Tenable Network Security Podcast Episode 148 - "vCenter Nessus Support, Samsung Firmware Backdoor"

Announcements

• We're hiring! - Visit the Tenable website for more information about open positions.
• Check out our video channel on YouTube which contains new Nessus and SecurityCenter 4 tutorials.
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
• Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
• You can subscribe to the Tenable Network Security Podcast on iTunes!

New & Notable Plugins

Nessus

• VMware vCenter Data Collection - vCenter allows you to manage multiple virtual host systems in the enterprise.
• VMware vCenter SOAP API Settings
• IOServer XML Server URI Directory Traversal Arbitrary File Access
• Symantec Mail Security Autonomy Verity Keyview Filter Vulnerabilities (SYM12-018) - Send an "evil" attachment and potentially crash or compromise the email gateway -- nice for attackers, not-so-nice for administrators.
• Symantec Messaging Gateway 9.5.x Multiple Vulnerabilities (SYM12-018)
• RT < 3.8.15 / 4.0.8 Vulnerabilities - RT is some really neat request tracking software, supposed to work very well too.
• Wordfence Plugin for WordPress email Parameter XSS - So, kind of not news, but there is a vulnerability in a WordPress plugin. However, this one is ironic because Wordfence is, according to their website, "the best WordPress security plugin in the business."
• IrfanView < 4.35 Multiple Heap-Based Buffer Overflows
• SSL Certificate Signed with the Compromised Fortigate Key - I hate it when this happens: "The SSL certificate for this service was signed by a certificate authority (CA) whose private key has been compromised."
• Dell OpenManage Server Administrator omalogin.html DOM-based XSS
• IBM WebSphere Application Server 8.5 < Fix Pack 1 Multiple Vulnerabilities
• Wing FTP Server Multiple ZIP Commands Parsing Remote DoS
• Novell File Reporter Agent FSFUI UICMD 126 Arbitrary File Download
• Apache Tomcat 7.0.x < 7.0.28 Header Parsing Remote Denial of Service
• Apache Tomcat 5.5.x < 5.5.36 DIGEST Authentication Multiple Security Weaknesses
• Apache Tomcat 6.0.x < 6.0.36 Vulnerabilities
• Apache Tomcat 7.0.x < 7.0.30 DIGEST Authentication Multiple Security Weaknesses
• Novell Sentinel Log Manager Authentication Bypass
• NetIQ Privileged User Manager Default Admin Password
• NetIQ Privileged User Manager Password Change Authentication Bypass
• NetIQ Privileged User Manager ldapagnt_eval() Function Remote Code Execution
• Google Chrome < 23.0.1271.91 Vulnerabilities
• Opera < 12.11 Vulnerabilities
• Firefox 10.x < 10.0.11 Vulnerabilities
• Firefox 16.x Vulnerabilities
• Firefox 10.x < 10.0.11 Vulnerabilities (Mac OS X)
• Firefox 16.x Vulnerabilities (Mac OS X)
• Thunderbird 10.x < 10.0.11 Vulnerabilities (Mac OS X)
• Thunderbird 16.x Vulnerabilities (Mac OS X)
• Mozilla Thunderbird 10.x < 10.0.11 Vulnerabilities
• Mozilla Thunderbird 16.x Vulnerabilities
• SeaMonkey 2.13.x Vulnerabilities
• Bugzilla < 3.6.12 / 4.0.9 / 4.2.4 / 4.4rc1 Vulnerabilities

Passive Vulnerability Scanner

• Opera < 12.11 Multiple Vulnerabilities
• Apache Tomcat 7.0.x < 7.0.28 Header Parsing Remote Denial of Service
• Apache Tomcat 7.0.x < 7.0.30 DIGEST Authentication Multiple Security Weaknesses
• Mac OS X : Safari < 6.0.2 Multiple Vulnerabilities

SecurityCenter Reports

• Exploitable Systems Report

Stories

• Samsung printers contain hidden, hard-coded management account
• Antivirus software a waste of money for businesses, report suggests
• The cybersecurity needs of the borderless enterprise
• Thanksgiving SCADA Bug Hunt
• What you don't know about passwords might hurt you
• Hotel blames burglaries on hacked Onity card locks