NeXpose Release January 15th, 2010

Document created by techeditor on Apr 7, 2011Last modified by techeditor on Nov 1, 2011
Version 2Show Document
  • View in full screen mode

This Rapid7 NeXpose release includes improved coverage for Windows environments, enhanced vulnerability checking, and richer PCI reporting.

 

Improved fingerprinting for Windows


  • NeXpose fingerprinting has been improved for Windows XP 64-bit environments.

 

Enhanced vulnerability checking for Red Hat, Solaris, and Oracle environments


  • The NeXpose vulnerability and patch checking coverage has been increased to provide greater detection, precision, and accuracy in Red Hat Enterprise Linux, Solaris, and Oracle environments.

 

Richer PCI reporting


  • The PCI Audit report now provides a PCI "pass" or "fail" score for every vulnerability discovered during the scanning process. PCI scores provide insight into how secure an environment is based on PCI DSS criteria. Having PCI scores in the report improves the visibility of this important security information, so it can be more easily used in remediation planning. This further reduces the time required to determine which vulnerabilities present the greatest challenges to meeting PCI compliance.

 

Vulnerability checks

 

  • Adobe Flash Player JPEG Size Heap-Overflow
  • Oracle CPU January 2010: Listener
  • RHSA-2009-1662: Red Hat Network Satellite Server Sun Java Runtime security update
  • Oracle CPU January 2010: OLAP
  • RHSA-2010-0011: httpd and httpd22 security update
  • RHSA-2009-1672: kernel security and bug fix update
  • RHSA-2009-1649: JBoss Enterprise Application Platform 4.3.0.CP07 update 
  • RHSA-2009-1650: JBoss Enterprise Application Platform 4.2.0.CP08 update
  • RHSA-2009-1670: kernel security and bug fix update
  • RHSA-2009-1671: kernel security and bug fix update
  • RHSA-2009-1673: seamonkey security update
  • RHSA-2009-1674: firefox security update
  • RHSA-2009-1680: xpdf security update
  • RHSA-2009-1681: gpdf security update
  • RHSA-2009-1682: kdegraphics security update
  • RHSA-2009-1688: condor security update
  • RHSA-2009-1689: condor security update
  • RHSA-2009-1692: rhev-hypervisor security and bug fix update
  • RHSA-2009-1694: java-1.6.0-ibm security update
  • RHSA-2010-0002: PyXML security update
  • RHSA-2010-0003: gd security update
  • Sun Patch: SunOS 5.10: kernel patch
  • Sun Patch: SunOS 5.10: libexpat patch
  • Sun Patch: SunOS 5.10: libpkcs11.so.1 patch
  • Sun Patch: SunOS 5.10_x86: arcfour and rsa patch
  • Sun Patch: SunOS 5.10_x86: libexpat patch
  • Oracle CPU January 2010: Data Pump
  • Oracle CPU January 2010: RDBMS
  • Oracle CPU January 2010: Spatial
  • Oracle CPU January 2010: Spatial Component
  • Oracle CPU January 2010: Unzip

Attachments

    Outcomes