NeXpose Release January 24, 2011 (Content)

Document created by techeditor on Apr 7, 2011
Version 1Show Document
  • View in full screen mode

This 2011-01-24 release is a content update.

 

LDAP injection check


  • Web scans now detect LDAP injection vulnerabilities, helping you to prevent attacks that could result in unauthorized access to, and manipulation of, LDAP servers. This improvement requires the most recent product update.

 

Bi-monthly vulnerability check update


  • New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:
    o Adobe Flash
    o Adobe Reader
    o Apache
    o Apple QuickTime
    o CentOS
    o Cisco devices
    o Mozilla Firefox
    o OpenSSL
    o PHP
    o Red Hat Enterprise Linux
    o Solaris
    o VMware
    These checks help prevent security breaches that could allow hostile parties to take control of affected systems, gain access to confidential data, disrupt business operations, or cause other problems.

 

Better information, links on vulnerability pages


  • A bug fix ensures that Solaris support links on vulnerability detail pages refer to correct target pages, so that you can access the information you need to remediate Solaris vulnerabilities if you have a valid support contract with Oracle.
  • Remediation steps are up to date for a vulnerability related to Microsoft Internet Information Service (IIS) Web server revealing its internal IP address.

 

List of new checks


  • CESA-2011:0004: kernel security, bug fix, and enhancement update
  • CESA-2011:0013: wireshark security update
  • CESA-2011:0017: CentOS Linux 5.6 kernel security and bug fix update
  • CESA-2011:0025: gcc security and bug fix update
  • CESA-2011:0027: python security, bug fix, and enhancement update
  • CESA-2011:0028: kvm security and bug fix update
  • CheckPoint Endpoint Security Server Information Disclosure
  • LDAP Injection Vulnerability
  • Obsolete Version of Microsoft Exchange Server
  • PHP hangs on numeric value 2.2250738585072011e-308
  • RHSA-2011:0004: kernel security, bug fix, and enhancement update
  • RHSA-2011:0007: kernel security and bug fix update
  • RHSA-2011:0009: evince security update
  • RHSA-2011:0013: wireshark security update
  • RHSA-2011:0017: Red Hat Enterprise Linux 5.6 kernel security and bug fix update
  • RHSA-2011:0025: gcc security and bug fix update
  • RHSA-2011:0027: python security, bug fix, and enhancement update
  • RHSA-2011:0028: kvm security and bug fix update
  • Sun Patch: SunOS 5.10: Samba patch
  • Sun Patch: SunOS 5.10_x86: Samba patch

Attachments

    Outcomes