SCAP release September 2014

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management solution.

Also, a patch management tool can patch these vulnerabilities.

oval:org.secpod.oval:def:21088	CVE-2014-4070,	Cross-site scripting (XSS) vulnerability in Lync Server
oval:org.secpod.oval:def:21089	cpe:/a:microsoft:lync_server:2010,	Microsoft Lync Server 2010 is installed
oval:org.secpod.oval:def:21090	CVE-2014-4071,	Denial of service vulnerability in Lync Server
oval:org.secpod.oval:def:21091	CVE-2014-4068,	Denial of service vulnerability in Lync Server
oval:org.secpod.oval:def:21092	CVE-2014-4068, CVE-2014-4070, CVE-2014-4071, MS14-055,	Multiple vulnerabilities in Lync Server – MS14-055
oval:org.secpod.oval:def:21095	CVE-2014-4072,	Denial of service vulnerability in .NET Framework via crafted requests
oval:org.secpod.oval:def:21094	CVE-2014-4072, MS13-053,	Vulnerabilities in .NET Framework could allow denial of service – MS14-053
oval:org.secpod.oval:def:21093	cpe:/a:microsoft:.net_framework:4.5:sp2,	Microsoft .NET Framework 4.5 SP2 is installed
oval:org.secpod.oval:def:501371	CVE-2013-4115, CVE-2014-3609, RHSA-2014:1148-01,	RHSA-2014:1148-01 — Redhat squid
oval:org.secpod.oval:def:501372	CVE-2014-1562, CVE-2014-1567, RHSA-2014:1145-01,	RHSA-2014:1145-01 — Redhat thunderbird
oval:org.secpod.oval:def:501373	CVE-2012-6153, CVE-2014-3577, RHSA-2014:1146-01,	RHSA-2014:1146-01 — Redhat httpcomponents-client
oval:org.secpod.oval:def:501374	CVE-2014-3609, RHSA-2014:1147-01,	RHSA-2014:1147-01 — Redhat squid
oval:org.secpod.oval:def:501375	CVE-2014-1562, CVE-2014-1567, RHSA-2014:1144-01,	RHSA-2014:1144-01 — Redhat firefox, xulrunner
oval:org.secpod.oval:def:501376	CVE-2014-3917, RHSA-2014:1143-01,	RHSA-2014:1143-01 — Redhat kernel
oval:org.secpod.oval:def:1500693	CVE-2014-1562, CVE-2014-1567, ELSA-2014-1144,	ELSA-2014-1144 — Oracle firefox_xulrunner
oval:org.secpod.oval:def:1500694	CVE-2014-1562, CVE-2014-1567, ELSA-2014-1144,	ELSA-2014-1144 — Oracle firefox
oval:org.secpod.oval:def:1500695	CVE-2013-4115, CVE-2014-3609, ELSA-2014-1148,	ELSA-2014-1148 — Oracle squid
oval:org.secpod.oval:def:1500696	CVE-2014-1562, CVE-2014-1567, ELSA-2014-1145,	ELSA-2014-1145 — Oracle thunderbird
oval:org.secpod.oval:def:1500697	CVE-2014-3609, ELSA-2014-1147,	ELSA-2014-1147 — Oracle squid
oval:org.secpod.oval:def:1500698	CVE-2014-1562, CVE-2014-1567, ELSA-2014-1144,	ELSA-2014-1144 — Oracle firefox
oval:org.secpod.oval:def:1500700	CVE-2013-4115, CVE-2014-3609, ELSA-2014-1148,	ELSA-2014-1148 — Oracle squid
oval:org.secpod.oval:def:1500701	CVE-2014-3577, ELSA-2014-1146,	ELSA-2014-1146 — Oracle httpcomponents-client
oval:org.secpod.oval:def:702180	CVE-2014-3618, USN-2340-1,	USN-2340-1 — procmail vulnerability
oval:org.secpod.oval:def:702184	CVE-2014-5461, USN-2338-1,	USN-2338-1 — lua vulnerability
oval:org.secpod.oval:def:702185	CVE-2014-1553, CVE-2014-1554, CVE-2014-1562, CVE-2014-1563, CVE-2014-1564, CVE-2014-1565, CVE-2014-1567, USN-2329-1,	USN-2329-1 — firefox vulnerabilities
oval:org.secpod.oval:def:702187	CVE-2014-5270, USN-2339-2,	USN-2339-2 — libgcrypt vulnerability
oval:org.secpod.oval:def:702188	CVE-2014-5270, USN-2339-1,	USN-2339-1 — gnupg vulnerability
oval:org.secpod.oval:def:702190	CVE-2014-3524, USN-2331-1,	USN-2331-1 — libreoffice vulnerability
oval:org.secpod.oval:def:702193	CVE-2014-3168, CVE-2014-3169, CVE-2014-3171, CVE-2014-3173, CVE-2014-3174, CVE-2014-3175, USN-2326-1,	USN-2326-1 — oxide vulnerabilities
oval:org.secpod.oval:def:702194	CVE-2014-0155, CVE-2014-0181, CVE-2014-0206, CVE-2014-4014, CVE-2014-4027, CVE-2014-4171, CVE-2014-4508, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-5045, USN-2337-1,	USN-2337-1 — linux-image
oval:org.secpod.oval:def:702195	CVE-2014-3917, CVE-2014-4027, CVE-2014-4171, CVE-2014-4508, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-5077, USN-2334-1,	USN-2334-1 — linux-image
oval:org.secpod.oval:def:702196	CVE-2014-0203, CVE-2014-4508, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-5077, USN-2333-1,	USN-2333-1 — linux-image
oval:org.secpod.oval:def:702197	CVE-2014-0155, CVE-2014-0181, CVE-2014-0206, CVE-2014-4014, CVE-2014-4027, CVE-2014-4171, CVE-2014-4508, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-5045, USN-2336-1,	USN-2336-1 — linux-image
oval:org.secpod.oval:def:702198	CVE-2014-0203, CVE-2014-4508, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-5077, USN-2332-1,	USN-2332-1 — linux-image
oval:org.secpod.oval:def:702199	CVE-2014-3917, CVE-2014-4027, CVE-2014-4171, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-5077, USN-2335-1,	USN-2335-1 — linux-image

SCAP Feed Release Update: 11-Sep-2014

Subscribe to our Newsletter!