Tenable Network Security Podcast Episode 146 - "Is AV Dead?, Auditing Firewalls"

Announcements

• Tech Check for 11-12-12 on WYPR's Maryland Morning
• Tenable Network Security Awarded Common Criteria Certification for Continuous Monitoring Platform
• Tenable Network Security Caps Momentous Year With Deloitte Technology Fast 500 Recognition - With 552% growth over the last five years, Tenable was ranked 171st on the list overall and listed as the 9th fastest-growing company locally.
• We're hiring! - Visit the Tenable website for more information about open positions.
• Check out our video channel on YouTube which contains new Nessus and SecurityCenter 4 tutorials.
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
• Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
• You can subscribe to the Tenable Network Security Podcast on iTunes!

New & Notable Plugins

Nessus

• Opera < 12.10 Multiple Vulnerabilities
• Oracle Forms Recognition Multiple ActiveX Control Arbitrary File Overwrite Vulnerabilities
• Adobe AIR 3.x <= 3.4.0.2710 Multiple Vulnerabilities (APSB12-24)
• Flash Player <= 10.3.183.29 / 11.4.402.287 Multiple Vulnerabilities (APSB12-24)
• Adobe AIR for Mac 3.x <= 3.4.0.2710 Multiple Vulnerabilities (APSB12-24)
• Flash Player for Mac <= 10.3.183.29 / 11.4.402.287 Multiple Vulnerabilities (APSB12-24)
• Google Chrome < 23.0.1271.64 Multiple Vulnerabilities
• QuickTime < 7.7.3 Multiple Vulnerabilities (Windows)
• SolarWinds Orion NPM < 9.5 Login.asp Blind SQL Injection
• Traq admincp/common.php authenticate() Function Authentication Bypass Remote Code Execution

Passive Vulnerability Scanner

• Google Chrome < 23.0.1271.64 Multiple Vulnerabilities
• Apple iOS < 6.0.1 Multiple Vulnerabilities

Compliance Audit Checks

• Auditing Check Point GAiA Configuration Compliance
• Auditing Juniper Junos Configuration Compliance
• New CIS Debian Linux Audit Policy

Stories

• Hack.me – Build, Host & Share Vulnerable Web Application Code - Looks like a pretty neat free service to let you practice web application scanning. I cannot stress this enough, the best way to learn how to find web application vulnerabilities is just to dive in and do it. Practice makes (almost) perfect. While applications are very different, the techniques to find vulnerabilities only vary slightly.
• Side-Channel Attack Steals Crypto Key from Co-Located Virtual Machines - Don't go running to pull all of your systems and applications out of the cloud just yet. This represents a highly-sophisticated attack at the moment, but one you should be aware of if you're using cloud services and/or virtualization, which at this point, is everyone.
• Apple's iOS 6.0.1 still has Wi-Fi bugs - The real kicker here is that if you don't upgrade to 6.0.1, you'll miss out on security fixes. If you do upgrade, you may experience severe problems with your Wi-Fi. Try to be secure all you want, function will win over security every time.
• Cisco TACACS+ Authentication Bypass - It's always fun to actually dig into the details of a given vulnerability to see what it's all about. If it's your job to evaluate risk of the vulnerabilities affecting your organization, you've got a heavy dose of reading to do on a regular basis. I dug into this one and found that if you're using TACACS+ in conjunction with LDAP on Cisco ACS platform, an attacker can do this: "…exploit this vulnerability by sending a special sequence of characters when prompted for the user password." That means there's a "magic" password. Any guesses as to what that value could be? 1-2-3-4 anyone?
• Is AV Dead? - "I just think it's lazy developers." This is a very light-hearted look at the problem of AV software and a bit about malware. "The world isn't just black and white anymore. But it's all binary…"
• One in four don't clean their stinky old browsers - especially Firefoxers - Keep in mind where the study comes from: "The statistics were drawn from the web usage patterns of 10 million randomly selected Kaspersky Lab consumer customers worldwide, collected during August 2012. The data from business customers does not feature in the study." Your job this holiday season is to convert grandma from Firefox to Chrome and teach her how to keep it updated...
• Antivirus Firm Founder John McAfee Accused of Murder, Says He's Innocent - I couldn't not talk about this story, it's the headline of the week for sure. Seems like John is a pretty eccentric guy, and I'm not sure you can believe everything you hear about this story as the facts change daily. However, sounds like he has a chemistry hobby that got out of control...
• A history of hacking: Documentary captures essence of Def Con - Can't wait to see this one, the culture of hackers always makes for great fun!
• Microsoft Updates November 2012 - IE, Kernel+Shell, and .NET Critical Patches - Microsoft updates this week, as usual, get patching…All plugins for the vulnerabilities are in the plugin feed.