Tenable Network Security Podcast Episode 160 - "RSA Roundup, Vulnerability Disclosure Game Changer"
Announcements
- Tenable Network Security Named as SC Magazine's 2013 Excellence Award Winner for Best Enterprise Security Solution
- Tenable Network Security Selects Ingram Micro as U.S. Distribution Partner
- We're hiring! - Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
New & Notable Plugins
Nessus
General
- Apache 2.4 < 2.4.4 Multiple Cross-Site Scripting Vulnerabilities
- Apache 2.2 < 2.2.24 Multiple Cross-Site Scripting Vulnerabilities
- Buffalo LinkStation DetectionBuffalo LinkStation Direct Request Remote File Disclosure
- MS KB2819372: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
- SSHD libkeyutils Backdoor
- Nuance PDF Reader Installed
- Nuance PDF Viewer Plus Installed
Web Applications
- TWiki < 5.1.4 MAKETEXT Variable Tilde Character Command Injection
- WordPress Poll Plugin poll_id Parameter SQL Injection
- WP Symposium Plugin for WordPress symposium_groups_functions.php gid Parameter SQL Injection
- MoinMoin < 1.9.6 Multiple Vulnerabilities
- MoinMoin rsslink() Function page_name Parameter XSS
- MariaDB 5.1 < 5.1.67 Multiple Vulnerabilities
- MariaDB 5.2 < 5.2.14 Multiple Vulnerabilities
- MariaDB 5.3 < 5.3.12 Multiple Vulnerabilities
- MariaDB 5.5 < 5.5.29 Multiple Vulnerabilities
- MyBB < 1.6.9 Multiple Vulnerabilities
- Drupal 7.x < 7.20 On-Demand Image Derivative Generation Handling Resource Exhaustion DoS
- W3 Total Cache Plugin for WordPress Cache File Direct Request Information Disclosure
VMware
Mozilla
Adobe
Passive Vulnerability Scanner
Vulnerability Detection
- Ecava IntegraXor < 4.00.4283 ActiveX Remote Buffer Overflow (SCADA)
- Ecava IntegraXor Server Login Attempt (SCADA)
- Oracle Java SE Multiple Vulnerabilities (February 2013 CPU Update 1)
- Apache 2.2 < 2.2.24 Multiple Cross-Site Scripting Vulnerabilites
- Apache 2.4 < 2.4.4 Multiple Cross-Site Scripting Vulnerabilites
- Flash Player <= 10.3.183.63 / 11.6.602.168 Multiple Vulnerabilities (APSB13-08)
General Detection
Stories
- A Vulnerability Disclosure Game Changer | Dark Reading
- Banged-up Brit hacker hacks into his OWN PRISON'S MAINFRAME
- Sinkholes reveal more Chinese-hacked biz - and piggybacking crims | The Register
- Latest Java Zero-Day Shares Connections with Bit9 Security Incident | Symantec Connect Community
- HTML5 Web Storage loophole can be abused to fill hard disks with junk data
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Securing Financial Data in the Cloud: How Tenable Can Help
November 4, 2024Preventing data loss, complying with regulations, automating workflows and managing access are four key challenges facing financial institutions. Learn how Tenable can help.
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
By
Jill Shapiro
and
Joseph Decker
- Podcast