Nexpose Release Notes - January 2014

Document created by rebecca carter Employee on Feb 4, 2014Last modified by rebecca carter Employee on Feb 5, 2014
Version 2Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats Rapid7 releases coverage updates for Nexpose on a weekly basis. This page contains releases for January, 2014:

 

For current coverage releases go to Nexpose Weekly Release Notes.

 

For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.


This Rapid7® Nexpose® 5.8.7 release contains the following updates:                                                    

  • coverage improvements
  • accuracy improvements

        

Coverage improvement | content & product

New coverage expands your visibility into assets and threats in your network.

  • You can now scan your environment for vulnerabilities in Cisco ASA firewalls.
  • You can now scan your environment for vulnerabilities in Cisco PIX firewalls.
  • You can now scan your environment for vulnerabilities in Nginx.
  • You can now scan your environment for vulnerable versions of the jQuery library.

 

Weekly vulnerability check update | content

New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

  • Adobe
    • AIR
    • ColdFusion
    • Flash
    • Reader
    • Shockwave
  • Apache
    • HTTP
    • Tomcat
  • Apple
    • iTunes
    • Java
    • OS X
    • QuickTime
    • Safari
  • Atlassian JIRA
  • BIND
  • CentOS
  • Cisco devices
  • Debian GNU/Linux
  • Google Chrome
  • IBM AIX
  • Mozilla
    • Firefox
    • SeaMonkey
    • Thunderbird
  • OpenSSH
  • OpenSSL
  • Oracle
    • Database
    • Java Runtime Environment
    • Linux
    • MySQL
    • Solaris
  • PHP
  • Red Hat Enterprise Linux
  • Ubuntu/Linux
  • VideoLAN VLC
  • VMware
    • ESX
    • ESXi

Accuracy improvement | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • The accuracy and performance of Windows-authenticated scans over high-latency networks was improved. 

End-of-life for 32-bit installations

Rapid7 will end support for 32-bit versions of Nexpose on May 7, 2014, for both Windows and Linux operating systems. After that date, Rapid7 will not test Nexpose or provide bug fixes or technical support for Nexpose on 32-bit installations. For more information, see the end-of-life policy at http://www.rapid7.com/docs/end-of-life-policy.pdf.

Update IDs, installer links,  md5sum links, and virtual appliance links

Product Update IDs

  
  • Linux 32 | Update ID: 1298602497
  • Linux 64 | Update ID: 2525244862
  • Windows 32 | Update ID:  1207962848
  • Windows 64 | Update ID: 3925075668

Content update ID

  
  • Update ID: 1152611048

 

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links. 


This Rapid7® Nexpose® 5.8.6 release contains the following updates:

  • coverage improvements
  • accuracy improvements
  • application improvements
  • scanning improvements

Application improvements | product

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • You can now view a progress bar on the Scan Progress page to tell at a quick glance how much of the scan has completed. Beneath the bar are counts of assets for which the vulnerability phase of the scan has completed and for which the phase is active or pending.
  • You can now disable or enable the refresh of your table of discovered assets during a scan by clicking the icon at the bottom of the table. This allows you to investigate the results of an active scan without being interrupted by the page refreshing.

See a video exploring these new features.

  • The report template APIs now correctly return the built-in attribute to conform to the API definition. This allows you to quickly distinguish between report templates provided by the application and templates that you have created.
  • You can now view all of your report templates at once by clicking the new See All link in the bottom, right corner of the report carousel. This allows you to compare different templates so that you can find the one that meets your needs for a specific report.
  • You can now upload custom policy content saved with a Unicode byte-order-mark in the XML file.

Coverage improvement | content & product

New coverage expands your visibility into assets and threats in your network.

  • Scans now correctly fingerprint configuration service present on most SerComm-manufactured network devices.

Weekly vulnerability check update | content

New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

  • Adobe
    • AIR
    • ColdFusion
    • Flash
    • Reader
    • Shockwave
  • Apache
    • HTTP
    • Tomcat
  • Apple
    • iTunes
    • Java
    • OS X
    • QuickTime
    • Safari
  • Atlassian JIRA
  • BIND
  • CentOS
  • Cisco devices
  • Debian GNU/Linux
  • Google Chrome
  • IBM AIX
  • Mozilla
    • Firefox
    • SeaMonkey
    • Thunderbird
  • OpenSSH
  • OpenSSL
  • Oracle
    • Database
    • Java Runtime Environment
    • Linux
    • MySQL
    • Solaris
  • PHP
  • Red Hat Enterprise Linux
  • Ubuntu/Linux
  • VideoLAN VLC
  • VMware
    • ESX
    • ESXi

Accuracy improvement | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • False positives have been corrected for the vulnerability check that detects syslog running on TCP port 514. 

Scanning improvement | product

Scans now properly fingerprint SSL/TLS services that utilize the MD2 algorithm anywhere in the certificate validation process. Among other benefits, this can help address potential false positives and false negatives in certificate chain validation. Note that for validation to occur, the Certificate Authority in question must be trusted, and that regardless of whether or not the certificate is trusted, MD2 cannot be used anywhere if FIPS is enabled.

  • Scans of assets with SNMP exposed are now handled more gracefully when the route between the scanner and the asset is not the default. This improvement provides more accurate and complete fingerprinting and vulnerability results.

End-of-life for 32-bit installations

Rapid7 will end support for 32-bit versions of Nexpose on May 7, 2014, for both Windows and Linux operating systems. After that date, Rapid7 will not test Nexpose or provide bug fixes or technical support for Nexpose on 32-bit installations. For more information, see the end-of-life policy at http://www.rapid7.com/docs/end-of-life-policy.pdf.

 

Product Update IDs

  • Linux 32 | Update ID: 2949771759
  • Linux 64 | Update ID: 4263126922
  • Windows 32 | Update ID:  1342680914
  • Windows 64 | Update ID: 4019033286

 

Content update ID

  • Update ID: 1152611048

 

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links. 


 

This Rapid7® Nexpose® 5.8.5 release contains the following updates:                                  

  • January 2014 Patch Tuesday checks
  • coverage improvements
  • accuracy improvements

 

January 2014 Patch Tuesday checks | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for January 2014. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for January 2014. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.

These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.

 

Coverage improvement | content & product

New coverage expands your visibility into assets and threats in your network.

  • The built-in CIS scan template now includes Security Configuration Benchmarks for IBM AIX 5.3 and 6.1. To use these benchmarks, you must apply the January 15, 2014, product update or a later product update.
  • A new plug-in allows you to arrange custom vulnerability content more easily for your scans. To use the plug-in, simply copy your content into the custom vulnerability plugin directory.
  • Policy scanning now includes benchmarks for SCAP 1.2 for Windows; United States Government Configuration Baseline (USGCB) 1.2.7.1 for Windows 7, Windows 7 Energy, Windows 7 Firewall, and Internet Explorer 8; and USGCB 2.0.7.1 for Windows XP, Windows XP Firewall, Windows Vista, Windows Vista Firewall, Windows Vista Energy, and Internet Explorer 7. The profiles from these benchmarks are included by default in the built-in USGCB scan template. Additionally, you can generate Asset Report Format (ARF) reports based on the results of these policy scans.

 

Accuracy improvement | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Scan authentication attempts on APC Power Distribution Units via Telnet no longer produce false positives.
  • The Web spider now runs properly when services that truly are HTTP/HTTPS cannot be properly fingerprinted.
  • Vulnerability solution information for Adobe Flash has been reorganized to provide better remediation guidance.

Weekly vulnerability check update | content

New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

  • Adobe
    • AIR
    • ColdFusion
    • Flash
    • Reader
    • Shockwave
  • Apache
    • HTTP
    • Tomcat
  • Apple
    • iTunes
    • Java
    • OS X
    • QuickTime
    • Safari
  • Atlassian JIRA
  • BIND
  • CentOS
  • Cisco devices
  • Debian GNU/Linux
  • Google Chrome
  • IBM AIX
  • Mozilla
    • Firefox
    • SeaMonkey
    • Thunderbird
  • OpenSSH
  • OpenSSL
  • Oracle
    • Database
    • Java Runtime Environment
    • Linux
    • MySQL
    • Solaris
  • PHP
  • Red Hat Enterprise Linux
  • Ubuntu/Linux
  • VideoLAN VLC
  • VMware
    • ESX
    • ESXi

End-of-life for 32-bit installations

Rapid7 will end support for 32-bit versions of Nexpose on May 7, 2014, for both Windows and Linux operating systems. After that date, Rapid7 will not test Nexpose or provide bug fixes or technical support for Nexpose on 32-bit installations. For more information, see the end-of-life policy at http://www.rapid7.com/docs/end-of-life-policy.pdf.

Product Update IDs

  • Linux 32 | Update ID: 76885102
  • Linux 64 | Update ID: 4099084248
  • Windows 32 | Update ID:  4124555121
  • Windows 64 | Update ID: 961424783

Content update ID

  • Update ID: 1565019702

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.         


 

This Rapid7® Nexpose® 5.8.4 release contains the following updates:              

  • scanning improvements
  • accuracy improvements

 

Accuracy improvement | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Vulnerability remediation information for Mozilla Firefox and Thunderbird was improved to provide more actionable steps.

Weekly vulnerability check update | content

New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

  • Adobe
    • AIR
    • ColdFusion
    • Flash
    • Reader
    • Shockwave
  • Apache
    • HTTP
    • Tomcat
  • Apple
    • iTunes
    • Java
    • OS X
    • QuickTime
    • Safari
  • Atlassian JIRA
  • BIND
  • CentOS
  • Cisco devices
  • Debian GNU/Linux
  • Google Chrome
  • IBM AIX
  • Mozilla
    • Firefox
    • SeaMonkey
    • Thunderbird
  • OpenSSH
  • OpenSSL
  • Oracle
    • Database
    • Java Runtime Environment
    • Linux
    • MySQL
    • Solaris
  • PHP
  • Red Hat Enterprise Linux
  • Ubuntu/Linux
  • VideoLAN VLC
  • VMware
    • ESX
    • ESXi

Scanning improvement | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • Fingerprinting of the Sun (Oracle) Java Web Console was improved.
  • The application no longer fingerprints scan targets that exhibit excessive consecutive connection resets, resulting in improved scan performance.

End-of-life for 32-bit installations

Rapid7 will end support for 32-bit versions of Nexpose on May 7, 2014, for both Windows and Linux operating systems. After that date, Rapid7 will not test Nexpose or provide bug fixes or technical support for Nexpose on 32-bit installations. For more information, see the end-of-life policy at http://www.rapid7.com/docs/end-of-life-policy.pdf.

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.         

Product Update IDs

 

  • Linux 32 | Update ID: 2977912547
  • Linux 64 | Update ID: 2367394712
  • Windows 32 | Update ID:  3108311626
  • Windows 64 | Update ID: 832049185

 

Content update ID

 

  • Update ID: 1318063086

 

This Rapid7® Nexpose® 5.8.3 release contains the following updates:    

  • scanning improvements
  • accuracy improvements
  • application improvements

 

Accuracy improvement | content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Vulnerability correlation on Ubuntu 12.04 was improved.

Weekly vulnerability check update | content

New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:

  • Adobe
    • AIR
    • ColdFusion
    • Flash
    • Reader
    • Shockwave
  • Apache
    • HTTP
    • Tomcat
  • Apple
    • iTunes
    • Java
    • OS X
    • QuickTime
    • Safari
  • Atlassian JIRA
  • BIND
  • CentOS
  • Cisco devices
  • Debian GNU/Linux
  • Google Chrome
  • IBM AIX
  • Mozilla
    • Firefox
    • SeaMonkey
    • Thunderbird
  • OpenSSH
  • OpenSSL
  • Oracle
    • Database
    • Java Runtime Environment
    • Linux
    • MySQL
    • Solaris
  • PHP
  • Red Hat Enterprise Linux
  • Ubuntu/Linux
  • VideoLAN VLC
  • VMware
    • ESX
    • ESXi

Scanning improvement | product

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • Fingerprinting and vulnerability checks related to HTTP now correctly handle HTTP redirect loops caused by malicious or improperly configured HTTP servers. This provides faster and more accurate assessments of affected assets.
  • HTTP vulnerability checks now provide more information related to abnormalities and errors when interacting with assets that expose HTTP.

Accuracy improvement | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Fingerprinting of Blue Coat devices running SSH was improved.
  • Fingerprinting of F5 Big IP assets running SSH was improved.
  • The application now fingerprints Cisco ASA assets over SSH, which helps you to better identify assets in your environment.
  • Fingerprinting for Microsoft SQL Server 2012 was improved.

Application improvement | product

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An issue that caused the repair installation to not work properly for older versions of the application was corrected.
  • You can now quickly search for reports and report template configurations by name in the Reports configuration panel.
  • Exported CSV reports that include columns with no data now display correctly aligned columns.

End-of-life for 32-bit installations

Rapid7 will end support for 32-bit versions of Nexpose on May 7, 2014, for both Windows and Linux operating systems. After that date, Rapid7 will not test Nexpose or provide bug fixes or technical support for Nexpose on 32-bit installations. For more information, see the end-of-life policy at http://www.rapid7.com/docs/end-of-life-policy.pdf.

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.         

Product Update IDs

 

  • Linux 32 | Update ID: 3437273332
  • Linux 64 | Update ID: 1654203768
  • Windows 32 | Update ID:  925451725
  • Windows 64 | Update ID: 4262266820

 

Content update ID

 

  • Update ID: 1873823056

Attachments

    Outcomes