Professional Documents
Culture Documents
Notes
11.0.300
Contact information
Contact Skybox using the form on our website or by emailing
info@skyboxsecurity.com
Customers and partners can contact Skybox technical support via the Skybox
Support portal
Contents
Introduction ........................................................................................... 4
Known limitations.................................................................................... 5
Removing old Nmap packages .................................................................... 5
Ensuring compliance with SSH Cryptographic Settings .................................. 6
Introduction
This document includes information about Skybox Appliance for Skybox version
11.0.300, including known limitations, supported issues fixed in this ISO, and
fixed vulnerabilities.
Unless otherwise noted, the information in this document is relevant to all
Skybox Appliances, including virtual Appliances.
Known limitations
› Skybox Appliance is not supported on IPv6-only networks; it requires an IPv4
address.
› In some older versions, it is not possible to run an operating system update
on the Appliance as skyboxview user.
Workaround:
1. Run the following command as the root user: usermod -a -G wheel
skyboxview
2. Reboot the machine.
› nmap-6.40-19.el7.x86_64
› nmap-ncat-6.40-19.el7.x86_64
These packages are vulnerable according to CVE-2018-15173 Nmap Denial Of
Service Vulnerability.
These packages are no longer required and are not included in the Appliance ISO
as of version 10.1.200.
Customers upgrading their Skybox appliance to version 10.1.200 (or later) using
the Appliance update patch will still have these vulnerable Nmap packages on
their system, as the patch does not remove any installed packages.
We strongly recommend that you remove these packages manually.
› Run the following command as the root user: yum erase nmap-ncat
Fixed vulnerabilities
The vulnerabilities in the following table, found in version 10.1.200, were fixed
for version 11.0.300.
CVE SBV-ID Exploit Severity Description
Status
CVE-2019-16746 SBV-107691 No Critical Linux Kernel <=5.2.17 Remote
Exploit Buffer Overflow Vulnerability -
CVE-2019-16746
CVE-2019-17666 SBV-108901 No High Linux Kernel<=5.3.6 Remote
Exploit Buffer Overflow Vulnerability -
CVE-2019-17666
CVE-2019-9503 SBV-102982 No High Linux Kernel Remote Code
Exploit Execution Vulnerability - CVE-
2019-9503
CVE-2019-11487 SBV-100812 Exploit High Linux Kernel <5.1-rc5 Local DoS
Available Vulnerability due to Overflow in
_refcount - CVE-2019-11487
CVE-2019-10639 SBV-103299 No High Linux Kernel Remote
Exploit Restrictions Bypass Vulnerability
- CVE-2019-10639
CVE-2019-15916 SBV-106962 No High Linux kernel <5.0.1 DoS
Exploit Vulnerability - CVE-2019-15916
CVE-2019-13233 SBV-103284 No High Linux Kernel 4.15 - 5.1.8 Local
Exploit Use After Free Vulnerability -
CVE-2019-13233
CVE-2019-14283 SBV-104529 No Medium Linux Kernel <5.2.3 Integer
Exploit Overflow and Out-of-Bounds
Read Vulnerability - CVE-2019-
14283
CVE-2018-20169 SBV-95403 No Medium Linux Kernel <4.19.9 Local
Exploit Unspecified Vulnerability - CVE-
2018-20169
CVE-2019-11135 SBV-109851 Exploit Medium Linux Kernel Local Information
Available Disclosure due to TSX
Asynchronous Abort in Intel
CPUs - CVE-2019-11135
CVE-2019-10638 SBV-103298 No Medium Linux kernel <5.1.7 Remote
Exploit Unspecified Vulnerability - CVE-
2019-10638
CVE-2019-19338 SBV-110834 No Medium Linux Kernel Incomplete Fix for
Exploit TAA Vulnerability Allows Local
Information Disclosure - CVE-
2019-19338