Use multiple vulnerability scanners in the name of good

About a month ago I wrote a post “When a free scanning service detects vulnerabilities better”. This post was about OpenSSL CVE-2016-2107 vulnerability. A free High-Tech Bridge scanning service was detecting this vulnerability, but commercial Tenable Nessus/SecurityCenter not.

We communicated with a Tenable customer support and it brought some results. Now you can find a new plugin #91572 “OpenSSL AES-NI Padding Oracle MitM Information Disclosure” in Nessus plugin search (by CVE id CVE-2016-2107).

New CVE-2016-2107 Nessus plugin

I have tested a vulnerable server with High-Tech Bridge service:

HTBridge detects vulnerability

Then scanned it with Nessus. Note, that you can select only one plugin “General -> 91572” in your Nessus scan policy to speed up the scanning. This plugin does not have any dependencies.

Nessus detects vulnerability

As you can see, now the Nessus detects this vulnerability correctly.

The screenshot shows that it took more than a month, but after all this detection plugin was realized. And I hope my support tickets also played some role.

Nessus plugin

Therefore, I recommend, if it is possible, to validate your vulnerability scan results with additional scanners/services and REPORT your vendor the differences. It will help to achieve a better security level for your infrastructure and will make the your vendor’s products better.

2 thoughts on “Use multiple vulnerability scanners in the name of good

  1. Pingback: When a free scanning service detects vulnerabilities better | Alexander V. Leonov

  2. Pingback: Exporting Nessus scan results to Splunk | Alexander V. Leonov

Leave a Reply

Your email address will not be published. Required fields are marked *