SCAP Feed Release Update: 11-Sep-2014

  • Post author:
  • Reading time:23 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management solution.

Also, a patch management tool can patch these vulnerabilities.

oval:org.secpod.oval:def:21088 CVE-2014-4070, Cross-site scripting (XSS) vulnerability in Lync Server
oval:org.secpod.oval:def:21089 cpe:/a:microsoft:lync_server:2010, Microsoft Lync Server 2010 is installed
oval:org.secpod.oval:def:21090 CVE-2014-4071, Denial of service vulnerability in Lync Server
oval:org.secpod.oval:def:21091 CVE-2014-4068, Denial of service vulnerability in Lync Server
oval:org.secpod.oval:def:21092 CVE-2014-4068,
CVE-2014-4070,
CVE-2014-4071,
MS14-055,
Multiple vulnerabilities in Lync Server – MS14-055
oval:org.secpod.oval:def:21095 CVE-2014-4072, Denial of service vulnerability in .NET Framework via crafted requests
oval:org.secpod.oval:def:21094 CVE-2014-4072,
MS13-053,
Vulnerabilities in .NET Framework could allow denial of service – MS14-053
oval:org.secpod.oval:def:21093 cpe:/a:microsoft:.net_framework:4.5:sp2, Microsoft .NET Framework 4.5 SP2 is installed
oval:org.secpod.oval:def:501371 CVE-2013-4115,
CVE-2014-3609,
RHSA-2014:1148-01,
RHSA-2014:1148-01 — Redhat squid
oval:org.secpod.oval:def:501372 CVE-2014-1562,
CVE-2014-1567,
RHSA-2014:1145-01,
RHSA-2014:1145-01 — Redhat thunderbird
oval:org.secpod.oval:def:501373 CVE-2012-6153,
CVE-2014-3577,
RHSA-2014:1146-01,
RHSA-2014:1146-01 — Redhat httpcomponents-client
oval:org.secpod.oval:def:501374 CVE-2014-3609,
RHSA-2014:1147-01,
RHSA-2014:1147-01 — Redhat squid
oval:org.secpod.oval:def:501375 CVE-2014-1562,
CVE-2014-1567,
RHSA-2014:1144-01,
RHSA-2014:1144-01 — Redhat firefox, xulrunner
oval:org.secpod.oval:def:501376 CVE-2014-3917,
RHSA-2014:1143-01,
RHSA-2014:1143-01 — Redhat kernel
oval:org.secpod.oval:def:1500693 CVE-2014-1562,
CVE-2014-1567,
ELSA-2014-1144,
ELSA-2014-1144 — Oracle firefox_xulrunner
oval:org.secpod.oval:def:1500694 CVE-2014-1562,
CVE-2014-1567,
ELSA-2014-1144,
ELSA-2014-1144 — Oracle firefox
oval:org.secpod.oval:def:1500695 CVE-2013-4115,
CVE-2014-3609,
ELSA-2014-1148,
ELSA-2014-1148 — Oracle squid
oval:org.secpod.oval:def:1500696 CVE-2014-1562,
CVE-2014-1567,
ELSA-2014-1145,
ELSA-2014-1145 — Oracle thunderbird
oval:org.secpod.oval:def:1500697 CVE-2014-3609,
ELSA-2014-1147,
ELSA-2014-1147 — Oracle squid
oval:org.secpod.oval:def:1500698 CVE-2014-1562,
CVE-2014-1567,
ELSA-2014-1144,
ELSA-2014-1144 — Oracle firefox
oval:org.secpod.oval:def:1500700 CVE-2013-4115,
CVE-2014-3609,
ELSA-2014-1148,
ELSA-2014-1148 — Oracle squid
oval:org.secpod.oval:def:1500701 CVE-2014-3577,
ELSA-2014-1146,
ELSA-2014-1146 — Oracle httpcomponents-client
oval:org.secpod.oval:def:702180 CVE-2014-3618,
USN-2340-1,
USN-2340-1 — procmail vulnerability
oval:org.secpod.oval:def:702184 CVE-2014-5461,
USN-2338-1,
USN-2338-1 — lua vulnerability
oval:org.secpod.oval:def:702185 CVE-2014-1553,
CVE-2014-1554,
CVE-2014-1562,
CVE-2014-1563,
CVE-2014-1564,
CVE-2014-1565,
CVE-2014-1567,
USN-2329-1,
USN-2329-1 — firefox vulnerabilities
oval:org.secpod.oval:def:702187 CVE-2014-5270,
USN-2339-2,
USN-2339-2 — libgcrypt vulnerability
oval:org.secpod.oval:def:702188 CVE-2014-5270,
USN-2339-1,
USN-2339-1 — gnupg vulnerability
oval:org.secpod.oval:def:702190 CVE-2014-3524,
USN-2331-1,
USN-2331-1 — libreoffice vulnerability
oval:org.secpod.oval:def:702193 CVE-2014-3168,
CVE-2014-3169,
CVE-2014-3171,
CVE-2014-3173,
CVE-2014-3174,
CVE-2014-3175,
USN-2326-1,
USN-2326-1 — oxide vulnerabilities
oval:org.secpod.oval:def:702194 CVE-2014-0155,
CVE-2014-0181,
CVE-2014-0206,
CVE-2014-4014,
CVE-2014-4027,
CVE-2014-4171,
CVE-2014-4508,
CVE-2014-4652,
CVE-2014-4653,
CVE-2014-4654,
CVE-2014-4655,
CVE-2014-4656,
CVE-2014-4667,
CVE-2014-5045,
USN-2337-1,
USN-2337-1 — linux-image
oval:org.secpod.oval:def:702195 CVE-2014-3917,
CVE-2014-4027,
CVE-2014-4171,
CVE-2014-4508,
CVE-2014-4652,
CVE-2014-4653,
CVE-2014-4654,
CVE-2014-4655,
CVE-2014-4656,
CVE-2014-4667,
CVE-2014-5077,
USN-2334-1,
USN-2334-1 — linux-image
oval:org.secpod.oval:def:702196 CVE-2014-0203,
CVE-2014-4508,
CVE-2014-4652,
CVE-2014-4653,
CVE-2014-4654,
CVE-2014-4655,
CVE-2014-4656,
CVE-2014-4667,
CVE-2014-5077,
USN-2333-1,
USN-2333-1 — linux-image
oval:org.secpod.oval:def:702197 CVE-2014-0155,
CVE-2014-0181,
CVE-2014-0206,
CVE-2014-4014,
CVE-2014-4027,
CVE-2014-4171,
CVE-2014-4508,
CVE-2014-4652,
CVE-2014-4653,
CVE-2014-4654,
CVE-2014-4655,
CVE-2014-4656,
CVE-2014-4667,
CVE-2014-5045,
USN-2336-1,
USN-2336-1 — linux-image
oval:org.secpod.oval:def:702198 CVE-2014-0203,
CVE-2014-4508,
CVE-2014-4652,
CVE-2014-4653,
CVE-2014-4654,
CVE-2014-4655,
CVE-2014-4656,
CVE-2014-4667,
CVE-2014-5077,
USN-2332-1,
USN-2332-1 — linux-image
oval:org.secpod.oval:def:702199 CVE-2014-3917,
CVE-2014-4027,
CVE-2014-4171,
CVE-2014-4652,
CVE-2014-4653,
CVE-2014-4654,
CVE-2014-4655,
CVE-2014-4656,
CVE-2014-4667,
CVE-2014-5077,
USN-2335-1,
USN-2335-1 — linux-image