NeXpose Release January 10, 2011 (Content)

Document created by techeditor on Apr 7, 2011
Version 1Show Document
  • View in full screen mode

New and updated checks; accuracy enhancements; improved vulnerability reference links


Check for Windows graphics rendering flaw

  • A check detects a vulnerability in the Microsoft Windows Graphics Rendering Engine. An attacker who exploits this flaw can execute arbitrary code with the security permissions of a logged-on user and then install programs; view, change, or delete data; or create new accounts with full user rights. Currently, this vulnerability does not have a patch, and exploit code is available. For more information see Microsoft Security Advisory (2490606).


Detection of blind SQL injection flaws

  • The Web scanner now identifies and reports flaws that make Web applications vulnerable to blind SQL injection. Attackers can exploit these flaws to steal or corrupt data or cause other problems. This improvement requires the most recent product update.


Accuracy improvements

  • Checks for vulnerabilities announced in Red Hat security advisories RHSA-2010-0119 and RHSA-2010-0581 no longer flag false positives on Tomcat 5 scan targets that do not have JBoss Enterprise Web Server integrated.
  • False negatives have been eliminated for HTTP path traversal vulnerabilities on Windows targets with certain configurations.
  • False negatives for some versions of the Apache Web server have been eliminated.
  • False negatives have been eliminated for the Adobe ColdFusion application server.


Links updated for vulnerability references

  • Reference links for vulnerability pages have been updated, ensuring that you can find additional information on vulnerabilities in the console Web interface.


Bi-monthly vulnerability check update

  • New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:
    o Adobe Flash
    o Adobe Reader
    o Apache
    o Apple QuickTime
    o CentOS
    o Cisco devices
    o Mozilla Firefox
    o OpenSSL
    o PHP
    o Red Hat Enterprise Linux
    o Solaris
    o VMware
    These checks help prevent security breaches that could allow hostile parties to take control of affected systems, gain access to confidential data, disrupt business operations, or cause other problems.


List of checks

  • Blind SQL Injection
  • CESA-2010:0998: kvm security and bug fix update
  • CESA-2010:1000: bind security update
  • MS11-XXX: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
  • RHSA-2010:0859: poppler security update
  • RHSA-2010:0860: samba security update
  • RHSA-2010:0863: krb5 security update
  • RHSA-2010:0864: freetype security update
  • RHSA-2010:0866: cups security update
  • RHSA-2010:0872: glibc security and bug fix update
  • RHSA-2010:0888: openssl security update
  • RHSA-2010:0891: pam security update
  • RHSA-2010:0892: openswan security update
  • RHSA-2010:0898: kvm security update
  • RHSA-2010:0908: postgresql security update
  • RHSA-2010:0918: cvs security update
  • RHSA-2010:0923: dhcp security update
  • RHSA-2010:0924: wireshark security update
  • RHSA-2010:0925: krb5 security and bug fix update
  • RHSA-2010:0945: quagga security update
  • RHSA-2010:0975: bind security update
  • RHSA-2010:0979: openssl security update
  • RHSA-2010:0998: kvm security and bug fix update
  • RHSA-2010:0999: libvpx security update
  • RHSA-2010:1000: bind security update
  • RHSA-2010:1002: mod_auth_mysql security update
  • RHSA-2010:1003: git security update
  • RHSA-2011:0001: RHN Satellite Server 4 - End Of Life
  • RHSA-2011:0002: RHN Proxy Server 4 - End Of Life
  • Sun Patch: SunOS 5.10: fmd patch
  • Sun Patch: SunOS 5.10: uucp patch
  • Sun Patch: SunOS 5.10: vnet vsw Patch
  • Sun Patch: SunOS 5.10_x86: fmd patch
  • Sun Patch: SunOS 5.10_x86: uucp patch
  • VMSA-2011-0001: Service Console update (CVE-2010-0211)
  • VMSA-2011-0001: Service Console update (CVE-2010-0212)
  • VMSA-2011-0001: Service Console update (CVE-2010-2956)
  • VMSA-2011-0001: Service Console update (CVE-2010-3847)
  • VMSA-2011-0001: Service Console update (CVE-2010-3856)