Tenable Network Security Podcast Episode 175 - "Modifying Vulnerability Scan Results Post Scan, Old Vulnerabilities"
Announcements
- We're hiring! - Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Discussion & Highlighted Plugins
Modifying Vulnerability Scan Results Post Scan
- A new Nessus feature allows end users to apply rules to vulnerability scan results and modify them after the scan has completed. This is an extremely useful feature, as severity, at its core, is specific to each organization. Also, as I've found over the years, exploitability is dependent on many things. Adjusting the results accordingly is a useful tool, how do you see end users taking advantage of this new feature?
Old Vulnerabilities
- A new SecurityCenter dashboard was released which allows you to view vulnerabilities older than 30 days. While this can help enforce your patching policies, it's typically the older vulnerabilities that could have the most impact. Often, it takes some time to be able to exploit a vulnerability reliably. Have you looked at vulnerabilities older than a year? How about two years? This query can also help identify machines that have fallen out of the patching process, and it's these systems that can often pose the most risk to security breaches.
Detecting Devices
- While much of the focus in IT is getting Windows systems and major applications patched, this leaves the smaller things vulnerable. Several new plugins for PVS were added allowing you to detect different types of devices. What's the risk? A great example is a multi-function printer. Most folks don't pay much attention, however, people are faxing/scanning/printing sensitive documents all the time. Some devices keep a record of everything going through the device, and with open shares and default password rampant on these systems, it can lead to data leakage.
New & Notable Plugins
Nessus
General
- Novell ZENworks Configuration Management < 11.2.3a Monthly Update 1 Multiple Vulnerabilities (credentialed check)
- Novell ZENworks Control Center File Upload Remote Code Execution (intrusive check)
- Novell ZENworks Configuration Console Login.jsp language Parameter XSS
- Google SketchUp < 8.0.11752 MAC Pict Buffer Overflow
- Google SketchUp < 13.0.3689 SKP Multiple Vulnerabilities
- Symantec Endpoint Protection Manager < 12.1 RU3 (SYM13-005) (credentialed check)
- Mac OS X : Java for Mac OS X 10.6 Update 16
- Mac OS X : Java for OS X 2013-004
- Google Chrome < 27.0.1453.116 Flash Click-Jacking
- Apache Struts2 OGNL Expression Handling Double Evaluation Error Remote Command Execution
- Oracle Java SE Multiple Vulnerabilities (June 2013 CPU)
- Gallery 3.0.x < 3.0.8 Multiple XSS
- Apache Struts2 Crafted Parameter Arbitrary OGNL Expression Remote Command Execution
- IBM Notes 8.x < 8.5.3 IF4 HF2 / 9.x < 9.0 IF2 Code Execution
- IBM Notes 8.5 < 8.5.3 IF4 HF2 / 9.0 < 9.0 IF2 Password Disclosure
- Oracle Java SE Multiple Vulnerabilities (June 2013 CPU) (Unix)
- Post-Scan Rules Application
- FreeBSD : phpMyAdmin -- Global variable scope injection (1b93f6fe-e1c1-11e2-948d-6805ca0b3d42)
Passive Vulnerability Scanner
Vulnerability Detection
- Oracle Java SE Multiple Vulnerabilities (June 2013 CPU Update)
- Google Chrome < 27.0.1453.116 Flash Click-Jacking
- Symantec Endpoint Protection Manager < 12.1 RU3 (SYM13-005)
- Mozilla Thunderbird < 17.0.7 Multiple Vulnerabilities
- Sybase EAServer 6.3.1 < 6.3.1.07 Build 63107 / 6.2 < 6.2.0.12 Build 62012 Multiple Vulnerabilities
General Detection
SecurityCenter Dashboards and Report Templates
Security News Stories
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Podcast