2.2.2 Windows 8 Beta
2.2.4 Windows 8 Beta
3.0 Windows 8

The remote host does NOT support the following SMB dialects :
_version_ _introduced in windows version_
3.0.2 Windows 8.1
3.1 Windows 10
3.1.1 Windows 10

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/868

Port 868/udp was found to be open

10437 - NFS Share Export List
Synopsis
The remote NFS server exports a list of shares.
Description
This plugin retrieves the list of NFS exported shares.
See Also
Solution
Ensure each share is intended to be exported.
Risk Factor
None
References
CVE CVE-1999-0554
XREF OSVDB:339
Plugin Information:
Published: 2000/06/07, Modified: 2018/05/21
Plugin Output

tcp/2049


Here is the export list of blog.poltekom.ac.id :

/home/puskom/hwXHMz 192.168.123.4

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

udp/2049


The following RPC services are available on UDP port 2049 :

- program: 100003 (nfs), version: 2
- program: 100003 (nfs), version: 3
- program: 100003 (nfs), version: 4
- program: 100227 (nfs_acl), version: 2
- program: 100227 (nfs_acl), version: 3
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/2049

Port 2049/udp was found to be open

10107 - HTTP Server Type and Version
Synopsis
A web server is running on the remote host.
Description
This plugin attempts to determine the type and the version of the remote web server.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2000/01/04, Modified: 2018/05/23
Plugin Output

tcp/2112

The remote web server type is :

squid/3.3.8
11040 - HTTP Reverse Proxy Detection
Synopsis
A transparent or reverse HTTP proxy is running on this port.
Description
This web server is reachable through a reverse HTTP proxy.
Solution
n/a
Risk Factor
None
References
CVE CVE-2004-2320
CVE CVE-2005-3398
CVE CVE-2005-3498
CVE CVE-2007-3008
XREF OSVDB:877
XREF OSVDB:3726
XREF OSVDB:35511
XREF OSVDB:50485
XREF CWE:200
XREF CWE:79
Plugin Information:
Published: 2002/07/02, Modified: 2018/05/21
Plugin Output

tcp/2112

The GET method revealed those proxies on the way to this web server :
HTTP/1.1 localhost (squid/3.3.8)
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/2112

Port 2112/tcp was found to be open
22964 - Service Detection
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/08/19, Modified: 2018/05/03
Plugin Output

tcp/2112

A web server is running on this port.

tcp/2112

An HTTP proxy is running on this port.
24260 - HyperText Transfer Protocol (HTTP) Information
Synopsis
Some information about the remote HTTP configuration can be extracted.
Description
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc...

This test is informational only and does not denote any security problem.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/01/30, Modified: 2017/11/13
Plugin Output

tcp/2112


Response Code : HTTP/1.1 400 Bad Request

Protocol version : HTTP/1.1
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Server: squid/3.3.8
Mime-Version: 1.0
Date: Tue, 26 Jun 2018 01:50:12 GMT
Content-Type: text/html
Content-Length: 3164
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from localhost
X-Cache-Lookup: NONE from localhost:2112
Via: 1.1 localhost (squid/3.3.8)
Connection: close

Response Body :

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!--
/*
Stylesheet for Squid Error pages
Adapted from design by Free CSS Templates
http://www.freecsstemplates.org
Released for free under a Creative Commons Attribution 2.5 License
*/

/* Page basics */
* {
font-family: verdana, sans-serif;
}

html body {
margin: 0;
padding: 0;
background: #efefef;
font-size: 12px;
color: #1e1e1e;
}

/* Page displayed title area */
#titles {
margin-left: 15px;
padding: 10px;
padding-left: 100px;
background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;
}

/* initial title */
#titles h1 {
color: #000000;
}
#titles h2 {
color: #000000;
}

/* special event: FTP success page titles */
#titles ftpsuccess {
background-color:#00ff00;
width:100%;
}

/* Page displayed body content area */
#content {
padding: 10px;
background: #ffffff;
}

/* General text */
p {
}

/* error brief description */
#error p {
}

/* some data which may have caused the problem */
#data {
}

/* the error message received from the system or other software */
#sysmsg {
}

pre {
font-family:sans-serif;
}

/* special event: FTP / Gopher directory listing */
#dirmsg {
font-family: courier;
color: black;
font-size: 10pt;
}
#dirlisting {
margin-left: 2%;
margin-right: 2%;
}
#dirlisting tr.entry td.icon,td.filename,td.size,td.date {
border-bottom: groove;
}
#dirlisting td.size {
width: 50px;
text-align: right;
padding-right: 5px;
}

/* horizontal lines */
hr {
margin: 0;
}

/* page displayed footer area */
#footer {
font-size: 9px;
padding-left: 10px;
}


body
:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }
:lang(he) { direction: rtl; }
--></style>
</head><body id=ERR_INVALID_URL>
<div id="titles">
<h1>ERROR</h1>
<h2>The requested URL could not be retrieved</h2>
</div>
<hr>

<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="/">/</a></p>

<blockquote id="error">
<p><b>Invalid URL</b></p>
</blockquote>

<p>Some aspect of the requested URL is incorrect.</p>

<p>Some possible problems are:</p>
<ul>
<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>
<li><p>Missing hostname</p></li>
<li><p>Illegal double-escape in the URL-Path</p></li>
<li><p>Illegal character in hostname; underscores are not allowed.</p></li>
</ul>

<p>Your cache administrator is <a href="mailto:admin@example.com?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20localhost%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Tue,%2026%20Jun%202018%2001%3A50%3A12%20GMT%0D%0A%0D%0AClientIP%3A%20172.16.1.201%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A">admin@example.com</a>.</p>
<br>
</div>

<hr>
<div id="footer">
<p>Generated Tue, 26 Jun 2018 01:50:12 GMT by localhost (squid/3.3.8)</p>
<!-- ERR_INVALID_URL -->
</div>
</body></html>
49692 - Squid Proxy Version Detection
Synopsis
It was possible to obtain the version number of the remote Squid proxy server.
Description
The remote host is running the Squid proxy server, an open source proxy server. It was possible to read the version number from the banner.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2010/09/28, Modified: 2015/04/02
Plugin Output

tcp/2112


Source : Squid
Version : 3.3.8

10719 - MySQL Server Detection
Synopsis
A database server is listening on the remote port.
Description
The remote host is running MySQL, an open source database server.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2001/08/13, Modified: 2013/01/07
Plugin Output

tcp/3306


Version : 5.5.46-0ubuntu0.14.04.2
Protocol : 10
Server Status : SERVER_STATUS_AUTOCOMMIT
Server Capabilities :
CLIENT_LONG_PASSWORD (new more secure passwords)
CLIENT_FOUND_ROWS (Found instead of affected rows)
CLIENT_LONG_FLAG (Get all column flags)
CLIENT_CONNECT_WITH_DB (One can specify db on connect)
CLIENT_NO_SCHEMA (Don't allow database.table.column)
CLIENT_COMPRESS (Can use compression protocol)
CLIENT_ODBC (ODBC client)
CLIENT_LOCAL_FILES (Can use LOAD DATA LOCAL)
CLIENT_IGNORE_SPACE (Ignore spaces before "("
CLIENT_PROTOCOL_41 (New 4.1 protocol)
CLIENT_INTERACTIVE (This is an interactive client)
CLIENT_SIGPIPE (IGNORE sigpipes)
CLIENT_TRANSACTIONS (Client knows about transactions)
CLIENT_RESERVED (Old flag for 4.1 protocol)
CLIENT_SECURE_CONNECTION (New 4.1 authentication)
11153 - Service Detection (HELP Request)
Synopsis
The remote service could be identified.
Description
It was possible to identify the remote service by its banner or by looking at the error message it sends when it receives a 'HELP'
request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/11/18, Modified: 2017/06/08
Plugin Output

tcp/3306

A MySQL server is running on this port.
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/3306

Port 3306/tcp was found to be open

12085 - Apache Tomcat Default Files
Synopsis
The remote web server contains default files.
Description
The default error page, default index page, example JSPs, and/or example servlets are installed on the remote Apache Tomcat server. These files should be removed as they may help an attacker uncover information about the remote Tomcat install or host itself.
See Also
Solution
Delete the default index page and remove the example JSP and servlets. Follow the Tomcat or OWASP instructions to replace or modify the default error page.
Risk Factor
Medium
CVSS v3.0 Base Score
7.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVSS Base Score
6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
References
XREF CWE:20
XREF CWE:74
XREF CWE:79
XREF CWE:442
XREF CWE:629
XREF CWE:711
XREF CWE:712
XREF CWE:722
XREF CWE:725
XREF CWE:750
XREF CWE:751
XREF CWE:800
XREF CWE:801
XREF CWE:809
XREF CWE:811
XREF CWE:864
XREF CWE:900
XREF CWE:928
XREF CWE:931
XREF CWE:990
Plugin Information:
Published: 2004/03/02, Modified: 2018/01/30
Plugin Output

tcp/8080


The following default files were found :

/nessus-check/default-404-error-page.html
10107 - HTTP Server Type and Version
Synopsis
A web server is running on the remote host.
Description
This plugin attempts to determine the type and the version of the remote web server.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2000/01/04, Modified: 2018/05/23
Plugin Output

tcp/8080

The remote web server type is :

Apache-Coyote/1.1
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/8080

Port 8080/tcp was found to be open
22964 - Service Detection
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/08/19, Modified: 2018/05/03
Plugin Output

tcp/8080

A web server is running on this port.
24260 - HyperText Transfer Protocol (HTTP) Information
Synopsis
Some information about the remote HTTP configuration can be extracted.
Description
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc...

This test is informational only and does not denote any security problem.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/01/30, Modified: 2017/11/13
Plugin Output

tcp/8080


Response Code : HTTP/1.1 200 OK

Protocol version : HTTP/1.1
SSL : no
Keep-Alive : no
Options allowed : GET, HEAD, POST, PUT, DELETE, OPTIONS
Headers :

Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"77-1518623149000"
Last-Modified: Wed, 14 Feb 2018 15:45:49 GMT
Content-Type: text/html
Content-Length: 77
Date: Tue, 26 Jun 2018 01:50:12 GMT
Connection: close

Response Body :

<html><center>
<font size='5'>Hacked By B0c4H_Id30T</font></center></html>
39446 - Apache Tomcat Detection
Synopsis
The remote web server is an Apache Tomcat server.
Description
Nessus was able to detect a remote Apache Tomcat web server.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/06/18, Modified: 2018/01/24
Plugin Output

tcp/8080


URL : http://blog.poltekom.ac.id:8080/
Version : 7.0.99
backported : 1
source : <title>Apache Tomcat/7.0.99
39521 - Backported Security Patch Detection (WWW)
Synopsis
Security patches are backported.
Description
Security patches may have been 'backported' to the remote HTTP server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/06/25, Modified: 2015/07/07
Plugin Output

tcp/8080


Local checks have been enabled.
43111 - HTTP Methods Allowed (per directory)
Synopsis
This plugin determines which HTTP methods are allowed on various CGI directories.
Description
By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each directory.

As this list may be incomplete, the plugin also tests - if 'Thorough tests' are enabled or 'Enable web applications tests' is set to 'yes'
in the scan policy - various known HTTP methods on each directory and considers them as unsupported if it receives a response code of 400, 403, 405, or 501.

Note that the plugin output is only informational and does not necessarily indicate the presence of any security vulnerabilities.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/12/10, Modified: 2018/06/11
Plugin Output

tcp/8080

Based on the response to an OPTIONS request :

- HTTP methods DELETE HEAD OPTIONS POST PUT GET
are allowed on :

/

26928 - SSL Weak Cipher Suites Supported
Synopsis
The remote service supports the use of weak SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer weak encryption.

Note: This is considerably easier to exploit if the attacker is on the same physical network.
See Also
Solution
Reconfigure the affected application, if possible to avoid the use of weak ciphers.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS Base Score
4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
References
XREF CWE:326
XREF CWE:327
XREF CWE:720
XREF CWE:753
XREF CWE:803
XREF CWE:928
XREF CWE:934
Plugin Information:
Published: 2007/10/08, Modified: 2018/05/16
Plugin Output

tcp/10000


Here is the list of weak SSL ciphers supported by the remote server :

Low Strength Ciphers (<= 64-bit key)

DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
42873 - SSL Medium Strength Cipher Suites Supported
Synopsis
The remote service supports the use of medium strength SSL ciphers.
Description
The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.

Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.
See Also
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Published: 2009/11/23, Modified: 2017/09/01
Plugin Output

tcp/10000


Here is the list of medium strength SSL ciphers supported by the remote server :

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
45411 - SSL Certificate with Wrong Hostname
Synopsis
The SSL certificate for this service is for a different host.
Description
The 'commonName' (CN) attribute of the SSL certificate presented for this service is for a different machine.
Solution
Purchase or generate a proper certificate for this service.
Risk Factor
Medium
CVSS v3.0 Base Score
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
Plugin Information:
Published: 2010/04/03, Modified: 2017/06/05
Plugin Output

tcp/10000


The identities known by Nessus are :

127.0.0.1
172.16.0.3
::1
fe80::223:8bff:fe64:8746
singa
singa.poltekom.ac.id
blog.poltekom.ac.id

The Common Name in the certificate is :

*
51192 - SSL Certificate Cannot Be Trusted
Synopsis
The SSL certificate for this service cannot be trusted.
Description
The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below :

- First, the top of the certificate chain sent by the server might not be descended from a known public certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed certificate, or when intermediate certificates are missing that would connect the top of the certificate chain to a known public certificate authority.

- Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the certificate's 'notAfter' dates.

- Third, the certificate chain may contain a signature that either didn't match the certificate's information or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a signing algorithm that Nessus either does not support or does not recognize.

If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.
See Also
Solution
Purchase or generate a proper certificate for this service.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
Plugin Information:
Published: 2010/12/15, Modified: 2017/05/18
Plugin Output

tcp/10000


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : O=Webmin Webserver on singa/CN=*/E=root@singa
|-Issuer : O=Webmin Webserver on singa/CN=*/E=root@singa
57582 - SSL Self-Signed Certificate
Synopsis
The SSL certificate chain for this service ends in an unrecognized self-signed certificate.
Description
The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.

Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority.
Solution
Purchase or generate a proper certificate for this service.
Risk Factor
Medium
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
Plugin Information:
Published: 2012/01/17, Modified: 2016/12/14
Plugin Output

tcp/10000


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : O=Webmin Webserver on singa/CN=*/E=root@singa
65821 - SSL RC4 Cipher Suites Supported (Bar Mitzvah)
Synopsis
The remote service supports the use of the RC4 cipher.
Description
The remote host supports the use of RC4 in one or more cipher suites.
The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness.

If plaintext is repeatedly encrypted (e.g., HTTP cookies), and an attacker is able to obtain many (i.e., tens of millions) ciphertexts, the attacker may be able to derive the plaintext.
See Also
Solution
Reconfigure the affected application, if possible, to avoid use of RC4 ciphers. Consider using TLS 1.2 with AES-GCM suites subject to browser and web server support.
Risk Factor
Low
CVSS Base Score
2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score
2.2 (CVSS2#E:F/RL:TF/RC:ND)
References
BID 58796
BID 73684
CVE CVE-2013-2566
CVE CVE-2015-2808
XREF OSVDB:91162
XREF OSVDB:117855
Plugin Information:
Published: 2013/04/05, Modified: 2018/05/21
Plugin Output

tcp/10000


List of RC4 cipher suites supported by the remote server :

High Strength Ciphers (>= 112-bit key)

RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
10107 - HTTP Server Type and Version
Synopsis
A web server is running on the remote host.
Description
This plugin attempts to determine the type and the version of the remote web server.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2000/01/04, Modified: 2018/05/23
Plugin Output

tcp/10000

The remote web server type is :

MiniServ/1.770
10757 - Webmin Detection
Synopsis
An administration application is running on the remote host.
Description
The remote web server is running Webmin, a web-based interface for system administration for Unix.
See Also
Solution
Stop the Webmin service if not needed or ensure access is limited to authorized hosts. See the menu items '[Webmin Configuration][IP Access Control]' and/or '[Webmin Configuration][Port and Address]'.
Risk Factor
None
Plugin Information:
Published: 2001/09/14, Modified: 2018/03/22
Plugin Output

tcp/10000


URL : https://blog.poltekom.ac.id:10000/
Source : Server: MiniServ/1.770
Webmin version : 1.770
10863 - SSL Certificate Information
Synopsis
This plugin displays the SSL certificate.
Description
This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2008/05/19, Modified: 2015/12/30
Plugin Output

tcp/10000

Subject Name:

Organization: Webmin Webserver on singa
Common Name: *
Email Address: root@singa

Issuer Name:

Organization: Webmin Webserver on singa
Common Name: *
Email Address: root@singa

Serial Number: 00 E5 8A D6 0C 40 DD CF 31

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Feb 09 07:18:44 2015 GMT
Not Valid After: Feb 08 07:18:44 2020 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 C0 71 C7 38 3E 7B 20 11 10 7A 93 1F F8 B7 BF 74 C8 C6 13
F4 6A F1 CF AB C8 EB 26 60 DB C3 06 D7 C3 55 BA E9 9A 78 A7
6E 21 F6 C2 C0 AB E7 CA 14 27 BE 9D 59 9C BF A9 7C 48 A0 55
CD 77 35 C1 30 FF EC E7 E5 07 EB 31 AD 2F 16 F8 10 E4 76 F9
DB 47 40 8A DE 62 9E 2D 49 34 B2 46 90 49 73 C6 7A 17 1D 9D
1C D0 14 5B 4C D0 05 46 19 3D 7A 1A DD B9 BC 01 A8 64 84 F9
07 93 63 EA 75 DD EE C6 46 23 88 38 E3 C8 F5 14 19 36 33 83
50 05 E5 B9 E5 6D 06 F2 83 77 84 AD 98 5D A6 7D 9F 6A 82 8B
60 18 F4 BB D6 7D 53 B0 04 13 62 A1 0A 43 F1 E7 62 38 8E 03
EC FD 58 ED 60 07 3A 5E 4F EA 00 10 13 3C 05 E6 63 51 3C C8
0D 3B DE 81 B3 3E AF 93 93 5C 3A CC 26 0D 6D 4F 47 4A 77 F0
69 92 76 8B A1 0B 2F 5D 80 F3 F5 42 67 60 1F D8 8B 54 CF 66
EA 5D 49 85 3F 52 E4 B5 CE C9 DE FE B8 1A C8 13 A7
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 1A 9E 22 6C 54 B3 E0 5B CC 95 E9 B3 0D B5 2C D1 95 B0 5E
96 94 CC 44 2B C1 58 A0 B7 2A 23 2B BB 80 30 A0 3E 2B 27 C2
B2 3D 84 D2 5B 5A 93 EB 25 E9 B6 A2 1D F2 4A E1 1A 37 03 98
15 6D DC 26 E8 E1 E3 A4 3B 17 D8 B2 A6 4E E8 F2 43 84 61 49
41 F2 F2 65 26 F9 D5 3A 04 C2 0B C1 1D 11 CD 80 5B 83 C3 2E
7C 18 A4 16 83 23 27 0F 9C C9 AF A4 15 65 99 F6 DD 29 EA E3
B9 10 43 F0 03 B2 F3 7E A5 38 54 2D D4 35 76 A0 BA 3A BC 98
CD D6 4A D0 CB 78 65 ED 12 70 3E BA 04 45 A4 68 72 31 5E 07
F8 CC AC BB AF E2 F2 43 0C 64 08 58 13 10 AF 70 77 36 67 52
04 EC 34 A1 B1 F9 06 9B B9 B7 C4 6C 39 95 4A BD B1 8F 28 A8
E6 D9 2D 8E 15 4E 48 12 05 9D A2 34 C5 3C 2B 01 6E 30 8E 0F
D8 C1 AE E0 75 39 1B FD 4B C4 47 3D 37 F0 D3 D5 30 51 5D 6C
07 13 07 C4 CE 7C AE DE 61 1B 17 C0 FD 39 A0 30 E0

Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 5C DE 4F 24 15 8E D8 65 1B C2 AE 42 77 2B FE D0 3B 17 99 9C


Extension: Authority Key Identifier (2.5.29.35)
Critical: 0
Key Identifier: 5C DE 4F 24 15 8E D8 65 1B C2 AE 42 77 2B FE D0 3B 17 99 9C


Extension: Basic Constraints (2.5.29.19)
Critical: 0
CA: TRUE


Fingerprints :

SHA-256 Fingerprint: 87 77 5F E9 1F F6 E9 91 BF C7 FC 85 65 B0 AC D8 9C 11 1C 98
49 30 30 73 B7 07 10 02 0B 33 E0 76
SHA-1 Fingerprint: ED 5A 28 60 1C E2 93 7F CA A6 D7 39 A5 22 4A 43 8A 2F 4C 73
MD5 Fingerprint: CA 82 38 CD F6 80 FC 8D 25 FE 9A FC FD 7A 13 74
19689 - Embedded Web Server Detection
Synopsis
The remote web server is embedded.
Description
The remote web server cannot host user-supplied CGIs. CGI scanning will be disabled on this server.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2005/09/14, Modified: 2018/02/21
Plugin Output

tcp/10000

21643 - SSL Cipher Suites Supported
Synopsis
The remote service encrypts communications using SSL.
Description
This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2006/06/05, Modified: 2018/03/29
Plugin Output

tcp/10000


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
Low Strength Ciphers (<= 64-bit key)

DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-GCM(128) Mac=SHA256
RSA-AES256-SHA384 Kx=RSA Au=RSA Enc=AES-GCM(256) Mac=SHA384
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SEED-SHA Kx=RSA Au=RSA Enc=SEED-CBC(128) Mac=SHA1
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256


SSL Version : TLSv11
Low Strength Ciphers (<= 64-bit key)

DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SEED-SHA Kx=RSA Au=RSA Enc=SEED-CBC(128) Mac=SHA1


SSL Version : TLSv1
Low Strength Ciphers (<= 64-bit key)

DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SEED-SHA Kx=RSA Au=RSA Enc=SEED-CBC(128) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
22964 - Service Detection
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/08/19, Modified: 2018/05/03
Plugin Output

tcp/10000

A TLSv1 server answered on this port.

tcp/10000

A web server is running on this port through TLSv1.
45410 - SSL Certificate 'commonName' Mismatch
Synopsis
The 'commonName' (CN) attribute in the SSL certificate does not match the hostname.
Description
The service running on the remote host presents an SSL certificate for which the 'commonName' (CN) attribute does not match the hostname on which the service listens.
Solution
If the machine has several names, make sure that users connect to the service through the DNS hostname that matches the common name in the certificate.
Risk Factor
None
Plugin Information:
Published: 2010/04/03, Modified: 2017/06/05
Plugin Output

tcp/10000


The host names known by Nessus are :

blog.poltekom.ac.id
singa

The Common Name in the certificate is :

*
50845 - OpenSSL Detection
Synopsis
The remote service appears to use OpenSSL to encrypt traffic.
Description
Based on its response to a TLS request with a specially crafted server name extension, it seems that the remote service is using the OpenSSL library to encrypt traffic.

Note that this plugin can only detect OpenSSL implementations that have enabled support for TLS extensions (RFC 4366).
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2010/11/30, Modified: 2013/10/18
Plugin Output

tcp/10000

56984 - SSL / TLS Versions Supported
Synopsis
The remote service encrypts communications.
Description
This plugin detects which SSL and TLS versions are supported by the remote service for encrypting communications.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/12/01, Modified: 2018/02/15
Plugin Output

tcp/10000


This port supports TLSv1.0/TLSv1.1/TLSv1.2.
70544 - SSL Cipher Block Chaining Cipher Suites Supported
Synopsis
The remote service supports the use of SSL Cipher Block Chaining ciphers, which combine previous blocks with subsequent ones.
Description
The remote host supports the use of SSL ciphers that operate in Cipher Block Chaining (CBC) mode. These cipher suites offer additional security over Electronic Codebook (ECB) mode, but have the potential to leak information if used improperly.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2013/10/22, Modified: 2013/10/22
Plugin Output

tcp/10000


Here is the list of SSL CBC ciphers supported by the remote server :

Low Strength Ciphers (<= 64-bit key)

DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

High Strength Ciphers (>= 112-bit key)

AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
SEED-SHA Kx=RSA Au=RSA Enc=SEED-CBC(128) Mac=SHA1
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
94761 - SSL Root Certification Authority Certificate Information
Synopsis
A root Certification Authority certificate was found at the top of the certificate chain.
Description
The remote service uses an SSL certificate chain that contains a self-signed root Certification Authority certificate at the top of the chain.
See Also
Solution
Ensure that use of this root Certification Authority certificate complies with your organization's acceptable use and security policies.
Risk Factor
None
Plugin Information:
Published: 2016/11/14, Modified: 2016/11/14
Plugin Output

tcp/10000


The following root Certification Authority certificate was found :

|-Subject : O=Webmin Webserver on singa/CN=*/E=root@singa
|-Issuer : O=Webmin Webserver on singa/CN=*/E=root@singa
|-Valid From : Feb 09 07:18:44 2015 GMT
|-Valid To : Feb 08 07:18:44 2020 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption
104743 - TLS Version 1.0 Protocol Detection
Synopsis
The remote service encrypts traffic using an older version of TLS.
Description
The remote service accepts connections encrypted using TLS 1.0. TLS 1.0 has a number of cryptographic design flaws. Modern implementations of TLS 1.0 mitigate these problems, but newer versions of TLS like 1.1 and 1.2 are designed against these flaws and should be used whenever possible.

PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30, 2018, except for POS POI terminals (and the SSL/TLS termination points to which they connect) that can be verified as not being susceptible to any known exploits.
Solution
Enable support for TLS 1.1 and 1.2, and disable support for TLS 1.0.
Risk Factor
None
Plugin Information:
Published: 2017/11/22, Modified: 2018/04/24
Plugin Output

tcp/10000

TLSv1 is enabled and the server supports at least one cipher.

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/10000

Port 10000/udp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

tcp/34659


The following RPC services are available on TCP port 34659 :

- program: 100005 (mountd), version: 1
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/34659

Port 34659/tcp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/35362

Port 35362/tcp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

udp/35433


The following RPC services are available on UDP port 35433 :

- program: 100024 (status), version: 1
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/35433

Port 35433/udp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/36405

Port 36405/udp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

udp/36587


The following RPC services are available on UDP port 36587 :

- program: 100005 (mountd), version: 2
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/36587

Port 36587/udp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/38747

Port 38747/tcp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

tcp/39515


The following RPC services are available on TCP port 39515 :

- program: 100005 (mountd), version: 3
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/39515

Port 39515/tcp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/39888

Port 39888/udp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

tcp/40441


The following RPC services are available on TCP port 40441 :

- program: 100021 (nlockmgr), version: 1
- program: 100021 (nlockmgr), version: 3
- program: 100021 (nlockmgr), version: 4
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/40441

Port 40441/tcp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/40550

Port 40550/udp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/41609

Port 41609/tcp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/44269

Port 44269/tcp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

udp/46053


The following RPC services are available on UDP port 46053 :

- program: 100005 (mountd), version: 3
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/46053

Port 46053/udp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/52017

Port 52017/udp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/53505

Port 53505/tcp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

tcp/54903


The following RPC services are available on TCP port 54903 :

- program: 100005 (mountd), version: 2
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/54903

Port 54903/tcp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

tcp/54995


The following RPC services are available on TCP port 54995 :

- program: 100024 (status), version: 1
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

tcp/54995

Port 54995/tcp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

udp/55256


The following RPC services are available on UDP port 55256 :

- program: 100005 (mountd), version: 1
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/55256

Port 55256/udp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/57753

Port 57753/udp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/58577

Port 58577/udp was found to be open

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/58854

Port 58854/udp was found to be open

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

udp/59515


The following RPC services are available on UDP port 59515 :

- program: 100021 (nlockmgr), version: 1
- program: 100021 (nlockmgr), version: 3
- program: 100021 (nlockmgr), version: 4
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.

Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2018/05/30
Plugin Output

udp/59515

Port 59515/udp was found to be open
Remediations
Suggested Remediations
Taking the following actions across 1 hosts would resolve 92% of the vulnerabilities on the network.
Action to take Vulns Hosts
Ubuntu 14.04 LTS : linux vulnerabilities (USN-3674-1): Update the affected packages. 242 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3629-1): Update the affected mysql-server-5.5 and / or mysql-server-5.7 packages. 179 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : qemu update (USN-3679-1) (Spectre): Update the affected qemu, qemu-system and / or qemu-system-x86 packages. 155 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : tcpdump vulnerabilities (USN-3415-1): Update the affected tcpdump package. 131 1
Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3691-1): Update the affected packages. 119 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : php5, php7.0, php7.1, php7.2 vulnerabilities (USN-3646-1): Update the affected packages. 100 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : tiff vulnerabilities (USN-3606-1): Update the affected libtiff-tools and / or libtiff5 packages. 81 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxml2 vulnerability (USN-3513-1): Update the affected packages. 37 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : w3m vulnerabilities (USN-3555-1): Update the affected w3m package. 36 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : openssl vulnerability (USN-3628-1): Update the affected libssl1.0.0 package. 35 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : tomcat7, tomcat8 vulnerabilities (USN-3665-1): Update the affected packages. 31 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : samba vulnerabilities (USN-3595-1): Update the affected samba and / or samba-dsdb-modules packages. 30 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : poppler vulnerabilities (USN-3647-1): Update the affected packages. 29 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : eglibc, glibc vulnerabilities (USN-3534-1): Update the affected libc6 package. 29 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : graphite2 vulnerabilities (USN-3398-1): Update the affected libgraphite2-3 package. 26 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : pcre3 vulnerabilities (USN-2943-1): Update the affected libpcre3 package. 25 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : squid3 vulnerabilities (USN-3557-1): Update the affected squid3 package. 18 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : curl vulnerabilities (USN-3123-1): Update the affected libcurl3, libcurl3-gnutls and / or libcurl3-nss packages. 16 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : curl vulnerabilities (USN-3648-1): Update the affected packages. 16 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : apache2 vulnerabilities (USN-3627-1): Update the affected apache2-bin package. 16 1
Ubuntu 14.04 LTS / 16.04 LTS : jasper vulnerabilities (USN-3295-1): Update the affected libjasper1 package. 13 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : nss vulnerability (USN-3431-1): Update the affected libnss3 package. 12 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : libvirt vulnerability and update (USN-3680-1) (Spectre): Update the affected libvirt-bin and / or libvirt0 packages. 12 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : perl vulnerability (USN-3684-1): Update the affected perl package. 12 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : libsndfile vulnerabilities (USN-3306-1): Update the affected libsndfile1 package. 11 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : wpa vulnerabilities (USN-3455-1) (KRACK): Update the affected hostapd and / or wpasupplicant packages. 11 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : gdk-pixbuf vulnerabilities (USN-3532-1): Update the affected libgdk-pixbuf2.0-0 package. 10 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : git vulnerabilities (USN-3671-1): Update the affected git package. 9 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : icu vulnerability (USN-3610-1): Update the affected libicu52, libicu55 and / or libicu57 packages. 9 1
Ubuntu 14.04 LTS / 16.04 LTS : elfutils vulnerabilities (USN-3670-1): Update the affected packages. 9 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libreoffice vulnerability (USN-3579-1): Update the affected libreoffice-core package. 8 1
Ubuntu 14.04 LTS : apport vulnerability (USN-3664-2): Update the affected apport package. 7 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : libxslt vulnerabilities (USN-3271-1): Update the affected libxslt1.1 package. 6 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : dnsmasq vulnerabilities (USN-3430-1): Update the affected dnsmasq, dnsmasq-base and / or dnsmasq-utils packages. 6 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : spice, spice-protocol vulnerability (USN-3659-1): Update the affected libspice-protocol-dev and / or libspice-server1 packages. 6 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : file vulnerabilities (USN-3686-1): Update the affected file and / or libmagic1 packages. 5 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : procps vulnerabilities (USN-3658-1): Update the affected packages. 5 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : wget vulnerability (USN-3643-1): Update the affected wget package. 5 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : exim4 vulnerability (USN-3565-1): Update the affected exim4-daemon-heavy and / or exim4-daemon-light packages. 5 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : rsync vulnerabilities (USN-3543-1): Update the affected rsync package. 5 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : python2.7, python3.2, python3.4, python3.5 vulnerabilities (USN-3134-1) (httpoxy): Update the affected packages. 4 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : bash vulnerabilities (USN-3294-1): Update the affected bash package. 4 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : expat vulnerability (USN-3356-1): Update the affected lib64expat1 and / or libexpat1 packages. 4 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : freetype vulnerabilities (USN-3282-1): Update the affected libfreetype6 package. 4 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : isc-dhcp vulnerabilities (USN-3586-1): Update the affected packages. 4 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : pam regression (USN-2935-2): Update the affected libpam-modules package. 3 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : pam vulnerabilities (USN-2935-1): Update the affected libpam-modules package. 3 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libevent vulnerabilities (USN-3228-1): Update the affected libevent-2.0-5 package. 3 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : samba vulnerabilities (USN-3158-1): Update the affected libsmbclient, samba and / or winbind packages. 3 1
Ubuntu 12.04 LTS / 14.04 LTS : libdbd-mysql-perl vulnerabilities (USN-3103-1): Update the affected libdbd-mysql-perl package. 3 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxfont, libxfont1, libxfont2 vulnerability (USN-3500-1): Update the affected libxfont1 and / or libxfont2 packages. 3 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : gnupg, gnupg2 vulnerabilities (USN-3675-1): Update the affected gnupg and / or gpg packages. 3 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvncserver vulnerability (USN-3618-1): Update the affected libvncclient1, libvncserver0 and / or libvncserver1 packages. 3 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvorbis vulnerability (USN-3604-1): Update the affected libvorbis0a package. 3 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : patch vulnerabilities (USN-3624-1): Update the affected patch package. 3 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : ldb vulnerabilities (USN-2856-1): Update the affected libldb1 package. 2 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libpng vulnerabilities (USN-2861-1): Update the affected libpng12-0 package. 2 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : dosfstools vulnerabilities (USN-2986-1): Update the affected dosfstools package. 2 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : cpio vulnerabilities (USN-2906-1): Update the affected cpio package. 2 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : shadow regression (USN-3276-2): Update the affected login, passwd and / or uidmap packages. 2 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : linux-firmware vulnerabilities (USN-3505-1) (KRACK): Update the affected linux-firmware package. 2 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : c-ares vulnerability (USN-3395-1): Update the affected libc-ares2 package. 2 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : python-crypto vulnerability (USN-3616-1): Update the affected python-crypto and / or python3-crypto packages. 2 1
Ubuntu 14.04 LTS / 16.04 LTS : harfbuzz vulnerabilities (USN-3067-1): Update the affected libharfbuzz0b package. 2 1
Samba Badlock Vulnerability: Upgrade to Samba version 4.2.11 / 4.3.8 / 4.4.2 or later. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : dpkg vulnerability (USN-2820-1): Update the affected dpkg package. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : grub2 vulnerability (USN-2836-1): Update the affected grub2-common package. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : nspr vulnerability (USN-3028-1): Update the affected libnspr4 package. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : gtk+2.0, gtk+3.0 vulnerability (USN-2898-1): Update the affected libgtk-3-0 and / or libgtk2.0-0 packages. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : apparmor vulnerability (USN-3247-1): Update the affected apparmor package. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : dbus vulnerabilities (USN-3116-1): Update the affected dbus and / or libdbus-1-3 packages. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : eject vulnerability (USN-3246-1): Update the affected eject package. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libgc vulnerability (USN-3197-1): Update the affected libgc1c2 package. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libxpm vulnerability (USN-3185-1): Update the affected libxpm4 package. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : tar vulnerability (USN-3132-1): Update the affected tar package. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : vim vulnerability (USN-3139-1): Update the affected packages. 1 1
Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : fontconfig vulnerability (USN-3063-1): Update the affected fontconfig and / or libfontconfig1 packages. 1 1
Ubuntu 12.04 LTS / 14.04 LTS : pixman vulnerability (USN-2918-1): Update the affected libpixman-1-0 package. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : heimdal vulnerability (USN-3353-1) (Orpheus' Lyre): Update the affected libkrb5-26-heimdal package. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : libnl3 vulnerability (USN-3311-1): Update the affected libnl-3-200 package. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : samba vulnerability (USN-3353-2) (Orpheus' Lyre): Update the affected samba-libs package. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : sudo vulnerability (USN-3304-1): Update the affected sudo and / or sudo-ldap packages. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : apt vulnerability (USN-3156-1): Update the affected apt package. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxcursor vulnerability (USN-3501-1): Update the affected libxcursor1 package. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : augeas vulnerability (USN-3400-1): Update the affected augeas-tools and / or libaugeas0 packages. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : bluez vulnerability (USN-3413-1) (BlueBorne): Update the affected bluez and / or libbluetooth3 packages. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : db5.3 vulnerability (USN-3489-1): Update the affected db5.3-util and / or libdb5.3 packages. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : python2.7 vulnerability (USN-3496-1): Update the affected python2.7 and / or python2.7-minimal packages. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : python3.4, python3.5 vulnerability (USN-3496-3): Update the affected packages. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : libgcrypt11, libgcrypt20 vulnerability (USN-3689-1): Update the affected libgcrypt11 and / or libgcrypt20 packages. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : sensible-utils vulnerability (USN-3584-1): Update the affected sensible-utils package. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : sharutils vulnerability (USN-3605-1): Update the affected sharutils package. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : wayland vulnerability (USN-3622-1): Update the affected packages. 1 1
Ubuntu 14.04 LTS / 16.04 LTS : twisted vulnerability (USN-3585-1): Update the affected packages. 1 1
Ubuntu 14.04 LTS : lcms2 vulnerability (USN-2961-1): Update the affected liblcms2-2 and / or liblcms2-utils packages. 1 1
Ubuntu 14.04 LTS : libffi vulnerability (USN-3454-1) (Stack Clash): Update the affected libffi6 package. 1 1
Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : ca-certificates update (USN-3432-1): Update the affected ca-certificates package. 0 1
© 2018 Tenable™, Inc. All rights reserved.