Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast Episode 123 - "Network Management Vulnerabilities, RuggedOS Backdoor"

Welcome to the Tenable Network Security Podcast Episode 123


New & Notable Plugins


  • CiscoWorks Common Services HTTP Response Splitting - HTTP response splitting is a tricky vulnerability, and therefore may be dismissed by some as unimportant. Essentially, it can give attackers control of a web application if they can convince users to click on a link or load HTML code in their browser. Also important to note that CiscoWorks is used by many to manage the entire network infrastructure. My attack against this software would aim to steal the SNMP or other credentials on all the network gear in your network.
  • MediaWiki Multiple Vulnerabilities - Important updates for this software if you are running MediaWiki, a very popular Wiki software which also runs Wikipedia.
  • VMware Workstation, Player, ESXi and ESX Critical Patches - ''This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host.'' - Any vulnerability which allows an attacker to execute code on the host system of your VMs should get the highest priority on your patch list.
  • PHP Unsupported Version Detection - Keep up-to-date with your PHP releases! Easier said than done, as some developers will write applications which lock you into a specific version, making upgrading a much slower process.
  • RuggedOS Telnet Server Backdoor - This one has been featured in the press lately. I'm confused as to why the MAC address would be displayed in the TELNET banner.
  • Scrutinizer Multiple SQLi Vulnerabilities - Used to manage NetFlow data, SQLi bugs are ones you don't want to see in this type of application.

Passive Vulnerability Scanner (PVS)

  • Usenet File Detection (.nzb) - ''The remote web server is hosting .nzb files. NZB files are used by USENET clients to download large files.'' If you want to know if your network is participating in hosting USENET, this is the signature for you.
  • Polycom VoIP Client Detection - VoIP software has had its share of vulnerabilities, and making sure it only exists where you want it to exist is part of good network management.

SecurityCenter Report Templates

  • Adobe Readers and Players - It seems each week there is a new vulnerability exposed for either Adobe Reader or Adobe Flash. This report will provide you with your total exposure across both products.

SecurityCenter Dashboards

  • DNSChanger Monitoring - This dashboard is a snapshot of which systems Nessus and PVS have discovered with DNSChanger malware, and provides a comprehensive look at your current state of infection.

Compliance Checks


  1. VMware Backdoor Response Uninitialized Memory Potential VM Break
  2. Stupid Human Tricks: Security Job Interviews
  3. RuggedCom will block industrial control backdoor
  4. FTP a Dead Protocol or Very Much Alive?
  5. OS X Lion update exposes encryption passwords
  6. From LOW to PWNED [6] SharePoint

Subscribe to the Tenable Blog

Try for Free Buy Now

Try Tenable.io Vulnerability Management


Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free


Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.