Nexpose release announcements - June 2014

Document created by mglinski Employee on Jul 7, 2014
Version 1Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats Rapid7 releases coverage updates for Nexpose on a weekly basis. This page contains detailed announcements for the most recent Nexpose coverage releases:

For May releases go to Nexpose Release Notes - May 2014. For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.


This Rapid7® Nexpose® 5.9.19 release contains an application improvement.


Application improvement | product


   Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • This update addresses an issue related to the June 25, 2014, release, where the Site Listing table failed to load for users who do not have access to all running scans.

 

Product Update IDs

 

  • Linux 64 | Update ID: 3797852489
  • Windows 64 | Update ID: 1174485013


Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.


This Rapid7® Nexpose® 5.9.18 release contains the following improvements:                                        

  • scanning improvement
  • application improvements
  • accuracy improvements

                                        

Application improvement | product


Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Improvements to the Database Export process now make it unnecessary to re-enter your credentials on the target database whenever you change the report content or configuration and re-export the data.

Accuracy improvements | product & content


Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • False positives have been corrected for exposed password hash entries in the /etc/passwd directory.
  • Fingerprinting accuracy has been improved for Wordpress.
  • Coverage for an Apache Tomcat security vulnerability originally identified as CVE-2012-3439, now applies to CVE-2012-5885, CVE-2012-5886, and CVE-2012-5887.
  • Vulnerability coverage has been improved for the following Microsoft security bulletins:
    • MS09-048
    • MS11-100

Scanning improvement | product


Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • If you are using Dynamic Discovery to find Amazon Web Service (AWS) assets for scanning, and if your Security Console is installed inside the AWS network, an IAM role assigned to the host instance makes it unnecessary to authenticate with an access key. This makes the process of creating a discovery connection easier and more secure.

 

Product Update IDs

 

  • Linux 64 | Update ID: 2747938509
  • Windows 64 | Update ID: 3590154823

Content update ID

 

  • Update ID: 9963625

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.


This Rapid7® Nexpose® 5.9.17 release contains an application improvement.                    

Application improvement | product


Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • This release addresses a potential issue related to product updates for users upgrading from versions earlier than the March 26, 2014, release.

Product Update IDs

 

  • Linux 64 | Update ID: 4105759461
  • Windows 64 | Update ID: 254553932

Installer links, md5sum links, and virtual appliance links


Click here for the latest installer links, md5sum links, and virtual appliance links.


This Rapid7® Nexpose® 5.9.16 release contains the following improvements.

  • Scanning improvement
  • Application improvements

Scanning improvement | product


New coverage expands your visibility into assets and threats in your environment:

  • You can now report on the results of a specific scan. This capability is useful in situations such as an audit, where you need to run a report on a scan that was run six months ago. Just click the Select Scan icon in the Scope section of the report configuration for any template that supports the feature. Then, select the site in which the scan was run, and then the scan itself.

  • An issue that prevented saving of static asset groups based on searches has been resolved.
  • Updated search functionality provides a better overall search experience and richer results. Improvements include the following:
    • search for extended metadata on assets, including operating system, software, and service fingerprints
    • search for tags
    • ability to use wildcard characters in search expressions
  • You can now cancel a report that is being generated by deleting it from the list on the View Reports page. Internal processes related to the deleted report, such as database queries, continue in the background until they complete without disrupting your other Security Console operations.
  • You can now save a report without running it. This allows you to make changes to a report configuration without using up system resources by running the report unnecessarily, if the report is not scheduled to run.

Product update IDs

 

  • Linux 64 | Update ID: 721167223
  • Windows 64 | Update ID: 154863383

Content update ID

 

  • Update ID: 2251465941

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


This Rapid7® Nexpose® 5.9.15 release contains the following updates:                

  • June 2014 Patch Tuesday checks
  • coverage improvement

                        

June Patch Tuesday checks | content


New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for May 2014. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for June 2014. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.


Coverage improvement | content


New coverage expands your visibility into assets and threats in your environment:

  • You can now scan your environment for vulnerabilities in Sendmail.

 

Product Update IDs

 

  • Linux 64 | Update ID: 2602547574
  • Windows 64 | Update ID: 604175488


Content update ID

 

  • Update ID: 2943291519


Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.


This Rapid7® Nexpose® 5.9.14 release contains coverage for the OpenSSL CVE-2014-0224 vulnerability, plus the following updates:            

  • application improvements
  • coverage improvements
  • scanning improvements
  • accuracy improvements

 

Coverage improvements |  content           


New coverage expands your visibility into assets and threats in your environment:

  • An unauthenticated check is available for CVE-2014-0224 (OpenSSL MITM CCS injection attack) announced by OpenSSL on June 5, 2014. For more information about the vulnerability see these blogs: CCS Injection Vulnerability: Severe vulnerability shows we’re not done with OpenSSL just yet and OpenSSL gets more open: Scan for CVE-2014-0224.
  • New authenticated coverage has been added for the OpenSSL vulnerabilities announced on June 5, 2014. The following supported platforms have released patches via their package managers, and you can scan to verify them:
    • CentOS
    • Debian
    • FreeBSD
    • RedHat
    • Ubuntu
  • The application now provides vulnerability coverage for Microsoft security updates specific to embedded distributions of Microsoft Windows XP SP3, including Windows XP Embedded, Windows Embedded for Point of Service (WEPOS), and Windows Embedded POSReady 2009.

                                                                  

Accuracy improvements |  product & content


Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:                                          

  • Accuracy has been improved for solutions to the CVE-2008-1447 vulnerability for non-BIND DNS servers.
  • You can now elevate permissions with the BeyondTrust PowerBroker pbrun command when authenticating scans with SSH credentials. To learn how to configure your scan environment to support pbrun, search Help for the phrase Elevating permissions.

          

Application improvement | product & content


     Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • An issue that prevented site configuration changes from being saved on Internet Explorer 9 has been resolved. Internet Explorer 9 continues to be a supported browser.

Scanning improvement | product


Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • You can now exclude ports from service discovery to avoid scanning those ports. For example, if you want to scan a range of ports, such as 1-10000, but you want to exclude port 9100 because a printer service is running on it, you can specify port 9100 for exclusion. The exclusion setting is available on the Service Discovery page of the Scan template configuration panel.

Weekly vulnerability check update | content


See Nexpose Vulnerability Coverage for a list of the operating systems and applications covered by the updated vulnerability and patch checks.

Product update IDs

 

  • Linux 64 | Update ID: 497614653
  • Windows 64 | Update ID: 3577438066

Content update ID

 

  • Update ID: 272373044

This Rapid7® Nexpose® 5.9.13 release contains the following updates:  

  • application improvements
  • coverage improvements
  • scanning improvements
  • accuracy improvements

Application improvements | product & content


Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Nexpose now supports installations on Kali Linux versions 1.0.6 and later.
  • Tags now support nested tag groupings. Previously if tags were configured to refer to one another in a complex manner they could fail to update appropriately, which caused issues with reporting on tag scopes. Tags now update appropriately and the correct data is reflected in reports. In the following screen shot example, the custom tag Linux and Windows assets has a nested tag, Windows assets, which has been applied to the asset server.example.com. Because of the nesting relationship, the parent tag is applied, by inheritance, to that asset.

  • Trend reports reflecting historical data have been enhanced to display historical data for deleted assets. This means that if assets have been deleted they will still appear correctly in reports in context of the date selection.
  • Scan Engines now log their versions at the beginning of each scan. Knowing their versions by viewing the scan log can help with troubleshooting.
  • The CIS 2008 1.2.0.9 policy benchmark has now been fully deprecated and replaced by CIS 2008 2.1.0.1. The XCCDF report template will only generate reports that include the updated policy. To be able to run a report of this type, re-run the scan. For more information on deprecated and updated policies, see the topic Selecting Policy Manager checks in Help.
  • During installation you can now change the port for the PostgreSQL database server to avoid conflicts with other PostgreSQL installations on the host system.
  • The icons for functions related to copying and viewing have been updated. This change is part of an ongoing initiative to provide more streamlined navigation and a more consistent look and feel throughout the Web interface.
  • Get tips on optimizing firewall scans. Find out which port scan method to use and how whitelisting your Scan Engine and using SSH credentials can improve your results. You'll find the information by searching for the topic Scanning firewalls in Help.


Coverage improvements |  product & content


  • New Center for Internet Security (CIS) policies provide compliance coverage for Oracle 9i, 10g, and 11gR1 on Microsoft Windows and Linux platforms.
  • Vulnerability check coverage now includes obsolete versions of FreeBSD.

Scanning improvement | product


Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Service discovery has expanded to include OpenVPN instances running on UDP ports.

Accuracy improvements |  product & content


Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • A false positive for CVE-2011-0539 in OpenSSH has been addressed.
  • Vulnerability coverage has been improved for the following Microsoft security bulletins: MS11-043, MS11-046, MS11-090, and MS12-009.

Weekly vulnerability check update | content


See Nexpose Vulnerability Coverage for a list of the operating systems and applications covered by the updated vulnerability and patch checks.

Virtual Appliance improvements

 

The  updated Nexpose Virtual Appliance features several improvements for scaling, performance, and compatibility:

  • The virtual hard disk has been increased to 160 GB to support larger environments without the need to grow the disk.
  • The file system has  been upgraded to Ext4 to support more files per folder.
  • Nexpose has been installed on a separate /opt partition to support larger environments without impacting the root file system.
  • VMware Tools has been upgraded to version 9.4.5 to support the most current VMware environments.

Product update IDs

 

  • Linux 64 | Update ID: 438174502
  • Windows 64 | Update ID: 4166399220

Content update ID

 

  • Update ID: 1224832718

 

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.

Attachments

    Outcomes