NeXpose Release February 7, 2011 (Content)

Document created by techeditor on Apr 7, 2011Last modified by techeditor on Nov 1, 2011
Version 2Show Document
  • View in full screen mode

This 2011-02-07 release is a content update.


  • Content updates include new checks for vulnerabilities, patch verification, and compliance with security policies.
  • Product updates include performance improvements, bug fixes, and new features.


Web scanning improvements

  • Web scans now detect flaws that make targets susceptible to OS command injection attacks. Such attacks could result in data loss or corruption, lack of accountability, or denial of access for trusted users. This improvement requires the most recent product update.
  • Eliminated false positives in checks for cross-site scripting vulnerabilities ensure more reliable, actionable data from Web scans.


New Oracle check
Eliminated false positives on patched Solaris

  • False positives have been eliminated for patched Solaris targets, giving you better overall information for prioritizing vulnerability remediation.


Corrected CVSS scores for certain Microsoft flaws

  • CVSS scores are now accurate for Microsoft vulnerabilities announced in MS09-061 and MS09-062 security bulletins, so that you can assess risk and prioritize remediation with more confidence.


Bi-monthly vulnerability check update

  • New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:
    o Adobe Flash
    o Adobe Reader
    o Apache
    o Apple QuickTime
    o CentOS
    o Cisco devices
    o Mozilla Firefox
    o OpenSSL
    o PHP
    o Red Hat Enterprise Linux
    o Solaris
    o VMware
    These checks help prevent security breaches that could allow hostile parties to take control of affected systems, gain access to confidential data, disrupt business operations, or cause other problems.


List of new checks

  • CESA-2011:0143: CentOS Linux Extended Update Support 5.3 - End Of Life
  • CESA-2011:0144: CentOS Linux Extended Update Support 5.4 6-Month EOL Notice
  • CESA-2011:0153: exim security update
  • CESA-2011:0154: hplip security update
  • CESA-2011:0162: kernel security and bug fix update
  • CESA-2011:0163: kernel security and bug fix update
  • CESA-2011:0170: libuser security update
  • CESA-2011:0176: java-1.6.0-openjdk security update
  • CESA-2011:0180: pango security update
  • CESA-2011:0181: and openoffice.org2 security update
  • CESA-2011:0182: security update
  • Oracle CPU January 2011: CVE-2010-3590
  • Oracle CPU January 2011: CVE-2010-3600
  • Oracle CPU January 2011: CVE-2010-4413
  • Oracle CPU January 2011: CVE-2010-4420
  • Oracle CPU January 2011: CVE-2010-4421
  • Oracle CPU January 2011: CVE-2010-4423
  • OS Command Injection
  • RHSA-2011:0143: Red Hat Enterprise Linux Extended Update Support 5.3 - End Of Life
  • RHSA-2011:0144: Red Hat Enterprise Linux Extended Update Support 5.4 6-Month EOL Notice
  • RHSA-2011:0152: java-1.4.2-ibm security update
  • RHSA-2011:0153: exim security update
  • RHSA-2011:0154: hplip security update
  • RHSA-2011:0162: kernel security and bug fix update
  • RHSA-2011:0163: kernel security and bug fix update
  • RHSA-2011:0164: mysql security update
  • RHSA-2011:0169: java-1.5.0-ibm security and bug fix update
  • RHSA-2011:0170: libuser security update
  • RHSA-2011:0176: java-1.6.0-openjdk security update
  • RHSA-2011:0177: webkitgtk security update
  • RHSA-2011:0180: pango security update
  • RHSA-2011:0181: and openoffice.org2 security update
  • RHSA-2011:0182: security update
  • RHSA-2011:0183: security and bug fix update