1 2 3 4 5 6 7 8 9 10
Third-Party-Whitepapers_Icon datasheet smart-tv white-papers videos tech-notes solution-briefs infographics case-studies brochures awards reviews podcasts guides

Forescout

Dec 23, 2020

OTSEC-2020-003 is now available!

Security update OTSEC-2020-003 is available for SilentDefense 4.1.x and eyeInspect 4.2.x deployments on Ubuntu. This security update fixes multiple CVE vulnerabilities

What’s New

Download this update to fix the following vulnerabilities:

  • High Severity:
    • 142731- Intel Microcode vulnerabilities (USN-4628-1)
      • CVE-2020-8695
      • CVE-2020-8696
      • CVE-2020-8698
    • 134856 – vim vulnerabilities (USN-4309-1)
      • CVE-2017-1110
      • CVE-2017-11109
      • CVE-2017-5953
      • CVE-2017-6349
      • CVE-2017-6350
      • CVE-2018-20786
      • CVE-2019-20079
    • 134039 – rsync vulnerabilities (USN-4292-1)
      • CVE-2016-9840
      • CVE-2016-9841
      • CVE-2016-9842
      • CVE-2016-9843
    • 133291 – tcpdump vulnerabilities (USN-4252-1)
      • CVE-2017-16808
      • CVE-2018-10103
      • CVE-2018-10105
      • CVE-2018-14461
      • CVE-2018-14462
      • CVE-2018-14463
      • CVE-2018-14464
      • CVE-2018-14465
      • CVE-2018-14466
      • CVE-2018-14467
      • CVE-2018-14468
      • CVE-2018-14469
      • CVE-2018-14470
      • CVE-2018-14879
      • CVE-2018-14880
      • CVE-2018-14881
      • CVE-2018-14882
      • CVE-2018-16227
      • CVE-2018-16228
      • CVE-2018-16229
      • CVE-2018-16230
      • CVE-2018-16300
      • CVE-2018-16451
      • CVE-2018-16452
      • CVE-2018-19519
      • CVE-2019-1010220
      • CVE-2019-15166
      • CVE-2019-15167
    • 140450 – Linux kernel vulnerability (USN-4489-1)
      • CVE-2020-14386
    • 137043 – ca-certificates update (USN-4377-1)
    • 136692 – json-c regression (USN-4360-2)
    • 139724 – curl vulnerability (USN-4466-1)
      • CVE-2020-8231
    • GnuTLS update (USN-4233-2)
    • 136604 – file regression (USN-3911-2)
  • Medium Severity:
    • 136964 – json-c vulnerability (USN-4360-4)
      • CVE-2020-12762
    • 134663 – ICU vulnerability (USN-4305-1)
      • CVE-2020-10531
    • 141448 – Linux kernel vulnerabilities (USN-4578-1)
      • CVE-2018-10322
      • CVE-2019-19448
      • CVE-2020-14314
      • CVE-2020-16119
      • CVE-2020-16120
      • CVE-2020-25212
      • CVE-2020-26088
    • 51192 – SSL Certificate Cannot Be Trusted
    • 57582 – SSL Self-Signed Certificate
    • 142865 – OpenJDK regressions (USN-4607-2)
      • CVE-2020-14779
      • CVE-2020-14781
      • CVE-2020-14782
      • CVE-2020-14792
      • CVE-2020-14796
      • CVE-2020-14797
      • CVE-2020-14798
      • CVE-2020-14803
    • 133352 – Cyrus SASL vulnerability (USN-4256-1)
      • CVE-2019-19906
    • 133646 – libxml2 vulnerabilities (USN-4274-1)
      • CVE-2019-19956
      • CVE-2020-7595
    • 142967 – Kerberos vulnerability (USN-4635-1)
      • CVE-2020-28196
    • 142368 – python-cryptography vulnerability (USN-4613-1)
      • CVE-2020-25659
    • 137556 – DBus vulnerability (USN-4398-1)
      • CVE-2020-12049
    • 133225 – e2fsprogs vulnerability (USN-4249-1)
      • CVE-2019-5188
    • 133449 – sudo vulnerability (USN-4263-1)
      • CVE-2019-18634
    • 133523 – systemd vulnerabilities (USN-4269-1)
      • CVE-2018-16888
      • CVE-2019-20386
      • CVE-2019-3843
      • CVE-2019-3844
      • CVE-2020-1712
    • 139848 – PostgreSQL vulnerabilities (USN-4472-1)
      • CVE-2020-14349
      • CVE-2020-14350
    • 140266 – libx11 vulnerabilities (USN-4487-1)
      • CVE-2020-14344
      • CVE-2020-14363
    • 137353 – SQLite vulnerabilities (USN-4394-1)
      • CVE-2018-8740
      • CVE-2019-19603
      • CVE-2019-19645
      • CVE-2020-11655
      • CVE-2020-13434
      • CVE-2020-13435
      • CVE-2020-13630
      • CVE-2020-13631
      • CVE-2020-13632
    • 139369 – Apport vulnerabilities (USN-4449-1)
      • CVE-2020-11936
      • CVE-2020-15701
      • CVE-2020-15702
    • 136608 – APT vulnerability (USN-4359-1)
      • CVE-2020-3810
    • 141615 – FreeType vulnerability (USN-4593-1)
      • CVE-2020-15999
    • 136400 – linux-firmware vulnerability (USN-4351-1)
      • CVE-2018-5383
    • 142371 – AccountsService vulnerabilities (USN-4616-1)
      • CVE-2018-14036
      • CVE-2020-16126
      • CVE-2020-16127
    • 142966 – OpenLDAP vulnerabilities (USN-4634-1)
      • CVE-2020-25709
      • CVE-2020-25710
    • 142968 – PostgreSQL vulnerabilities (USN-4633-1)
      • CVE-2020-25694
      • CVE-2020-25695
      • CVE-2020-25696
    • 141177 – urllib3 vulnerability (USN-4570-1)
      • CVE-2020-26137

Supported Versions

OTSEC-2020-003 can be applied to:

  • SilentDefense version 4.1.x and eyeInspect 4.2.x , for deployments on Ubuntu.
    This update does not cover the monitoring Sensor as an appliance on CentOS.

Availability

eyeInspect Users:

Download the modules and related documentation from the Downloads / Resources section of the OT Customer portal, https://portal.secmatters.com/.

FLEXX and PAL Users can download eyeInspect artifacts from their portals:

Back to Resources
Announcement Archive

Contact Us

Toll-Free (US): 1-866-377-8771
Tel (Intl): +1-408-213-3191
Support: +1-708-237-6591

Headquarters
190 W Tasman Dr.
San Jose, CA, USA 95134

Also of Interest