NeXpose Release November 15, 2010 (Content)

Document created by techeditor on Apr 8, 2011Last modified by techeditor on Nov 1, 2011
Version 2Show Document
  • View in full screen mode

This release is a content update.

 

  • Content updates include new checks for vulnerabilities, patch verification, and compliance with security policies.
  • Product updates include performance improvements, bug fixes, and new features.

 

  • More consistent delivery of PCI reports*

 

  • An issue that prevented the product from generating some PCI reports with certain vulnerabilities has now been resolved, ensuring that you can generate these reports consistently.

 

Bi-monthly vulnerability check update


  • New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:
    o Adobe Flash
    o Adobe Reader
    o Apache
    o Apple QuickTime
    o CentOS
    o Cisco devices
    o Mozilla Firefox
    o OpenSSL
    o PHP
    o Red Hat Enterprise Linux
    o Solaris
    o VMware

 

These checks help prevent security breaches that could allow hostile parties to take control of affected systems, gain access to confidential data, disrupt business operations, or cause other problems.

 

List of checks


  • RHSA-2010:0807: java-1.5.0-ibm security update
  • APSB10-26: Adobe Flash Player arbitrary code execution via crafted SWF content (CVE-2010-3636)
  • APSB10-26: Adobe Flash Player arbitrary code execution via crafted SWF content (CVE-2010-3639)
  • APSB10-26: Adobe Flash Player arbitrary code execution via crafted SWF content (CVE-2010-3654)
  • APSB10-26: Adobe Flash Player arbitrary code execution via unspecified vector (CVE-2010-3637)
  • APSB10-26: Adobe Flash Player DLL hijacking attack (CVE-2010-3976)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3640)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3641)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3642)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3643)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3644)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3645)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3646)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3647)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3648)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3649)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3650)
  • APSB10-26: Adobe Flash Player unspecified vulnerability allows arbitrary code execution (CVE-2010-3652)
  • CESA-2010:0808: firefox security update
  • CESA-2010:0809: xulrunner security update
  • CESA-2010:0810: seamonkey security update
  • CESA-2010:0811: cups security update
  • CESA-2010:0812: thunderbird security update
  • RHSA-2010:0808: firefox security update
  • RHSA-2010:0809: xulrunner security update
  • RHSA-2010:0810: seamonkey security update
  • RHSA-2010:0811: cups security update
  • RHSA-2010:0812: thunderbird security update
  • RHSA-2010:0829: flash-plugin security update
  • CESA-2010:0824: mysql security update
  • RHSA-2010:0824: mysql security update
  • CESA-2010:0792: kernel security update
  • CESA-2010:0793: glibc security update
  • CESA-2010:0817: Red Hat Enterprise Linux 3 - End Of Life
  • CESA-2010:0819: pam security update
  • CESA-2010:0825: mysql security update
  • RHSA-2010:0792: kernel security update
  • RHSA-2010:0793: glibc security update
  • RHSA-2010:0817: Red Hat Enterprise Linux 3 - End Of Life
  • RHSA-2010:0819: pam security update
  • RHSA-2010:0825: mysql security update
  • Sun Patch: SunOS 5.10: libc.so.1 patch
  • Sun Patch: SunOS 5.10_x86: libc.so.1 patch
  • APSB10-26: Adobe Flash Player sensitive information disclosure via unknown vector (CVE-2010-3638)

Attachments

    Outcomes