Tenable Network Security Podcast Episode 155 - "Patch Management Conflict Auditing"

Announcements

• Video: Nessus Patch Management Integration
• Video: Introduction to the Nessus Vulnerability Scanner
• Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials.
• We're hiring! - Visit the Tenable website for more information about open positions.
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
• Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
• You can subscribe to the Tenable Network Security Podcast on iTunes!

New & Notable Plugins

Nessus

Web Application-related Plugins:

• Horde IMP js/compose-dimp.js XSS
• MoinMoin twikidraw.py Traversal File Upload Arbitrary File Overwrite
• Adobe ColdFusion Unspecified DoS (APSB12-21) (credentialed check)
• Adobe ColdFusion Unspecified Sandbox Bypass (APSB12-26) (credentialed check)
• Drupal 6.x < 6.28 / 7.x < 7.19 Multiple Vulnerabilities
• Floating Social Media Links Plugin for WordPress wpp Parameter Remote File Inclusion
• WebYaST Host Modification MiTM
• Portable phpMyAdmin Plugin for WordPress wp-pma-mod Authentication Bypass
• Adobe ColdFusion 10 on IIS Unspecified DoS (APSB12-25) (credentialed check)
• Browser Rejector Plugin for WordPress wppath Parameter Remote File Inclusion
• Forums Plugin for WordPress url Parameter Arbitrary File Disclosure
• Google Doc Embedder Plugin for WordPress File Parameter Traversal Arbitrary File Disclosure

Various Plugins:

• Apache CouchDB < 1.0.4 / 1.1.2 / 1.2.1 Multiple Vulnerabilities
• MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220) (uncredentialed check)
• Cisco ASA 1000V H.323 Inspection DoS
• Google Chrome < 24.0.1312.56 Multiple Vulnerabilities
• Samsung Kies SyncService ActiveX PrepareSync() Buffer Overflow
• NetIQ Privileged User Manager regclnt.dll Directory Traversal

Virtualization Plugins:

• Oracle VM VirtualBox Core Subcomponent < 4.0.18 / 4.1.24 / 4.2.6 Local Issue
• VMware View Server Unsupported Version Detection
• VMware View Multiple Vulnerabilities (VMSA-2012-0004)
• VMware View Server Directory Traversal Vulnerability (VMSA-2012-0017)

Passive Vulnerability Scanner

• PHP 5.3.x < 5.3.21 cuRL X.509 Certificate Domain Name Matching MiTM Weakness
• PHP 5.4.x < 5.4.11 cURL X.509 Certificate Domain Name Matching MiTM Weakness
• Google Chrome < 24.0.1312.56 Multiple Vulnerabilities
• MySQL Server 5.1.x < 5.1.67 Multiple Vulnerabilities
• MySQL Server 5.5.x < 5.5.29 Multiple Vulnerabilities
• Windows 8 App Store Access
• Windows 8 App Store Download Detected
• Windows 8 Tile Services Detection

Nessus Configuration and Compliance Checks

Nessus ProfessionalFeed and SecurityCenter customers can download compliance checks from the Tenable Support Portal.

• Tivoli Enterprise Manager Server and Client Audits - These audit files verify most of the recommended settings that should be reviewed on a TEM Server, Relay Server, or Client install. They include checks for versions, required service status, directory paths, and URLs. Other checks verify the configuration for users, password parameters, the TEM required services, and file permissions. Where appropriate, the checks have the ability to be customized to the specific requirements of the local environment.

Stories

1. PSA: Don’t upload your important passwords to GitHub | Ars Technica
2. Scripts and Picks: Command Execution on Shoretel Mobility Router
3. RaiderSec: Wireless "Deauth" Attack using Aireplay-ng, Python, and Scapy
4. Hackers drop rogue Apache modules and SSH backdoors on web servers
5. Anons hack Asteroids into US DoJ website in Swartz death protest
6. 'Cyber 9/11' may be on horizon, Homeland Security chief warns
7. Oracle will continue to bundle 'crapware' with Java
8. Avoid the Landmine That is Hacking Back