Tenable Network Security Podcast Episode 175 - "Modifying Vulnerability Scan Results Post Scan, Old Vulnerabilities"
Announcements
- We're hiring! - Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Discussion & Highlighted Plugins
Modifying Vulnerability Scan Results Post Scan
- A new Nessus feature allows end users to apply rules to vulnerability scan results and modify them after the scan has completed. This is an extremely useful feature, as severity, at its core, is specific to each organization. Also, as I've found over the years, exploitability is dependent on many things. Adjusting the results accordingly is a useful tool, how do you see end users taking advantage of this new feature?
Old Vulnerabilities
- A new SecurityCenter dashboard was released which allows you to view vulnerabilities older than 30 days. While this can help enforce your patching policies, it's typically the older vulnerabilities that could have the most impact. Often, it takes some time to be able to exploit a vulnerability reliably. Have you looked at vulnerabilities older than a year? How about two years? This query can also help identify machines that have fallen out of the patching process, and it's these systems that can often pose the most risk to security breaches.
Detecting Devices
- While much of the focus in IT is getting Windows systems and major applications patched, this leaves the smaller things vulnerable. Several new plugins for PVS were added allowing you to detect different types of devices. What's the risk? A great example is a multi-function printer. Most folks don't pay much attention, however, people are faxing/scanning/printing sensitive documents all the time. Some devices keep a record of everything going through the device, and with open shares and default password rampant on these systems, it can lead to data leakage.
New & Notable Plugins
Nessus
General
- Novell ZENworks Configuration Management < 11.2.3a Monthly Update 1 Multiple Vulnerabilities (credentialed check)
- Novell ZENworks Control Center File Upload Remote Code Execution (intrusive check)
- Novell ZENworks Configuration Console Login.jsp language Parameter XSS
- Google SketchUp < 8.0.11752 MAC Pict Buffer Overflow
- Google SketchUp < 13.0.3689 SKP Multiple Vulnerabilities
- Symantec Endpoint Protection Manager < 12.1 RU3 (SYM13-005) (credentialed check)
- Mac OS X : Java for Mac OS X 10.6 Update 16
- Mac OS X : Java for OS X 2013-004
- Google Chrome < 27.0.1453.116 Flash Click-Jacking
- Apache Struts2 OGNL Expression Handling Double Evaluation Error Remote Command Execution
- Oracle Java SE Multiple Vulnerabilities (June 2013 CPU)
- Gallery 3.0.x < 3.0.8 Multiple XSS
- Apache Struts2 Crafted Parameter Arbitrary OGNL Expression Remote Command Execution
- IBM Notes 8.x < 8.5.3 IF4 HF2 / 9.x < 9.0 IF2 Code Execution
- IBM Notes 8.5 < 8.5.3 IF4 HF2 / 9.0 < 9.0 IF2 Password Disclosure
- Oracle Java SE Multiple Vulnerabilities (June 2013 CPU) (Unix)
- Post-Scan Rules Application
- FreeBSD : phpMyAdmin -- Global variable scope injection (1b93f6fe-e1c1-11e2-948d-6805ca0b3d42)
Passive Vulnerability Scanner
Vulnerability Detection
- Oracle Java SE Multiple Vulnerabilities (June 2013 CPU Update)
- Google Chrome < 27.0.1453.116 Flash Click-Jacking
- Symantec Endpoint Protection Manager < 12.1 RU3 (SYM13-005)
- Mozilla Thunderbird < 17.0.7 Multiple Vulnerabilities
- Sybase EAServer 6.3.1 < 6.3.1.07 Build 63107 / 6.2 < 6.2.0.12 Build 62012 Multiple Vulnerabilities
General Detection
SecurityCenter Dashboards and Report Templates
Security News Stories
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
November 22, 2024Don’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against cyberattacks.
Active Directory Under Attack: Five Eyes Guidance Targets Crucial Security Gaps
November 21, 2024A landmark global report from cybersecurity agencies emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the first of our two-part series, we offer five steps you can take today to shore up your AD defenses.
Five Cyber Agencies Sound Alarm About Active Directory Attacks: Beyond the Basics
November 21, 2024A landmark global report emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the second of our two-part series, we take you beyond the basics to highlight three key areas to focus on.
- Podcast