NeXpose Release March 21, 2011 (Content)

Document created by techeditor on Apr 8, 2011Last modified by techeditor on Nov 1, 2011
Version 2Show Document
  • View in full screen mode

This 2011-03-21 release is a content update.

 

  • Content updates include new checks for vulnerabilities, patch verification, and compliance with security policies.
  • Product updates include performance improvements, bug fixes, and new features.

 

IE 9 fingerprinting


Scans now fingerprint the recently released Internet Explorer 9, so you can track this browser on assets in your environment.

 

SCAP update


A regularly scheduled update of SCAP data ensures that the most current CPE and CVE identifiers and CVSS scores are available in the product. You can view SCAP update information on the SCAP page, which you can access from the Administration page in the Web interface.

 

PCI scoring improvements


Improvements to PCI scoring provide a more accurate security assessment:

 

  • The Apache vulnerability identified as CVE-2003-1418 now displays the correct CVSS score.
  • Inaccurate PCI severity scores for certain vulnerabilities have been corrected.

 

More accurate scan results


Checks for the vulnerability described in Microsoft security bulletin MS09-048 are now more accurate for x86 and AMD64 versions of Windows 2008 and Vista.
False positives have been eliminated for an executable file parsing vulnerability on Microsoft Internet Information Services (IIS) version 6.0, making your security assessment of your environment more accurate.

 

Hotfix checks for SQL Server 2000 and 2005


Microsoft hotfix checks have been updated on SQL Server 2000 and 2005.

 

Bi-monthly vulnerability check update


New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

 

  • Adobe Flash
  • Adobe Reader
  • Apache
  • Apple QuickTime
  • CentOS
  • Cisco devices
  • Java Runtime Environment
  • Mozilla Firefox
  • OpenSSL
  • PHP
  • Red Hat Enterprise Linux
  • Solaris
  • VMware

 

These checks help prevent security breaches that could allow hostile parties to take control of affected systems, gain access to confidential data, disrupt business operations, or cause other problems.

 

List of new checks


  • APSA11-01: Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat (CVE-2011-0609)
  • CESA-2011:0219: CentOS Linux 4 - 1-Year End Of Life Notice
  • CESA-2011:0303: kernel security and bug fix update
  • CESA-2011:0305: samba security update
  • CESA-2011:0306: samba3x security update
  • CESA-2011:0307: mailman security update
  • CESA-2011:0310: firefox security and bug fix update
  • CESA-2011:0312: thunderbird security update
  • CESA-2011:0313: seamonkey security update
  • CESA-2011:0318: libtiff security update
  • CESA-2011:0324: logwatch security update
  • CESA-2011:0327: subversion security and bug fix update
  • CESA-2011:0336: tomcat5 security update
  • CESA-2011:0337: vsftpd security update
  • CESA-2011:0346: openldap security and bug fix update
  • Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
  • Microsoft SQL Server 2005 Express Edition with Advanced Services Service Pack 4 (KB2463332)
  • Microsoft SQL Server 2005 Service Pack 4 (KB2463332)
  • RHSA-2011:0219: Red Hat Enterprise Linux 4 - 1-Year End Of Life Notice
  • RHSA-2011:0303: kernel security and bug fix update
  • RHSA-2011:0305: samba security update
  • RHSA-2011:0306: samba3x security update
  • RHSA-2011:0307: mailman security update
  • RHSA-2011:0308: mailman security update
  • RHSA-2011:0309: pango security update
  • RHSA-2011:0310: firefox security and bug fix update
  • RHSA-2011:0311: thunderbird security update
  • RHSA-2011:0312: thunderbird security update
  • RHSA-2011:0313: seamonkey security update
  • RHSA-2011:0318: libtiff security update
  • RHSA-2011:0320: libcgroup security update
  • RHSA-2011:0324: logwatch security update
  • RHSA-2011:0327: subversion security and bug fix update
  • RHSA-2011:0328: subversion security update
  • RHSA-2011:0329: kernel security update
  • RHSA-2011:0330: kernel-rt security and bug fix update
  • RHSA-2011:0332: scsi-target-utils security update
  • RHSA-2011:0335: tomcat6 security and bug fix update
  • RHSA-2011:0336: tomcat5 security update
  • RHSA-2011:0337: vsftpd security update
  • RHSA-2011:0345: qemu-kvm security update
  • RHSA-2011:0346: openldap security and bug fix update
  • RHSA-2011:0347: openldap security update
  • RHSA-2011:0348: tomcat6 security update
  • RHSA-2011:0349: tomcat5 security update
  • RHSA-2011:0356: krb5 security update
  • Sun Patch: Convergence 2.0-1.01: core patch
  • Sun Patch: Convergence 2.0-1.01_x86: core patch
  • Sun Patch: Oracle Open Office 3.3 Service Pack 1 (Solaris, Multilanguage)
  • Sun Patch: Oracle Open Office 3.3 Service Pack 1 (Solaris_x86, Multilanguages
  • Sun Patch: SunOS 5.10: rdist patch
  • Sun Patch: SunOS 5.10: WBEM Patch
  • Sun Patch: SunOS 5.10_x86: rdist patch
  • Sun Patch: SunOS 5.10_x86: WBEM Patch
  • VMSA-2011-0004: Service Console update (CVE-2010-2059)
  • VMSA-2011-0004: Service Console update (CVE-2010-3316)
  • VMSA-2011-0004: Service Console update (CVE-2010-3435)
  • VMSA-2011-0004: Service Console update (CVE-2010-3613)
  • VMSA-2011-0004: Service Console update (CVE-2010-3614)
  • VMSA-2011-0004: Service Console update (CVE-2010-3762)
  • VMSA-2011-0004: Service Console update (CVE-2010-3853)
  • VMSA-2011-0004: Service Location Protocol daemon DoS (CVE-2010-3609)
  • Windows Internal Database Service Pack 4 for x64 Edition (KB2463332)

Attachments

    Outcomes