Nexpose weekly coverage release notes (archive)

Document created by ryukhin on Dec 20, 2012Last modified by kelly_shortt on Feb 5, 2013
Version 5Show Document
  • View in full screen mode
                       

To help you protect your environment against ever-evolving security threats Rapid7 releases coverage updates on a weekly basis. This page contains detailed announcements for the most recent Nexpose coverage releases:

For information on previous releases go to Nexpose Release Notes.


 

This Rapid7® Nexpose® 5.5.3 release contains the following updates:

  • workflow correction
  • new and updated vulnerability checks

 

Workflow correction | product

 

The ability to restore a database backup from Nexpose version 5.3 to version 5.5, and later, now functions properly. This correction ensures you can logon and edit sites after restoring a database.

 

Weekly vulnerability check update | content

 

New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

 

  • Adobe
    • AIR
    • Flash
    • Reader
    • Shockwave
  • Apache
    • HTTP
    • Tomcat
  • Apple
    • iTunes
    • Java
    • OS X
    • QuickTime
    • Safari
  • Atlassian JIRA
  • BIND
  • CentOS
  • Cisco devices
  • Google Chrome
  • IBM AIX
  • Mozilla
    • Firefox
    • SeaMonkey
    • Thunderbird
  • OpenSSH
  • OpenSSL
  • Oracle
    • Database
    • Java Runtime Environment
    • Linux
    • MySQL
    • Solaris
  • PHP
  • Red Hat Enterprise Linux
  • VMware
    • ESX
    • ESXi

 

These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.

 

Product Update IDs

 

  • Linux 32 | Update ID:53318383
  • Linux 64 | Update ID:1430494604
  • Windows 32 | Update ID: 1065155457
  • Windows 64 | Update ID:4212679876

 

Installers

 

Released on December 19, 2012 (see the FAQ).   

 

md5sum files

 

Download the appropriate md5sum file to ensure that the installer was not corrupted during download: 

 


 

This Rapid7® Nexpose® 5.5.1 release contains the following updates:

  • coverage for Patch Tuesday checks
  • new and updated vulnerability checks
  • coverage improvements

 

December 2012 Patch Tuesday checks | content

 

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for December 2012. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for December 2012. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.

 

Coverage improvements | content

 

New and improved vulnerability checks provide better security coverage.

 

  • Coverage has been added for OpenSSH.
  • Coverage has been improved for the vulnerabilities announced in certain Microsoft Security Bulletins.

 

Weekly vulnerability check update | content

 

New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

 

  • Adobe
    • AIR
    • Flash
    • Reader
    • Shockwave
  • Apache
    • HTTP
    • Tomcat
  • Apple
    • iTunes
    • Java
    • OS X
    • QuickTime
    • Safari
  • Atlassian JIRA
  • BIND
  • CentOS
  • Cisco devices
  • Google Chrome
  • IBM AIX
  • Mozilla
    • Firefox
    • SeaMonkey
    • Thunderbird
  • OpenSSL
  • Oracle
    • Database
    • Java Runtime Environment
    • Linux
    • MySQL
    • Solaris
  • PHP
  • Red Hat Enterprise Linux
  • VMware
    • ESX
    • ESXi

 

These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.

 

Update IDs, installer links, and md5sum links

 

Update IDs, installer links, and md5sum links are added to this announcement on the release date.

 

Content update ID

 

  • Update ID: 2916105441

 

 

Installers


Released on December 10, 2012 (see the FAQ).

 

md5sum files

 

Download the appropriate md5sum file to ensure that the installer was not corrupted during download:


This Rapid7® Nexpose® 5.4.12 release contains the following updates:

  • new and updated vulnerability checks
  • coverage improvements
  • fingerprinting improvements

 

Fingerprinting improvement | product

 

Fingerprinting of assets that use  Border Gateway Protocol (BGP) no longer causes scans to hang. This will help you track assets better, provide a more comprehensive software inventory, and present more accurate information on vulnerabilities.

 

Weekly vulnerability check update | content

 

New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

 

  • Adobe
    • AIR
    • Flash
    • Reader
    • Shockwave
  • Apache
    • HTTP
    • Tomcat
  • Apple
    • iTunes
    • Java
    • OS X
    • QuickTime
    • Safari
  • Atlassian JIRA
  • BIND
  • CentOS
  • Cisco devices
  • Google Chrome
  • IBM AIX
  • Mozilla
    • Firefox
    • SeaMonkey
    • Thunderbird
  • OpenSSL
  • Oracle
    • Database
    • Java Runtime Environment
    • Linux
    • MySQL
    • Solaris
  • PHP
  • Red Hat Enterprise Linux
  • VMware
    • ESX
    • ESXi

 

These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.

 

Product Update IDs

 

  • Linux 32 | Update ID: 830119004
  • Linux 64 | Update ID: 3620753804
  • Windows 32 | Update ID: 3982852952
  • Windows 64 | Update ID: 3113526877

 

Content update ID

 

  • Update ID: 1860404786

 

Installers

  Released on November 28, 2012 (see the FAQ).

 

md5sum files

Download the appropriate md5sum file to ensure that the installer was not corrupted during download:


This Rapid7® Nexpose® 5.4.11 release contains the following updates:

  • new and updated vulnerability checks

 

These release notes document what's new in this Nexpose release. Your Nexpose installation will automatically download and install content updates. If you have enabled Nexpose to install product updates, it will do so as well. For information about restarting Nexpose after updating, see the FAQ.

 

Weekly vulnerability check update | content

 

New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

 

  • Adobe
    • AIR
    • Flash
    • Reader
    • Shockwave
  • Apache
    • HTTP
    • Tomcat
  • Apple
    • iTunes
    • Java
    • OS X
    • QuickTime
    • Safari
  • Atlassian JIRA
  • BIND
  • CentOS
  • Cisco devices
  • Google Chrome
  • IBM AIX
  • Mozilla
    • Firefox
    • SeaMonkey
    • Thunderbird
  • OpenSSL
  • Oracle
    • Database
    • Java Runtime Environment
    • Linux
    • MySQL
    • Solaris
  • PHP
  • Red Hat Enterprise Linux
  • VMware
    • ESX
    • ESXi

 

These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated to help minimize risk.

 

Product Update IDs

 

  • Linux 32 | Update ID: 4105181631
  • Linux 64 | Update ID: 1446102015
  • Windows 32 | Update ID: 1452835737
  • Windows 64 | Update ID: 3940403074

 

Content update ID

 

  • Update ID: 1248005005

 

Installers

  Released on October 31, 2012 (see the sixth FAQ).

 

md5sum files

Download the appropriate md5sum file to ensure that the installer was not corrupted during download:

 


 

For information on previous releases go to Nexpose Release Notes.

Attachments

    Outcomes