Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast Episode 123 - "Network Management Vulnerabilities, RuggedOS Backdoor"

Welcome to the Tenable Network Security Podcast Episode 123

Announcements

New & Notable Plugins

Nessus

  • CiscoWorks Common Services HTTP Response Splitting - HTTP response splitting is a tricky vulnerability, and therefore may be dismissed by some as unimportant. Essentially, it can give attackers control of a web application if they can convince users to click on a link or load HTML code in their browser. Also important to note that CiscoWorks is used by many to manage the entire network infrastructure. My attack against this software would aim to steal the SNMP or other credentials on all the network gear in your network.
  • MediaWiki Multiple Vulnerabilities - Important updates for this software if you are running MediaWiki, a very popular Wiki software which also runs Wikipedia.
  • VMware Workstation, Player, ESXi and ESX Critical Patches - ''This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host.'' - Any vulnerability which allows an attacker to execute code on the host system of your VMs should get the highest priority on your patch list.
  • PHP Unsupported Version Detection - Keep up-to-date with your PHP releases! Easier said than done, as some developers will write applications which lock you into a specific version, making upgrading a much slower process.
  • RuggedOS Telnet Server Backdoor - This one has been featured in the press lately. I'm confused as to why the MAC address would be displayed in the TELNET banner.
  • Scrutinizer Multiple SQLi Vulnerabilities - Used to manage NetFlow data, SQLi bugs are ones you don't want to see in this type of application.

Passive Vulnerability Scanner (PVS)

  • Usenet File Detection (.nzb) - ''The remote web server is hosting .nzb files. NZB files are used by USENET clients to download large files.'' If you want to know if your network is participating in hosting USENET, this is the signature for you.
  • Polycom VoIP Client Detection - VoIP software has had its share of vulnerabilities, and making sure it only exists where you want it to exist is part of good network management.

SecurityCenter Report Templates

  • Adobe Readers and Players - It seems each week there is a new vulnerability exposed for either Adobe Reader or Adobe Flash. This report will provide you with your total exposure across both products.

SecurityCenter Dashboards

  • DNSChanger Monitoring - This dashboard is a snapshot of which systems Nessus and PVS have discovered with DNSChanger malware, and provides a comprehensive look at your current state of infection.

Compliance Checks

Stories

  1. VMware Backdoor Response Uninitialized Memory Potential VM Break
  2. Stupid Human Tricks: Security Job Interviews
  3. RuggedCom will block industrial control backdoor
  4. FTP a Dead Protocol or Very Much Alive?
  5. OS X Lion update exposes encryption passwords
  6. From LOW to PWNED [6] SharePoint

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security