Tenable Network Security Podcast Episode 174 - "The Hostile Web, Vulnerability Management Tips"
Announcements
- We're hiring! - Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Discussion & Highlighted Plugins
The Web Is a Hostile Place
- Updates this week for several browser-based technologies including the browsers themselves (Internet Explorer, Google Chrome) and several Adobe Flash versions on multiple platforms. This is no different from most weeks, begging the question of how we keep our desktops safe when browsing the web. Joe McCray demonstrated an interesting attack where other client-side applications, such as VLC, can be exploited from a web browser. Which technologies and procedures must we employ to protect our user's desktops? For SecurityCenter customers, Tenable released the Desktop Application Vulnerability Dashboard, which helps customers get a handle on all the applications installed. What do we do with the information in this dashboard to be more effective at preventing desktops from becoming compromised?
Continuous Monitoring for Nessus Home Users
- We recently added the ability for Nessus scanners registered with HomeFeed to perform scheduled scans and have elegant summaries emailed to you. Previously, scheduled scanning with Nessus was limited to ProfessionalFeed and SecurityCenter. The combination of scan scheduling, email notifications, and remediation reports is beneficial to a home user with just a few computers all the way up to enterprises with thousands of desktops.
Vulnerability Management Key Points
- Ron Gula and I provided recommendations for improved vulnerability management, including scanning more often and tips for presenting to management. What are the highlights of this subject, and what can users take back to their environments to be more effective?
New & Notable Plugins
Nessus
General
- XnView 2.x < 2.03 Multiple Buffer Overflow Vulnerabilities
- Cisco Prime Network Control System Version
- Cisco Prime Network Control System Default Credentials (cisco-sa-20130410-ncs)
- Plone PloneFormGen Unspecified Arbitrary Code Execution
- MS13-047: Cumulative Security Update for Internet Explorer (2838727)
- MS13-048: Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)
- MS13-049: Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690)
- MS13-050: Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894)
- MS13-051: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571)
- MS13-051: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571) (Mac OS X)
- MS KB2813430: Update to Improve Cryptography and Digital Certificate Handling in Windows
- MS KB2847928: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
- Adobe AIR <= 3.7.0.1860 Memory Corruption (APSB13-16)
- Flash Player <= 10.3.183.86 / 11.7.700.202 Memory Corruption (APSB13-16)
- Adobe AIR for Mac <= 3.7.0.1860 Memory Corruption (APSB13-16)
- Flash Player for Mac <= 10.3.183.86 / 11.7.700.203 Memory Corruption (APSB13-16)
- Microsoft Windows Kernel Win32k.sys PATHRECORD chain Multiple Vulnerabilities
- JBoss Enterprise Portal Platform 5.2.2 Security Update (RHSA-2013-0141)
- JBoss Enterprise Portal Platform GateIn Portal Security Update (RHSA-2013-0613)
- Wireshark 1.6.x < 1.6.16 Multiple DoS Vulnerabilities
- Wireshark 1.8.x < 1.8.8 Multiple Vulnerabilities
- VMware vCenter Chargeback Manager Installed
- VMware vCenter Chargeback Manager Remote Code Execution (VMSA-2013-0008)
- Jenkins < 1.514 / 1.509.1 and Jenkins Enterprise 1.466.x / 1.480.x < 1.466.14.1 / 1.480.4.1 Multiple Vulnerabilities
- VMware vCenter Update Manager Detection (credentialed)
- VMware vCenter Update Manager Multiple Vulnerabilities (VMSA-2012-0013)
Passive Vulnerability Scanner
Vulnerability Detection
- OpenSSL < 0.9.8y / 1.0.1d / 1.0.0k Multiple Vulnerabilities
- Adobe AIR <= 3.7.0.1860 Memory Corruption (APSB13-16)
- Flash Player <= 10.3.183.86 / 11.7.700.202 Memory Corruption (APSB13-16)
- OID parsing
- OID parsing
- SIEMENS telnet server detection
- Google Chrome for iOS < 26.0.1410.53 Multiple Vulnerabilities
SecurityCenter Dashboards and Report Templates
Security News Stories
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Active Directory Under Attack: Five Eyes Guidance Targets Crucial Security Gaps
November 21, 2024A landmark global report from cybersecurity agencies emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the first of our two-part series, we offer five steps you can take today to shore up your AD defenses.
Five Cyber Agencies Sound Alarm About Active Directory Attacks: Beyond the Basics
November 21, 2024A landmark global report emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the second of our two-part series, we take you beyond the basics to highlight three key areas to focus on.
Volt Typhoon: What State and Local Government Officials Need to Know
November 19, 2024Increased activity from the state-sponsored threat group Volt Typhoon raises concerns about the cybersecurity of U.S. critical infrastructure. Here’s how you can identify potential exposures and attack paths.
- Podcast