Tenable Network Security Podcast Episode 173 - "VMware vCenter Patching, Detecting Vulnerable Browsers"
Announcements
- We're hiring! - Visit the Tenable Careers page for information about open positions.
- Check out our video channel on YouTube for Nessus and SecurityCenter tutorials.
- Tenable Tweets - Find us on Twitter at http://twitter.com/tenablesecurity where we Tweet product and company announcements, Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Discussion & Highlighted Plugins
VMware vCenter Patching
- This week, Tenable released two plugins affecting VMware vCenter. If you are running this product, you must patch this—vCenter is the foundation to your foundation. Successful attacks not only grant the attacker access to the hypervisor, they grant access to all your hypervisors. An attacker with access to the hypervisor has "virtual physical access." For example, downloading the snapshots from your VMware servers is similar to physically sitting in front of your computer. Designing an architecture that allows you to easily patch the virtual infrastructure is not all that easy. While this is certainly technically feasible, the challenges come with a price tag of having multiple, redundant virtual environments. How can we build a cost-effective and low-security-risk virtual infrastructure?
Detecting Vulnerable Browsers
- You can't have too many checks and balances when it comes to keeping browsers up-to-date with patches. For example, I use Google Chrome on OS X, and set it up to update automatically. Most people are not like me and don't keep up with all the latest vulnerabilities. So, it's very easy to never realize something needs to be updated. Now, multiply this problem by thousands of desktops, virtual machines, and devices that run a web browser. Turns out my browser was in a funky state, and I had to reinstall the updater. Having something like Tenable PVS would help, always telling me which of my machines and devices need updating. Even if I think they're updated, the User-Agent typically doesn't lie (unless you are telling it to). How do you keep your browsers up-to-date? Are there other circumstances which may cause patches to not be applied correctly?
Vulnerability Trending Using Scanning, Sniffing, and Logging
- I really like this SecurityCenter dashboard. If I was responsible for network security, I'd use it. Being able to pull from three different sources to get vulnerability data is really powerful. Few things are able to hide. I really like that since vulnerabilities can be deceptive, and it's the ones you miss that get exploited. This is what a penetration test does, finds those vulnerabilities in the dark, dusty corners that you missed.
New & Notable Plugins
Nessus
General
- IrfanView FlashPix Plugin < 4.36 Summary Information Property Set Handling Integer Overflow
- Oracle GlassFish Server 3.0.1 < 3.0.1.7 / 3.1.2 < 3.1.2.5 Multiple Vulnerabilities (April 2013 CPU)
- CoDeSys Gateway Service < 2.3.9.28 Use-After-Free
- VMware vCenter Multiple Vulnerabilities (VMSA-2012-0013)
- SAP Control SOAP Web Service Remote Code Execution (SAP Note 1414444)
- Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities
- Mac OS X Multiple Vulnerabilities (Security Update 2013-002)
- Mac OS X : Safari < 6.0.5 Multiple Vulnerabilities
- Trend Micro DirectPass < 1.6.0.1015 Multiple Vulnerabilities
- VMware vCenter Server Multiple Vulnerabilities (VMSA-2012-0005)
- Google Chrome < 27.0.1453.110 Multiple Vulnerabilities
- Splunk 5.0.x < 5.0.3 Multiple Vulnerabilities
- Mac OS X 10.7 / 10.8 Unauthorized File Access (remote check)
- ISC BIND 9 Recursive Resolver Malformed Zone DoS
- Siemens Solid Edge SEListCtrlX ActiveX Control SetItemReadOnly Method Memory Address Write Arbitrary Code Execution
- Siemens Solid Edge WPHelper ActiveX Control OpenInEditor Method Arbitrary Command Execution
- MediaWiki 1.19.x < 1.19.7 / 1.20.x < 1.20.6 Arbitrary File Upload
- PHP 5.3.x < 5.3.26 Multiple Vulnerabilities
- PHP 5.4.x < 5.4.16 Multiple Vulnerabilities
- Plesk Panel Apache Arbitrary PHP Code Injection
- SSL Null Cipher Suites Supported
- HP Data Protector Multiple Vulnerabilities
Passive Vulnerability Scanner
Vulnerability Detection
- Apache Subversion < 1.8.0 / 1.7.10 / 1.6.23 Multiple Vulnerabilities
- Eclipse IDE Software Detection
- Mac OS X : Safari < 6.0.5 Multiple Security Vulnerabilities
- Google Chrome < 27.0.1453.110 Multiple Vulnerabilities
- Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)
- CAPWAP Protocol Client Detection
- CAPWAP Protocol Detection
- CAPWAP Protocol Server Detection
- LWAPP Protocol Detection
- PROMOTIC SCADA Server Detection
- ISC BIND 9.6-ESV-R9 / 9.8.5 / 9.9.3 Remote Denial of Service Vulnerability
- PHP < 5.4.16 / 5.3.26 Heap Based Buffer Overflow Vulnerability
- IBM Websphere DataPower server detection
SecurityCenter Dashboards and Report Templates
Dashboards
- Print Services Vulnerabilities
- Operating System Vulnerabilities
- Vulnerability Trending with Scanning, Sniffing and Logging
- Enterprise Management Software Vulnerabilities
- Network Service Vulnerabilities
- Application Development Vulnerabilities
- Media Player Vulnerability Dashboard
- Database Software Vulnerabilities
- Adobe Software Vulnerabilities
Reports
- Print Services Vulnerability Report
- Operating System Vulnerability Report
- Enterprise Management Software Vulnerabilities
- Network Service Vulnerabilities
- Vulnerability Trending with Scanning, Sniffing and Logging
- Application Development Vulnerabilities
- Media Player Vulnerability Report
- Database Software Vulnerabilities
- Adobe Software Vulnerabilities
Security News Stories
Related Articles
NIST Cybersecurity Framework Adopted by Thirty Percent of US Organizations
February 18, 2016In the February 18, 2016 Risky Business podcast, Cris Thomas speaks with Patrick Gray about the NIST Cybersecurity Framework. Gartner recently announced that 30% of all US organizations - both public...
Tenable Network Security Podcast Episode 206 - "PCI, Breaches and more!"
September 15, 2014
Operational Technology in the DoD: Ensuring a Secure and Efficient Power Grid
April 19, 2024In an evolving threat landscape, the DoD must make sure that its mission-critical operations don’t experience power outages.
Cybersecurity Snapshot: Cyber Agencies Offer Secure AI Tips, while Stanford Issues In-Depth AI Trends Analysis, Including of AI Security
April 19, 2024Check out recommendations for securing AI systems from the Five Eyes cybersecurity agencies. Plus, Stanford University offers a comprehensive review of AI trends. Meanwhile, a new open-source tool aims to simplify SBOM usage. And don’t miss the latest CIS Benchmarks updates. And much more!
Tenable and Thales Collaborate to Provide Cyber Defense Simulations to Better Secure Operational Technology Environments
April 18, 2024The heart of the Welsh Valleys is home to the Thales Ebbw Vale campus, a world-class facility jointly funded by the Welsh government as part of its regeneration program for the region. At the core of the facility is the Cyber Range, a simulation and virtualization platform for training, testing, exercising and R&D. Tenable has joined the lineup of solutions used to run real world simulations in this controlled environment.
- Podcast