Tag Archives: Tenable

Greenbone introduced the Greenbone Basic vulnerability scanner for SMEs, the price of which is NOT tied to the number of IP addresses that can be scanned

Leave a reply

Greenbone introduced the Greenbone Basic vulnerability scanner for SMEs, the price of which is NOT tied to the number of IP addresses that can be scanned

Greenbone introduced the Greenbone Basic vulnerability scanner for SMEs, the price of which is NOT tied to the number of IP addresses that can be scanned. A license for 1 scanner will cost 2450 € per year. It will be delivered as a virtual machine image. There is a comparison table and a data sheet.

Greenbone Basic differences:

🔹 Compared to Greenbone Free, it WILL have a full database of plugins for vulnerability detection, compliance scanning, scan scheduler, alerts, LDAP/Radius authentication, HTTPS certificate management, NTP integration.

🔹 Compared to Greenbone Enterprise, there WILL NOT be the ability to hierarchically connect scanners (sensors). API support, vulnerability remediation tickets, technical support from Greenbone and further enterprise features.

In terms of features, it looks like a real alternative to Tenable’s Nessus Professional. Competition in the entry-level fixed-price VM segment is intensifying. 👍

На русском

RCE – Fluent Bit (CVE-2024-4323) “Linguistic Lumberjack”

Leave a reply

RCE - Fluent Bit (CVE-2024-4323) Linguistic Lumberjack

RCE – Fluent Bit (CVE-2024-4323) “Linguistic Lumberjack”. Fluent Bit is a multi-platform open source tool for collecting and processing logs. It is easy to use, scales well, and can handle large amounts of data. Fluent Bit is often used in the infrastructures of large companies, especially in the infrastructures of cloud providers.

The vulnerability discovered by Tenable Research is related to memory corruption in the built-in Fluent Bit HTTP server. This HTTP server is used to monitor the status of Fluent Bit: uptime, plugin metrics, health checks, etc. Certain unauthenticated requests to the server API may result in denial of service (DoS), information leakage, or remote code execution (RCE). According to researchers, making a reliable RCE exploit will not be easy, but the PoC for DoS is already publicly available and, perhaps, it will be converted into RCE.

The fix is expected in version 3.0.4.

На русском

Microsoft Patch Tuesday July 2023: Vulristics improvements, Office RCE, SFB SmartScreen and Outlook, EoP MSHTML and ERS, other RCEs

1 Reply

Microsoft Patch Tuesday July 2023: Vulristics improvements, Office RCE, SFB SmartScreen and Outlook, EoP MSHTML and ERS, other RCEs. Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between June and July Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239131

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities.

Continue reading

Vulristics News: EPSS v3 Support, Integration into Cloud Advisor

2 Replies

Vulristics News: EPSS v3 Support, Integration into Cloud Advisor. Hello everyone! This episode will focus on the news from my open source Vulristics project for vulnerability analysis and prioritization.

Alternative video link (for Russia): https://vk.com/video-149273431_456239122

EPSS v3

The third iteration of the Exploit Prediction Scoring System (EPSS) was released in March. It is stated that EPSS has become 82% better. There is a pretty cool and detailed article about the changes. For example, EPSS Team began to analyze not 16 parameters of vulnerabilities, but 1164. I have a suspicion that most of these properties are vendor labels, as in the table.

But trying to figure out how it actually works is not very promising. After all, this is the output of some neural network. So there is no algorithm there. In terms of complexity and incomprehensibility, this is already similar to Tenable VPR. But the fact that EPSS is available for free redeems everything. 😇 By the way, the article mentions Tenable VPR and other commercial scores and criticizes them for their proprietary nature, public inaccessibility, and the fact that these scores are partly based on expert opinion, and not just on data.

Continue reading

Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities

Leave a reply

Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities. Hello everyone! In this episode, let’s take a look at the Microsoft Patch Tuesday August 2022 vulnerabilities. I use my Vulristics vulnerability prioritization tool as usual. I take comments for vulnerabilities from Tenable, Qualys, Rapid7, ZDI and Kaspersky blog posts. Also, as usual, I take into account the vulnerabilities added between the July and August Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239098

There were 147 vulnerabilities. Urgent: 1, Critical: 0, High: 36, Medium: 108, Low: 2.

There was a lot of great stuff this Patch Tuesday. There was a critical exploited in the wild MSDT DogWalk vulnerability, 3 critical Exchange vulnerabilities that could be easily missed in prioritization, 13 potentially dangerous vulnerabilities, 2 funny vulnerabilities and 3 mysterious ones. Let’s take a closer look.

Continue reading

Vulnerability Management news and publications #2

1 Reply

Vulnerability Management news and publications #2. Hello everyone! This is the second episode of Vulnerability Management news and publications. In fact, this is a collection of my posts from the avleonovcom and avleonovrus telegram channels. Therefore, if you want to read them earlier, subscribe to these channels.

The main idea of ​​this episode. Microsoft is a biased company. In fact, they should now be perceived as another US agency. Does this mean that we need to forget about Microsoft and stop tracking what they do? No, it doesn’t. They do a lot of interesting things that can at least be researched and copied. Does this mean that we need to stop using Microsoft products? In some locations (you know which ones) for sure, in some we can continue to use such products if it is reasonable, but it’s necessary to have a plan B. And this does not only apply to Microsoft. So, it’s time for a flexible approaches. Here we do it this way, there we do it differently. It seems that rather severe fragmentation of the IT market is a long-term trend and it’s necessary to adapt to it.

Alternative video link (for Russia): https://vk.com/video-149273431_456239097

What’s in this episode:

  1. Microsoft released a propaganda report, what does this mean for us?
  2. Microsoft released the Autopatch feature, is it a good idea to use it?
  3. Ridiculous Vulnerability: Hardcoded Password in Confluence Questions
  4. The new Nessus Expert and why it’s probably Tenable’s worst release
  5. Rapid7 Nexpose/InsightVM features added in Q2 2022: what’s good and what’s weird
  6. Palo Alto: Malicious scan 15 minutes after CVE is released. Oh really?
  7. 6 groups of vulnerabilities that are most often used in attacks, according to Palo Alto, and the end of IT globalization

Continue reading

Microsoft Patch Tuesday July 2022: propaganda report, CSRSS EoP, RPC RCE, Edge, Azure Site Recovery

1 Reply

Microsoft Patch Tuesday July 2022: propaganda report, CSRSS EoP, RPC RCE, Edge, Azure Site Recovery. Hello everyone! Microsoft has been acting weird lately. I mean the recent publication of a propaganda report about evil Russians and how Microsoft is involved in the conflict between countries. It wouldn’t be unusual for a US government agency, NSA or CIA to publish such a report. But when a global IT vendor, which, in theory, should be more or less neutral, does this… This is a clear signal. It’s not about business anymore.

Alternative video link (for Russia): https://vk.com/video-149273431_456239096

I’ll take a closer look at this report in the next episode of the Vulnerability Management news, but for now let’s take a look at Microsoft July Patch Tuesday. Yes, the vendor is behaving strangely, but Microsoft products need to be patched. Right? At least for now. And tracking vulnerabilities is always a good thing. 🙂

Continue reading