Nexpose release announcements - July 2014

Document created by S Tempest Employee on Aug 5, 2014
Version 1Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats Rapid7 releases coverage updates for Nexpose on a weekly basis. This page contains detailed announcements for the most recent Nexpose coverage releases:

For June releases go to Nexpose Release Notes - June 2014. For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

 


 

This Rapid7® Nexpose® 5.9.24 release contains the following improvements:                                                

  • application improvements
  • accuracy improvement

New charts are coming!

    

In the coming weeks, Nexpose will be replacing our current charts with enhanced interactive charts and graphs. These charts provide dynamic visual snapshots of your data, giving you the ability to quickly assess your environment in real time and even export the charts as images you can share with your security team.

                                                           

Application improvements | product

    

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • An issue that prevented vulnerability counts from being refreshed when deleting vulnerability exceptions has been resolved. This improves the accuracy of vulnerability counts presented in the user interface.
  • An issue that created duplicate vulnerability exceptions within the same scope has been resolved.
  • Improvements have been made to the way Scan Engines are updated. You can now have up to ten engines updating simultaneously. Engines can be manually queued through the Scan Engine Management page. If ten engines are already updating, the process will start updating the next engine in the queue once one of Scan Engine update completes.
  • An issue that prevented users from being displayed in a closed ticket event history has been resolved.
  • A ticket's state can now be modified at any time. This allows you to re-open tickets or set a more appropriate state for your workflow.
  • An issue that prevented tickets from being closed when a vulnerability no longer applied to an asset has been resolved.

 

Accuracy improvement | product & content

 

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Form-based blind SQL injection detection has been improved.

 

 

Product Update IDs

     

  • Linux 64 | Update ID: 2754993378
  • Windows 64 | Update ID: 3378993059

     

Content update ID

    

  • Update ID: 2491314850

 

Installer links, md5sum links, and virtual appliance links

    

Click here for the latest installer links, md5sum links, and virtual appliance links.

    

       


 

This Rapid7® Nexpose® 5.9.23 release contains the following improvements:                                      

  • application improvements
  • scanning improvements
  • coverage improvements
  • accuracy improvements

                                        

Application improvements | product

 

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • An issue that may have caused non-vulnerable checks with extended UTF-8 characters in proofs to be omitted from non-vulnerable CSV reports has been fixed.
  • Scan log management has been improved resulting in better performance of reporting on large quantities of non-vulnerable results and more efficient importing of scan results.
  • A new Section 3b Special Note of the PCI Executive Summary report lists all of the mountd ports on an asset that can be used for NFS mount requests.

Coverage improvements | product & content

 

New coverage expands your visibility into assets and threats in your environment:

  • New Web spider-based coverage has been added to detect websites that are vulnerable to clickjacking.

 

Scanning improvement | product

 

New coverage expands your visibility into assets and threats in your environment:

  • Reduction of identical HTTP requests improves the performance of checks for various HTTP injection vulnerabilities.

Accuracy improvements | product & content

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Vulnerability detection of HTTP directory traversal and OS command execution has been improved for Windows assets newer than Windows XP and 2003.

 

Product Update IDs

 

  • Linux 64 | Update ID: 3874613071
  • Windows 64 | Update ID: 1219106467

 

Content update ID

 

  • Update ID: 1283682560

 

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

 


 

This Rapid7® Nexpose® 5.9.22 release contains the following improvements:                        

  • application improvements
  • scanning improvements
  • coverage improvements

                        

Application improvements | product

 

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Fingerprinting of Web applications has been expanded and improved.
  • Site and asset group descriptions now support multi-line entry. This allows you to better format your detailed descriptions. This change also includes a new, optional Description tag in the XML for the SiteConfigRequest, SiteSaveRequest, AssetGroupConfigRequest, and AssetGroupSaveRequest API v1.1 calls.
  • Site names are now sorted without case sensitivity in Asset Filter views. This makes it easier to select sites when using asset filters.
  • The Top Remediations with Details report now highlights links in solutions. This makes it easier for you to open solution references from this report.

Coverage improvements | product & content

 

New coverage expands your visibility into assets and threats in your environment:

  • You can now authenticate scans with SNMP v3. Additionally, the snmp-cleartext-credential vulnerability check now flags assets that authenticate via SNMP v1/v2c credentials, which is a high-risk flaw due to the use of cleartext static community string.
  • Assets enabled with SNMP v3 user credentials are now fingerprinted successfully. You can now supply SNMP v3 user credentials (both site and shared) to ensure assets are fully scanned.
  • You can now scan your environment for vulnerabilities in Review Board. To use this coverage, you must enable potential vulnerability checks in your scan template.

 

Scanning improvement | product

 

New coverage expands your visibility into assets and threats in your environment:

  • An issue with the CVE-2014-0224 check that could potentially cause Scan Engines to become non-responsive was fixed.

Product Update IDs

  • Linux 64 | Update ID: 490840040
  • Windows 64 | Update ID: 1743734914

Content update ID

  • Update ID: 4041318298

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.


 

This Rapid7® Nexpose® 5.9.21 release contains the following improvements:            

  • July 2014 Patch Tuesday checks
  • application improvements
  • accuracy improvements
  • coverage improvements

            

July 2014 Patch Tuesday checks | content

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for July 2014. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for July 2014. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.

These checks help you determine where new risks are located in your environment, allowing you to prioritize what needs to be remediated and help minimize risk.

Application improvement | product

 

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • Scan Engines now log their host names and serial numbers in the scan log so that you can identify which engine performed a given scan. This is especially helpful in automated environments where the Security Console Web interface is not used, and it is otherwise difficult to associate a specific engine with a scan for troubleshooting or other purposes.

 

Accuracy improvements | product & content

 

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • You can now create multiple Dynamic Discovery connections with different accounts to the same endpoint. This is helpful, for example, when two different users in the same organization want to connect to the same server and obtain information on two different lists of assets based on their access.
  • Vulnerability coverage has been improved for Microsoft Security Bulletin MS12-035.

 

Coverage improvements | product & content

 

New coverage expands your visibility into assets and threats in your environment:

      • You can now scan for vulnerabilities in the Postfix SMTP service.

 

Product Update IDs

 

      • Linux 64 | Update ID: 3401659436
      • Windows 64 | Update ID: 759954908

 

Content update ID

 

      • Update ID: 2270185486

 

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.

 

 


This Rapid7® Nexpose® 5.9.20 release contains the following improvements:  

  • application improvements
  • accuracy improvements

 

Application improvement | product

 

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:

  • When you run initial searches with partial strings in the Search box that appears in the upper-right corner of most pages in the Web interface, results include all terms that even partially match those strings. It is not necessary to use an asterisk (*). For example, if you want to find all IP addresses in the 10.4 range, you can enter 10.4. in the Search text box. If you want to modify the search after viewing the results, the asterisk is appended to the string in the Search Criteria pane that appears with the results. You can remove the asterisk if you want the next set of results to match the string exactly.
    • You can now save sites in which the lists of assets included in or excluded from scanning exceed 1 MB in metadata, such as with exceptionally long lists of host names.
    • The QualysGuard Compatible XML Export now incorporates a service listing under the added INFOS section for each asset, including services that have no discovered vulnerabilities. The QualysGuard Compatible XML Export capability allows your organization to transition more easily from Qualys to this application because you don't have to redesign third-party integration for consuming asset and vulnerability data.

     

    Accuracy improvements | product & content

     

    Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

    • A new potential vulnerability check warns you about inconclusive hosts encountered during scans. Inconclusive hosts are scan targets for which service fingerprinting attempts do not return any information on open, "listening" ports.
    • Vulnerability coverage has been improved for Microsoft Security Bulletin MS10-041.
    • False positives have been resolved for default account checks against certain telnet servers.
    • Coverage has been improved for a denial-of-service vulnerability in BEA WebLogic.
    • False positives have been eliminated for ORACLE-LSNRCTL-0001, a vulnerability in which the database listener control service does not have a password.

           

    Product Update IDs

     

        • Linux 64 | Update ID: 3675788856
        • Windows 64 | Update ID: 1919370212

     

    Content update ID

     

        • Update ID: 1827580218

     

    Installer links, md5sum links, and virtual appliance links

     

    Click here for the latest installer links, md5sum links, and virtual appliance links.


    Attachments

      Outcomes