Foundstone 7.0 Patch 6 Release Notes

Similar documents
Foundstone 7.0 Patch 8 Release Notes

McAfee Vulnerability Manager

Release Notes McAfee Vulnerability Manager 7.5.8

McAfee Vulnerability Manager Release Notes

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

Interface reference. McAfee Policy Auditor Interface Reference Guide. Add Service Level Agreement page

Tenable.sc-Tenable.io Upgrade Assistant Guide, Version 2.0. Last Revised: January 16, 2019

NGFW Security Management Center

Qualys Cloud Platform (VM, PC) v8.x Release Notes

McAfee Vulnerability Manager 7.0.1

ForeScout Extended Module for Tenable Vulnerability Management

NGFW Security Management Center

McAfee Enterprise Security Manager 10.3.x Release Notes

McAfee Gateway Appliance Patch 7.5.3

Using the VMware vrealize Orchestrator Client

Barracuda Firewall Release Notes 6.6.X

ZENworks 11 Support Pack 4 Management Zone Settings Reference. October 2016

Host Identity Sources

Using the VMware vcenter Orchestrator Client. vrealize Orchestrator 5.5.1

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

Version Release Notes

This Readme describes the NetIQ Access Manager 3.1 SP5 release.

ZENworks 2017 Audit Management Reference. December 2016

Release Notes Release (December 4, 2017)... 4 Release (November 27, 2017)... 5 Release

Stonesoft Management Center. Release Notes Revision A

BMC FootPrints 12 Integration with Remote Support

Chapter 5: Vulnerability Analysis

KYOCERA Net Admin User Guide

NGFW Security Management Center

DiskBoss DATA MANAGEMENT

Dell EMC License Manager Version 1.5 User's Guide

McAfee epolicy Orchestrator Release Notes

NetIQ Privileged Account Manager 3.5 includes new features, improves usability and resolves several previous issues.

Interface Reference. McAfee Application Control Windows Interface Reference Guide. Add Installer page. (McAfee epolicy Orchestrator)

Installation Guide Worksoft Analyze

Table of Contents Chapter 1: Migrating NIMS to OMS... 3 Index... 17

ForeScout Extended Module for Advanced Compliance

Community Edition Getting Started Guide. July 25, 2018

An Apple Subsidiary. This software addresses an issue where the OpenSSL library used by FileMaker Server 13.0v1 was vulnerable to the Heartbleed bug.

Web Self Service Administrator Guide. Version 1.1.2

User Identity Sources

Administering vrealize Log Insight. September 20, 2018 vrealize Log Insight 4.7

Stonesoft Management Center. Release Notes Revision A

Network Discovery Policies

SpaceShuttle User guide v3

User Manual. Admin Report Kit for Exchange Server

Qualys Cloud Suite 2.30

FortiNAC Citrix XenMobile Device Integration

ForeScout Extended Module for Qualys VM

Juniper Networks Access Control Release Notes

Notification Template Limitations. Bridge Limitations

NETWRIX WINDOWS SERVER CHANGE REPORTER

ForeScout Extended Module for IBM BigFix

HOW TO BUILD A SUCCESSFUL VULNERABILITY MANAGEMENT PROGRAM FOR MEDICAL DEVICES. Sarah Kennedy Robert Sloan

Barracuda Firewall Release Notes 6.5.x

KACE Systems Deployment Appliance (K2000) 4.1. Administrator Guide

About Symantec Encryption Management Server

Using ANM With Virtual Data Centers

McAfee epolicy Orchestrator Release Notes

Dell License Manager Version 1.2 User s Guide

LDAP/AD v1.0 User Guide

NGFW Security Management Center

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

User Identity Sources

VMware Mirage Web Manager Guide

Qualys Cloud Platform (VM, PC) v8.x Release Notes

JIRA Integration Guide

ForeScout CounterACT. Configuration Guide. Version 5.0

Axon Fixed Limitations... 1 Known Limitations... 3 Informatica Global Customer Support... 5

BlackBerry Enterprise Server for Microsoft Office 365. Version: 1.0. Administration Guide

Scan Station 710/730 Release Notes:

Installation Guide Worksoft Certify Execution Suite

User Manual. ARK for SharePoint-2007

High Availability Synchronization PAN-OS 5.0.3

AppSense DataNow. Release Notes (Version 4.0) Components in this Release. These release notes include:

SecurityCenter 5.0 SCAP Assessments. May 28, 2015 (Revision 2)

KACE Systems Deployment Appliance 5.0. Administrator Guide

Forescout. eyeextend for IBM BigFix. Configuration Guide. Version 1.2

Tenable SCAP Standards Declarations. June 4, 2015 (Revision 11)

Platform Settings for Classic Devices

CDP Data Center Console User Guide CDP Data Center Console User Guide Version

Tanium Comply User Guide. Version 1.7.3

Entrust. Discovery 2.4. Administration Guide. Document issue: 3.0. Date of issue: June 2014

Guest Access User Interface Reference

Copyright NeoAccel Inc. SSL VPN-Plus TM. NeoAccel Management Console: Network Extension version 2.3

Zemana Endpoint Security Administration Guide. Version

Administering vrealize Log Insight. 05-SEP-2017 vrealize Log Insight 4.3

McAfee Security Management Center

This documentation is for clean installations with no prior Panopto software installed. For upgrade instructions, please see Upgrade to Panopto 4.6.

Horizon DaaS Platform 6.1 Patch 3

SOURCEFIRE 3D SYSTEM RELEASE NOTES

Configuring Vulnerability Assessment Devices

Configuration Manager

Sophos Mobile. super administrator guide. Product Version: 8

McAfee Network Security Platform 8.3

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.2

EMC SourceOne for Microsoft SharePoint Version 6.7

Transcription:

Foundstone 7.0 Patch 6 Release Notes These release notes describe the changes and updates for Foundstone 7.0, patch 6. This application installs only the patch needed to update the Foundstone system. Foundstone 7.0.6 Release Notes Updated data probe to elicit response from UDP port 500. Fixed the stale engine delete operation in the scan controller and added more verbose logging for better diagnostics. Fixed premature timeouts in the watchdog timer for WMI scripts. Fixed the algorithm used to process the http response received after posting Assessment results to the scan controller. Fixed the algorithm used to process the http response received after posting Discovery results to the scan controller. Fixed sudo command processing when the command includes a pipe ( ) command delimiter. Updated the FASL engine to load the WinPcap drivers from the same folder as the core FASL engine component. Fixed handling of OS Category when epo OS Category is unknown. Fixed registration of Audit Request with no associated MVM assets. Fixed Report Server out-of-memory condition when generating very large Benchmark Summary page. Reports can now render multiple CVE entries contained in the updated VulnDatabase.xml. Fixed data service error when attempting to start a Quickscan that has been modified to use a named vuln set. Fixed log file path validation. Fixed FCServer crash due to invalid agent configuration data. Enhanced FCAgent connection logic. Fixed Portal script timeout while receiving very large reports. Fixed validation of special characters when creating user accounts. Fixed Portal memory issues while downloading large reports (less than 300MB zipped). Provide notification for changing configuration when changing Display By or Search By settings. Fixed Manage Assets so that QuickScan is not available when it is disabled in the config.ini file. Added support for Cyberark credentials. Foundstone 7.0.5 Release Notes Fixed rules-based vuln sets to use the NVD CVSS scoring vector. Fixed the access rights for Scan Targets. Enhanced the performance of the operation that saves the scan-snapshot to avoid timeouts. Fixed encoding of User passwords. Added a warning dialog if the vulns selection has been changed but not saved. Added UTC suffix to times displayed in Enterprise Manager Reports page. Fixed scan engine to pause batches when they attempt to start outside of a scan window. Increased the number of attempts to recover a job on scan engine start. Fixed the start up sequence of the scan engine service. In the event of a failure, the service will not start up and an appropriate error messages will be logged.

Fixed Notification time consistency (time now clearly displayed as UTC). Fixed generation of invalid hyperlink for no vulnerability results. Fixed scroll bar on asset tree. Fixed handling of large recordset data to prevent out-of-memory condition. Added First and Last found columns to vulnerabilities.csv report. Fixed infinite loop during post-processing. Fixed hang condition in the FSDiscovery module when not all adapters can be initialized. Fixed hang condition during renegotiation for the TLS man in the middle attack check. Fixed memory corruption causing the FSDiscovery module to crash. Fixed result processor to use an increased timeout value for database operation retries. Added registry setting to adjust SMTP command receive timeout. Improved logging. Foundstone 7.0.4 Release Notes Fixed Mac OSX reporting. Fixed blank lines in FCM Manage OS Fingerprints. Fixed issue selecting Full Access in the access permissions when using roles. Fixed updating Shell credentials to preserve root password. Fixed import of IP Pool and Exclusions using CIDR format. Fixed combining IP ranges during IP Pool edit. Fixed Enterprise Manager UI to clearly indicate reported Foundscore type. Fixed Global IP exclusions to prevent scanning excluded IPs from root organization scan. Fixed memory leak in continuous scan against shell targets. Fixed Enterprise Manager login error when SCAP scan is the "default view" on the Dashboard. Fixed FSScanEngineSvc memory usage when processing empty batches. Reduced scan controller memory usage while processing assessment results. Increased the number of retries for the fssavesnapshot database operation to 10. Fixed XML encoding of malformed URLs within an HTML page body. Fixed memory leak observed in JScript.dll when using the IE8 scripting engine. Fixed the exception generated by the ReadContentAsInt method when processing an empty discovery result set. Fixed intermittent FSScanEngineSvc service crash. Fix various modules to respond to the cancel request in a more timely manner. Discovery module enhancements: - Added probe for detection of and banner grabbing from UDP port 427 (SRVLOC). - Updated UDP port 5353 (mdns) probe. - Added check for EMC systems during Windows OS identification. Fixed small memory leak in the Shell Module. Added CVSS scoring to ticketing. Fixed report server 'Unknown error 0x800A0CC1' while loading the 'AssetsVulns' recordset. Fixed synchronization of Benchmarks during Policy Auditor Maintain Foundstone Audits. Sends set preference commands for NSM-enabled FCAgent only when needed.

Fixed intermittent failure when communicating with NSM. API server settings are now present for NSM-enabled clients. Foundstone 7.0.3 Release Notes Added the ability to detect the Oracle Transparent Network Substrate (TNS) protocol running on non-standard ports. Create a new scan or edit an existing scan. On the Settings tab, click Services, then click Advanced Options. Make sure Detecting services running on non-standard ports is selected. Select tns under Available Services, then click >> to add it to Selected Services. Click Close. Under TCP Scanning, select Custom. Type the custom port number, separating the numbers with a space. Save your scan. Added Awaiting Resources to the Status column on the scan status page. This status appears when the engine has insufficient memory to run the scan. When scan engine resources become available, the scan will resume. Fixed NetBIOS name not being correctly recorded. Fixed WHAM module state transition during the pause command right after the module completes processing of the batch. Fixed OS identification conflict resolution. Updated the McAfee Community URL on the Portal login page. Fixed Report Server hang on encountering an Asset/OS mismatch. Fixed throttling to wait until the default number of threads is available when throttling back in low memory conditions. Fixed update of LastFoundDateTime column during asset reconciliation. Fixed scan completion notifications to list correct Scan Engine. Added SSL code to support checks such as CVE-2009-3555 (TLS / SSL Man-In-The-Middle Renegotiation Vulnerability). Fixed scan start notification email to be sent at the actual scan start time. Added additional logging in the Scan Controller to identify malformed XML documents. Fixed Scan Engine hang when batching hosts for assessment. Fixed IP Range import failure. Fixed Scan Configuration to correctly select Use Engine Time for all new scans. Fixed unexpected credentials set removal from Scan Configuration. Fixed unexpected log out from Asset Management. Fixed character escaping which caused CSV and XML reports to fail. Fixed trend.xml file growth due to redundant data. Fixed ticket verification error handling. Fixed IP search feature from Report Server. Fixed creation of LDAP Data Source. Fixed email notification when Tickets are exported. Fixed Asset Filter to allow empty string for DNS name and NetBIOS name. Fixed issue with pasting text into scan description field of Scan Configuration.

Foundstone 7.0.2 Release Notes Fixed the maintenance job delete operation to delete only inactive jobs. Fixed the scan status page to enable the Resume button for scans paused by user. Fixed the Enterprise Manager to correctly extract files from the generated report archive transferred by the Report Server. Fixed sort by asset owner on the Manage Assets page. Updated and improved content of Portal online help. Fixed the scan editor to use the correct Organization ID when validating IP addresses as they are added to the scan configuration. Fixed Discovery to perform RFC compliant banner grab. Fixed Discovery to allow certificates during shell target authentication. Added Actual and Expected columns to the compliancevulnerabilities.csv file of the generated report. Fixed Report Search to avoid filtering based on ticket assignment. Fixed OS mapping tables so that the Shell Module runs appropriate assessment scripts. Fixed usability issue with the Enter key in the Ticket Assignment page. Fixed ticket assignment on the Ticket Details page. Added NT_SERVICE_NULL value to Service policy Start and State options. Added FILE_PERM_NONE value to File Permission policy option. Added NONE value to Registry Key policy option. Fixed Scan Engine to preserve the user-modified logical engine name instead of reverting to the NETBIOS name of the engine. Fixed shell target authentication to gather the most secure key available. Fixed poor portal performance attributed to numerous unique Vulnerability Sets. Fixed Scan Engine performance when host names are configured in the scan. Fixed localization of PDF reports for supported languages. Fixed scan scheduling to account for scan configuration time zone. Fixed scan configuration Save for non-administrator users when using unnamed Vulnerability Sets. Fixed deletion of the previous unnamed Vulnerability Set when it is replaced by a new unnamed Vulnerability Set. Fixed WebFASL Module to run scripts against IP address when target DNS name is not available. Fixed SNMP trap for Close Ticket. Foundstone 7.0.1 Release Notes Added registry tweak to control OVAL script timeout. Added legacy NetBiosComputer.connect functionality. Fixed target share enumeration loop during assessment. Fixed target network API enumeration cleanup. Added NetShareEnum workaround to avoid infinite Win32 API loop. Fixed scan engine crash when scan is configured with more than 32 DNS names in the exclusion list. Fixed timeout mismatch between scan engine and scan controller. Fixed FCServer to push a complete FASL script update package to an FCAgent that detects missing scripts. Fixed upgrade of the RMI version on FS-850 appliances to version 6.0.8. Upload-validation certificates are also installed on the FS- 850 appliance to validate uploaded applications. Fixed erroneous 'Due Date' for remediation tickets updated by Non-Admin Users.

Fixed missing fields 'Scan' and 'Criticality' in the ticket details. Fixed the MVM 7.0.0 license registration tool to correctly locate the license file. Improved scan engine selection for Quick Scans. Fixed erroneous report using authentication status as asset filters. Fixed the scan status page so that the scan details are displayed for all pending scans. Fixed the "Clear All Inactive" button on the scan status page to hide all canceled scans. Fixed scan configuration editor to allow epo tags as scan targets. Fixed scheduling issues for weekly scans. Fixed scheduling issues for scans affected by Foundstone 7.0 upgrade. Fixed sort by group name in Asset Management interface. Fixed input validation of role description when creating new role. Fixed IP import validation. Improved accuracy of Windows/Unix/Infrastructure Host Assessment report sections. Fixed log file retention to remove empty folders. Added FCM support for MVM2100 and MVM3100. Added Portal support for MVM2100 and MVM3100. Fixed erroneous report using authentication status as asset filters. Implemented Tweak to Omit Redundant Services data in Risk_data.xml Stopped generating the redundant VulnDatabase section for PDF report. Fixed PDF report section for PCI Vuln by severity.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback