Posts by Snow Tempest

1 min Nexpose

The Easy Button for Updating your Nexpose Database

Relax while Nexpose does the work for you You may have received notifications that you need to update your Nexpose database soon in order to continue receiving product updates. You may have been putting it off because it sounds like a pain. Good news: it's simple! Have you seen the Staples commercials with the “easy button?” Nexpose basically has that for the update. You don't have to go in to your database and mess around with an upgrade wizard. Nexpose handles all that for you. All you ha

4 min Nexpose

GHOSTbuster: How to scan just for CVE-2015-0235 and keep your historical site data

A recently discovered severe vulnerability, nicknamed GHOST, can result in remote code execution exploits on vulnerable systems. Affected systems should be patched and rebooted immediately. Learn more about [/2015/01/27/ghost-in-the-machine-is-cve-2015-0235-another-heartbleed] CVE-2015-0235 and its risks [/2015/01/27/ghost-in-the-machine-is-cve-2015-0235-another-heartbleed]. The Nexpose 5.12.0 content update provides coverage for the GHOST vulnerability. Once the Nexpose 5.12.0 content update

3 min Vulnerability Disclosure

POODLE Jr.: The Revenge - How to scan for CVE-2014-8730

A severe vulnerability was disclosed in the F5 implementation of TLS 1.x that allows incorrect padding and therefore jeopardizes the protocol's ability to secure communications in a way similar to the POODLE vulnerability [/2014/10/14/poodle-unleashed-understanding-the-ssl-30-vulnerability]. The Nexpose 5.11.10 update provides coverage for this vulnerability, which has been given the identifier CVE-2014-8730 []. Learn more about CVE-2

3 min Vulnerability Disclosure

Block the POODLE's bite: How to scan for CVE-2014-3566

A severe vulnerability was disclosed in the SSL 3.0 protocol that significantly jeopardizes the protocol's ability to secure communications. All versions of SSL have been deprecated and its use should be avoided wherever possible. POODLE (Padding Oracle On Downgraded Legacy Encryption) is the attack that exploits this vulnerability and allows a hacker to potentially steal information by altering communications between the SSL client and the server (MitM). Learn more about CVE-2014-3566 [/2014/10

3 min Vulnerability Disclosure

Bash the bash bug: Here's how to scan for CVE-2014-6271 (Shellshock)

_[Edited 10:05 AM PDT, October, 2014 for the Nexpose 5.10.13 release]_ [Edited 10:05 AM PDT, September 26, 2014 for the Nexpose 5.10.11 release] A severe vulnerability was disclosed in bash that is present on most Linux, BSD, and Unix-like systems, including Mac OS X. The basis of this vulnerability (nicknamed Shellshock) is that bash does not stop processing after the function definition, leaving it vulnerable to malicious functions containing trailing commands. Common Vulnerabilities and Exp

2 min

Scanning time machine: Reporting on a historical scan

In network security, the questions are urgent. Are we protected against malware? Do we have protocols in place to prevent a hacker from breaking in? Sometimes, however, you need to look back in time and see what the status was in the past. If you have been tracking a vulnerability and it finally goes away, you might want to check the information in a past scan and compare it to changes in your environment. Another reason you might want to report on a historical scan is an audit. If you are re