Tenable Network Security Podcast Episode 154 - "Mozilla Patch Updates, Upgrade to the Latest Version (or Not)"
Announcements
- We're hiring! - Recently, Business Insider named Tenable one of the 15 Most Important Security Startups of 2013. Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
New & Notable Plugins
Nessus
- Firefox 10.x < 10.0.12 Multiple Vulnerabilities
- Firefox 10.x < 10.0.12 Multiple Vulnerabilities (Mac OS X)
- Firefox 17.x < 17.0.1 Multiple Vulnerabilities
- Firefox 17.x < 17.0.1 Multiple Vulnerabilities (Mac OS X)
- Firefox 17.x < 17.0.2 Multiple Vulnerabilities
- Firefox 17.x < 17.0.2 Multiple Vulnerabilities (Mac OS X)
- Firefox 17.x Multiple Vulnerabilities
- Firefox 17.x Multiple Vulnerabilities (Mac OS X)
- Mozilla Thunderbird 10.x < 10.0.12 Multiple Vulnerabilities
- Mozilla Thunderbird 17.x < 17.0.2 Multiple Vulnerabilities
- SeaMonkey 2.14.x Multiple Vulnerabilities
- Thunderbird 10.x < 10.0.12 Multiple Vulnerabilities (Mac OS X)
- Thunderbird 17.x < 17.0.2 Multiple Vulnerabilities (Mac OS X)
- Cerberus FTP Server < 5.0.4.0 SSH DES Cipher Weakness
- Cerberus FTP Server < 5.0.5.0 Cross-Site Request Forgery
- Cerberus FTP Server < 5.0.6.0 Multiple XSS
- Samba 4.x < 4.0.1 AD DC LDAP Directory Objects Security Bypass
- Nagios Core history.cgi Multiple Parameter Buffer Overflow
- MySQL 5.5 < 5.5.29 Multiple Vulnerabilities
- Windows OS Partial Product Key (WMI)
- Windows Product Key Retrieval
- PHP 5.3.x < 5.3.21 cURL X.509 Certificate Domain Name Matching MiTM Weakness
- PHP 5.4.x < 5.4.11 cURL X.509 Certificate Domain Name Matching MiTM Weakness
- Oracle Database, January 2013 Critical Patch Update
Passive Vulnerability Scanner
- Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities
- Mozilla SeaMonkey 2.x <= 2.14 Multiple Vulnerabilities
- Mozilla Thunderbird 17.x < 17.0.2 Multiple Vulnerabilities
SecurityCenter Dashboards
- PCI Configuration Settings
- 800-53 Configuration Auditing
- DISA Control Correlation Identifier (CCI) Dashboard
SecurityCenter Report Templates
Stories
- Exploiting printers via Jetdirect vulnerabilities | viaForensics
- Is Dell looking to kill PCs with "Project Ophelia"?
- Canadian Student Expelled After Finding Critical Flaw in Software Used by Colleges
- What's lurking in your network? Find out by decrypting SSL
- Bad parking job? Text the driver through the license plate
- Linksys vuln: Cisco responds
- 'End of passwords' predictions are premature - Cambridge boffin
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Securing Financial Data in the Cloud: How Tenable Can Help
November 4, 2024Preventing data loss, complying with regulations, automating workflows and managing access are four key challenges facing financial institutions. Learn how Tenable can help.
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
By
Jill Shapiro
and
Joseph Decker
- Podcast