Tenable Network Security Podcast Episode 165 - "New VMware Configuration Audits"
Announcements
- Video: Introduction to SecurityCenter Continuous View
- We're hiring! - Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Nessus Configuration and Compliance Checks
Special Guest: Mehul Revankar, Tenable's Director Compliance Research/Configuration Auditing
Mehul joins us to discuss the new VMware compliance and configuration auditing checks recently added to Nessus.
- What was the driving factor behind re-implementing the compliance checks using the VMware API?
- Which versions of VMware ESXi/vCenter are supported?
- What do the two new compliance audits check and what are the differences between the two?
- Describe the Tenable VMware best practice audit.
- What are some of the other features that our users can take advantage of?
.audit File Technical Specifications
- Auditing VMware vCenter/vSphere Compliance with Nessus
- VMware vSphere 5.0 Hardening Guide Audit
- Tenable VMware Best Practices Audit
Nessus ProfessionalFeed and SecurityCenter customers can download compliance checks from the Tenable Support Portal.
New & Notable Plugins
Nessus
General
- Asterisk SIP SDP Buffer Overflow (AST-2013-001)
- Asterisk HTTP Content-Length Header DoS (AST-2013-002)
- Asterisk SIP Channel Driver Username Disclosure (AST-2013-003)
- Novell Identity Manager Role Based Provisioning Module Unspecified Vulnerability
- Citrix Access Gateway Administrative Web Interface Default Credentials
- Citrix Access Gateway 5.x < 5.0.4.223524 Unspecified Security Bypass
Application Detection
Web Applications
- IBM InfoSphere Data Replication Dashboard Default Credentials
- IBM InfoSphere Data Replication Dashboard User Enumeration
- IBM InfoSphere Data Replication Dashboard Unpassworded User Enumeration
- Sophos Web Protection Appliance patience.cgi id Parameter Directory Traversal
- MediaWiki 1.19 < 1.19.4 / 1.20 < 1.20.3 Multiple Vulnerabilities
- MediaWiki mwdoc-filter.php Arbitrary File Access
- mnoGoSearch search.cgi QUERY_STRING Parameter Parsing Arbitrary File Access
Microsoft Updates
- MS13-028: Security Update for Internet Explorer (2817183)
- MS13-029: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223)
- MS13-030: Vulnerability in SharePoint Could Allow Information Disclosure (2827663)
- MS13-031: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2813170)
- MS13-032: Vulnerability in Active Directory Could Lead to Denial of Service (2830914)
- MS13-033: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2820917)
- MS13-034: Vulnerability in Microsoft Antimalware Client Could Allow Elevation of Privilege (2823482)
- MS13-035: Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)
- MS13-036: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2829996)
- MS KB2833510: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
Cisco IOS
- Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability (cisco-sa-20130327-cce)
- Cisco IOS Software Internet Key Exchange Vulnerability (cisco-sa-20130327-ike)
- Cisco IOS Software IP Service Level Agreement Vulnerability (cisco-sa-20130327-ipsla)
- Cisco IOS Software Network Address Translation Vulnerability (cisco-sa-20130327-nat)
- Cisco IOS Software Protocol Translation Vulnerability (cisco-sa-20130327-pt)
- Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability (cisco-sa-20130327-rsvp)
- Cisco IOS Software Smart Install Denial of Service Vulnerability (cisco-sa-20130327-smartinstall)
Adobe
- Adobe AIR 3.x <= 3.6.0.6090 Multiple Vulnerabilities (APSB13-11)
- Flash Player <= 10.3.183.68 / 11.6.602.180 Multiple Vulnerabilities (APSB13-11)
- Adobe AIR for Mac 3.x <= 3.6.0.6090 Multiple Vulnerabilities (APSB13-11)
- Flash Player for Mac <= 10.3.183.68 / 11.6.602.180 Multiple Vulnerabilities (APSB13-11)
- Shockwave Player <= 12.0.0.112 Multiple Vulnerabilities (APSB13-12)
Passive Vulnerability Scanner
Vulnerability Detection
- Opera < 12.15 Multiple Vulnerabilities
- Asterisk Multiple Vulnerabilities (AST-2013-001 / AST-2013-002 / AST-2013-003)
- Squid 3.x < 3.2.9 / 3.3.3 strHdrAcptLangGetItem Malformed Accept-Language Denial of Service
- Flash Player <= 10.3.183.68 / 11.6.602.180 Multiple Vulnerabilities (APSB13-11)
- Flash Player <= 10.3.183.68 / 11.6.602.180 Multiple Vulnerabilities (APSB13-11)
General Detection
SecurityCenter Report Templates and Dashboards
Security News Stories
- Podcast
