September 2014 Release Notes

Document created by rebecca carter Employee on Oct 8, 2014
Version 1Show Document
  • View in full screen mode

To help you protect your environment against ever-evolving security threats Rapid7 releases coverage updates for Nexpose on a weekly basis. This page contains detailed announcements for the most recent Nexpose coverage releases:


   

This Rapid7® Nexpose® 5.10.12 release contains additional coverage for the Shellshock vulnerability.                                                          

Coverage update |  content


  • We’ve improved the accuracy for the remote Shellshock (CVE-2014-6271) vulnerability check, where certain Web server configurations were not identified properly.
  • An issue with authenticated coverage for the Shellshock vulnerability (CVE-2014-6271) that prevented the generation of some report types in PDF format has been resolved.

 

 

FAQ


For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

 

Product Update IDs

 

  • Linux 64 | Update ID: 1896806198
  • Windows 64 | Update ID: 2907422571

 

Content update

 

  • Update ID:302729413

 

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.


   

This Rapid7® Nexpose® 5.10.11 release contains additional coverage for the Shellshock vulnerability.

                     

Coverage update |  content

  • An authenticated check has been added to enable the identification of systems vulnerable to CVE-2014-7169, which was disclosed due to an improper fix for CVE-2014-6271, the “Shellshock” vulnerability in bash that allows remote execution of arbitrary code. This expands the Shellshock coverage beginning with the September 25, 2014, release.
  • An issue with unauthenticated coverage of the Shellshock vulnerability (CVE-2014-6271) against HTTP servers with soft 404 landing pages has been resolved.
  • An issue with authenticated coverage of the Shellshock vulnerability (CVE-2014-6271) on Red Hat Enterprise Linux 5 has been addressed.

Learn more about the the vulnerability and how to scan for it.

 

FAQ

For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

 

Product Update IDs

 

  • Linux 64 | Update ID: 3126651729
  • Windows 64 | Update ID: 3072611236

 

Content update

 

  • Update ID: 2307736689

 

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.

 


   

This Rapid7® Nexpose® 5.10.10 release contains a hotfix coverage update.                          

Coverage update |  content

 

New coverage is available for CVE-2014-6271 (Shellshock), a vulnerability in bash that allows remote execution of arbitrary code.

  • Authenticated package-based vulnerability checks have been added for the following platforms:
    • Amazon Linux
    • Canonical Ubuntu
    • CentOS Linux
    • Debian Linux
    • FreeBSD
    • Oracle Linux
    • Red Hat Linux
  • An authenticated check has been added to enable the identification of vulnerable systems for which a vendor has not yet released a patch.
  • An unauthenticated check for vulnerable CGI pages has been added.
    • Note that this vulnerability check requires a product update.

Learn more about the the vulnerability and how to scan for it.

FAQ


For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

Product Update IDs

  • Linux 64 | Update ID: 995492
  • Windows 64 | Update ID: 1147227355

Content update

  • Update ID: 2724451909

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

         

     

This Rapid7® Nexpose® 5.10.9 release contains the following improvements:        

  • accuracy improvement
  • scanning improvement
  • application improvements
  • recurring  coverage

Accuracy improvement |  content & product

 

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • A new vulnerability check targets RC4 ciphers and classifies them as a vulnerability specific to CVE-2013-2566. RC4 ciphers  with 128-bit key lengths are no longer included in the generic SSL weak ciphers check. This gives you more precise control in reporting and excluding these vulnerabilities.

Scanning improvement |  product

 

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • When a target that is being scanned goes offline, the Security Console stops the scan of that target and displays its status as Incomplete. These changes improve the use of scanning resources and provide more accurate scan status reporting.

Application improvements | product

 

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

    • An issue that prevented the saving of site configurations with Hosted Scan Engines in some circumstances has been resolved.
    • Searches that include an asterisk (*) as a wild-card character now return results. This change corrects an issue introduced in the September 17 release, which included other improvements to the Search features.
    • A corrected issue ensures that if you replace a vulnerability scan template with a discovery scan template and run a scan, the risk scores for assets in the relevant site are not affected.
    • Site Listing and Complete Scans tables now load faster in the Web interface. The improvement is especially noticeable for deployments with large numbers of sites.
    • Descriptions for scan template settings that were added in the September 17 release have been clarified, so that you can better understand how they affect your scan performance. These settings, which appear in the General tab of the Scan Template Configuration panel, are related to the number of scan processes that are used simultaneously.
    • You can now select multiple policies in a scan template with a single click for easier scan configuration.

        

Recurring coverage | content

        

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

                                                                                                                                 

Product Update IDs

 

  • Linux 64 | Update ID: 1306768785
  • Windows 64 | Update ID: 2436140981

 

Content update

 

  • Update ID: 3980029259

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.

FAQ

For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

 


 

This Rapid7® Nexpose® 5.10.8 release contains the following improvements:

  • coverage improvement
  • accuracy improvement
  • scanning improvement
  • application improvement
  • recurring  coverage

Coverage improvement |  content

 

New coverage expands your visibility into assets and threats in your environment:

  • Coverage has been added for critical security vulnerabilities in Adobe Reader and Acrobat, as disclosed in Adobe Security Bulletin APSB14-20.

 

Accuracy improvement |  content & product

 

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An issue that could cause false negatives on scans of assets running the Telnet service has been corrected.

 

Scanning improvement |  product

 

Better scan performance helps you to retrieve scan results more quickly with improved accuracy and more efficient use of resources:

  • You can now set a host thread limit in the General tab of a scan template. This control expands your ability to increase scan speeds. When your scan template allows for more than one host thread, performance improves for protocol fingerprinting and certain vulnerability checks. Also, protocol fingerprinting now times out for scan targets that take more than one hour to complete. Typically this occurs with "tarpit" scenarios, when targets have excessive numbers of ports open. The timeout limit ensures that scans do not run too long in such situations.

 

Application improvements | product

 

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • The Security Console Search feature now supports hyphens in the search strings. This expands the range of search results, for example, with site names that include hyphens.
  • A rare issue related to fingerprint matching on start-up that sent the Security Console into maintenance mode has been corrected.

 

Recurring coverage | content

 

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

Product Update IDs

 

  • Linux 64 | Update ID: 242236774
  • Windows 64 | Update ID: 2091505766

 

Content update

  • Update ID: 2214949382

 

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.


FAQ

 

For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

 

 


 

This Rapid7® Nexpose® 5.10.7 release contains the following improvements:

  • accuracy improvements
  • Patch Tuesday coverage
  • recurring  coverage

Accuracy improvement |  content

 

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • Coverage for IBM AIX has been enhanced to identify security patches with greater accuracy, which results in significantly fewer false positives and allows for more focused remediation guidance. For more information, see a blog about this change.

 

Coverage for September Patch Tuesday exposures

 

New vulnerability checks provide up-to-date Microsoft Patch Tuesday scan coverage for September 2014. For information about all current security bulletins covered in this release, see the Microsoft Security Bulletin Summary for September 2014. Use the checks in this update to verify that the latest Microsoft patches have been applied to system assets.

 

Recurring coverage | content

 

New and updated vulnerability checks help you protect your environment against the latest threats. See all the operating systems and applications covered by these updates.

                                                                                                                 

Product Update IDs

 

  • Linux 64 | Update ID: 2535386456
  • Windows 64 | Update ID: 2664407757

 

Content update

 

  • Update ID: 213286675

 

Installer links, md5sum links, and virtual appliance links

 

Click here for the latest installer links, md5sum links, and virtual appliance links.


FAQ

 

For details about restarting Nexpose after updating and other update information, see Nexpose release FAQ.

 


This Rapid7® Nexpose® 5.10.6 release contains the following improvements:                                                           

  • application improvements
  • accuracy improvements

 

Application improvements | product

 

Improvements to how the application integrates and presents scan data, and how it performs overall, help you to manage security issues more effectively in your environment:                                     

  • Nexpose's unique integration with VMware’s new NSX security and network virtualization platform provides visibility and enables effective risk management for software-defined data centers. This new capability uses an innovative approach of vulnerability scanning directly through the hypervisor. Key benefits include real-time dynamic asset discovery, comprehensive risk visibility, deep scanning without credentials, and ability to automatically mitigate risk.
  • Translation improvements for the Japanese Highest-risk Vulnerabilities report convey more information.
  • Translation improvements convey more information in the Korean Audit, Baseline Comparison, Executive Overview, and Top Remediations with Details reports.
  • The Vulnerabilities page now includes a column for the last scan date in the Affected Assets table. Seeing the most recent scan date for an asset can be helpful in prioritizing a particular vulnerability. For example, a vulnerability discovered in an older scan might require more immediate attention because risk can increase with vulnerability age.

 

Accuracy improvement | product & content

 

Better accuracy of scan results helps you to assess your security posture and prioritize remediation more effectively:

  • An issue that could cause false negatives on scans of assets running the Telnet service has been corrected.
  • Fingerprinting of Microsoft Exchange Server is now more consistent, resolving a number of false negatives.
  • Vulnerability coverage for Microsoft's revised security bulletin MS14-045 has been updated.

 

Product Update IDs

  • Linux 64 | Update ID: 3795657753
  • Windows 64 | Update ID: 1656285412

Content update

 

  • Update ID: 2889649333

Installer links, md5sum links, and virtual appliance links

Click here for the latest installer links, md5sum links, and virtual appliance links.

         

Attachments

    Outcomes