Foundstone 7.0 Patch 8 Release Notes

Similar documents
Foundstone 7.0 Patch 6 Release Notes

McAfee Vulnerability Manager

Release Notes McAfee Vulnerability Manager 7.5.8

McAfee Vulnerability Manager Release Notes

McAfee Vulnerability Manager 7.0.1

Tenable.sc-Tenable.io Upgrade Assistant Guide, Version 2.0. Last Revised: January 16, 2019

Qualys Cloud Platform (VM, PC) v8.x Release Notes

Interface reference. McAfee Policy Auditor Interface Reference Guide. Add Service Level Agreement page

NGFW Security Management Center

ForeScout Extended Module for Tenable Vulnerability Management

NGFW Security Management Center

McAfee Enterprise Security Manager 10.3.x Release Notes

ForeScout Extended Module for Advanced Compliance

McAfee Gateway Appliance Patch 7.5.3

McAfee epolicy Orchestrator Release Notes

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

KYOCERA Net Admin User Guide

Release Notes Release (December 4, 2017)... 4 Release (November 27, 2017)... 5 Release

SecurityCenter 5.0 SCAP Assessments. May 28, 2015 (Revision 2)

ZENworks 2017 Audit Management Reference. December 2016

Interface Reference. McAfee Application Control Windows Interface Reference Guide. Add Installer page. (McAfee epolicy Orchestrator)

NETWRIX WINDOWS SERVER CHANGE REPORTER

Stonesoft Management Center. Release Notes Revision A

Using the VMware vrealize Orchestrator Client

McAfee Policy Auditor 6.2.2

McAfee epolicy Orchestrator Release Notes

ForeScout Extended Module for Qualys VM

This Readme describes the NetIQ Access Manager 3.1 SP5 release.

Using the VMware vcenter Orchestrator Client. vrealize Orchestrator 5.5.1

DiskBoss DATA MANAGEMENT

ZENworks 11 Support Pack 4 Management Zone Settings Reference. October 2016

Community Edition Getting Started Guide. July 25, 2018

Chapter 5: Vulnerability Analysis

NGFW Security Management Center

Host Identity Sources

BMC FootPrints 12 Integration with Remote Support

BlackBerry Enterprise Server for Microsoft Office 365. Version: 1.0. Administration Guide

NetIQ Privileged Account Manager 3.5 includes new features, improves usability and resolves several previous issues.

An Apple Subsidiary. This software addresses an issue where the OpenSSL library used by FileMaker Server 13.0v1 was vulnerable to the Heartbleed bug.

ForeScout Extended Module for IBM BigFix

User Manual. ARK for SharePoint-2007

Scan Station 710/730 Release Notes:

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

McAfee Network Security Platform 8.3

Version Release Notes

Qualys Cloud Suite 2.30

Tenable SCAP Standards Declarations. June 4, 2015 (Revision 11)

Barracuda Firewall Release Notes 6.6.X

FortiNAC Citrix XenMobile Device Integration

Installation Guide Worksoft Analyze

Stonesoft Management Center. Release Notes Revision A

About Symantec Encryption Management Server

Tanium Comply User Guide. Version 1.7.3

Dell EMC License Manager Version 1.5 User's Guide

ForeScout CounterACT. Configuration Guide. Version 5.0

Diagnostic Manager. User Guide VERSION August 22,

VMware Mirage Web Manager Guide

Barracuda Firewall Release Notes 6.5.x

NETWRIX GROUP POLICY CHANGE REPORTER

Qualys Cloud Platform (VM, PC) v8.x Release Notes

McAfee Network Security Platform 8.3

McAfee Security Management Center

Nessus v6 SCAP Assessments. November 18, 2014 (Revision 1)

Platform Settings for Classic Devices

NGFW Security Management Center

Configuring Vulnerability Assessment Devices

Forescout. eyeextend for IBM BigFix. Configuration Guide. Version 1.2

This is a known issue (SVA-700) that will be resolved in a future release IMPORTANT NOTE CONCERNING A VBASE RESTORE ISSUE

Administering vrealize Log Insight. September 20, 2018 vrealize Log Insight 4.7

User Manual. Admin Report Kit for Exchange Server

Sentinel 8.0 includes new features, improves usability, and resolves several previous issues.

Policy Compliance. Getting Started Guide. November 15, 2017

Netwrix Auditor. Release Notes. Version: 9.6 6/15/2018

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.2

Notification Template Limitations. Bridge Limitations

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

Version 2.38 April 18, 2019

StorageCraft Cloud Backup

WhatsConfigured for WhatsUp Gold 2016 User Guide

GRS Enterprise Synchronization Tool

What s new in Adobe Connect 9.4.2

Installation Guide Worksoft Certify Execution Suite

MET/TEAM README

Using ANM With Virtual Data Centers

ForeScout Extended Module for ServiceNow

Tenable.io User Guide. Last Revised: November 03, 2017

Netwrix Auditor for Active Directory

ForeScout Extended Module for IBM BigFix

ForeScout CounterACT. Assessment Engine. Configuration Guide. Version 1.0

Network Discovery Policies

12/05/2017. Geneva ServiceNow Security Management

Qualys 8.7 Release Notes

Icon Directory. Action Icons. Icon Name Description

Symantec Control Compliance Suite Vulnerability Manager User's Guide

L105190: Proactive Security Compliance Automation with CloudForms, Satellite, OpenSCAP, Insights, and Ansible Tower

Web Self Service Administrator Guide. Version 1.1.2

Qualys Cloud Platform (VM, PC) v8.x Release Notes

Transcription:

Foundstone 7.0 Patch 8 Release Notes These release notes describe the changes and updates for Foundstone 7.0, patch 8. This application installs only the patch needed to update the Foundstone system. Foundstone 7.0.8 Release Notes Fixed form authentication using a credential that includes the character "ñ". Fixed FSAssessment crash in the FASLModule. Fixed date format specification for the FSUpdate table SQL query. Fixed XCCDF Benchmark reports for STIG templates. Fixed stored procedure to not delete existing profiles when importing SCAP content. Enhanced performance of stored procedure used to retrieve asset data for the scan editor. Fixed stored procedure to correctly compute the exclusion list. Fixed date conversion error while updating the job state on a British-English SQL Server. Fixed the MVM Data Import task invoked by the MVM epo extension. Added host name to email notifications for ticket events. Fixed the Vuln Set rule editor to hide the preview button until the editor has completed processing. Fixed the workgroup-delete operation to display an error when the delete fails. Fixed the role editor to allow the viewing of the complete organization tree. For McAfee Vulnerability Manager 7.0 Patch 8 Known Issues, refer to the KnowledgeBase article: https://kc.mcafee.com/corporate/index?page=content&id=kb76320. Foundstone 7.0.7 Release Notes Improved the way the Alerts page builds the Vulns lists. Added FASL output to CSV report (enabled by registry tweak). Fixed XCCDF Benchmark reports for STIG templates. Fixed Benchmark Rule results when large amounts of text are displayed. Fixed Passed Hosts in Compliance Pass/Fail section of PCI Reports. Fixed the maintenance task to report the number of deleted historical asset data while running. Fixed stored procedure to correctly snapshot the vuln set used by the scan configuration. Fixed the Alerts page to account for an empty section created when a vulnerability risk level is updated. Fixed the slider position when the configuration is viewed in read-only mode. Fixed sorting by organization name, previous navigation, and removed sorting on item count. Fixed the rendering of the Asset context menu when Quickscan is disabled. Fixed the Delete Asset operation to report the error when the asset cannot be deleted. Improved memory usage in the scan engine when reporting the scan results to the scan controller. Reduce the memory usage of the FSAssessment and FSScanCtrlSvc components when processing assessment results for Policy Auditor type scans.

Fixed the scan controller error "Failed to add engine [engine_guid] to engine map." when the engine GUID that is specified in the registry is in lower case. Fixed the scan engine error "Unable to send POST request. Failed to send POST body" when reporting results to the scan controller. Foundstone 7.0.6 Release Notes Updated data probe to elicit response from UDP port 500. Fixed the stale engine delete operation in the scan controller and added more verbose logging for better diagnostics. Fixed premature timeouts in the watchdog timer for WMI scripts. Fixed the algorithm used to process the http response received after posting Assessment results to the scan controller. Fixed the algorithm used to process the http response received after posting Discovery results to the scan controller. Fixed sudo command processing when the command includes a pipe ( ) command delimiter. Updated the FASL engine to load the WinPcap drivers from the same folder as the core FASL engine component. Fixed handling of OS Category when epo OS Category is unknown. Fixed registration of Audit Request with no associated MVM assets. Fixed Report Server out-of-memory condition when generating very large Benchmark Summary page. Reports can now render multiple CVE entries contained in the updated VulnDatabase.xml. Fixed data service error when attempting to start a Quickscan that has been modified to use a named vuln set. Fixed log file path validation. Fixed FCServer crash due to invalid agent configuration data. Enhanced FCAgent connection logic. Fixed Portal script timeout while receiving very large reports. Fixed validation of special characters when creating user accounts. Fixed Portal memory issues while downloading large reports (less than 300MB zipped). Provide notification for changing configuration when changing Display By or Search By settings. Fixed Manage Assets so that QuickScan is not available when it is disabled in the config.ini file. Added support for Cyberark credentials. Fixed WebFSLModule processing for Windows 2008 targets. Foundstone 7.0.5 Release Notes Fixed rules-based vuln sets to use the NVD CVSS scoring vector. Fixed the access rights for Scan Targets. Enhanced the performance of the operation that saves the scan-snapshot to avoid timeouts. Fixed encoding of User passwords. Added a warning dialog if the vulns selection has been changed but not saved. Added UTC suffix to times displayed in Enterprise Manager Reports page. Fixed scan engine to pause batches when they attempt to start outside of a scan window. Increased the number of attempts to recover a job on scan engine start. Fixed the start up sequence of the scan engine service. In the event of a failure, the service will not start up and an appropriate error messages will be logged. Fixed Notification time consistency (time now clearly displayed as UTC).

Fixed generation of invalid hyperlink for no vulnerability results. Fixed scroll bar on asset tree. Fixed handling of large recordset data to prevent out-of-memory condition. Added First and Last found columns to vulnerabilities.csv report. Fixed infinite loop during post-processing. Fixed hang condition in the FSDiscovery module when not all adapters can be initialized. Fixed hang condition during renegotiation for the TLS man in the middle attack check. Fixed memory corruption causing the FSDiscovery module to crash. Fixed result processor to use an increased timeout value for database operation retries. Added registry setting to adjust SMTP command receive timeout. Improved logging. Foundstone 7.0.4 Release Notes Fixed Mac OSX reporting. Fixed blank lines in FCM Manage OS Fingerprints. Fixed issue selecting Full Access in the access permissions when using roles. Fixed updating Shell credentials to preserve root password. Fixed import of IP Pool and Exclusions using CIDR format. Fixed combining IP ranges during IP Pool edit. Fixed Enterprise Manager UI to clearly indicate reported Foundscore type. Fixed Global IP exclusions to prevent scanning excluded IPs from root organization scan. Fixed memory leak in continuous scan against shell targets. Fixed Enterprise Manager login error when SCAP scan is the "default view" on the Dashboard. Fixed FSScanEngineSvc memory usage when processing empty batches. Reduced scan controller memory usage while processing assessment results. Increased the number of retries for the fssavesnapshot database operation to 10. Fixed XML encoding of malformed URLs within an HTML page body. Fixed memory leak observed in JScript.dll when using the IE8 scripting engine. Fixed the exception generated by the ReadContentAsInt method when processing an empty discovery result set. Fixed intermittent FSScanEngineSvc service crash. Fix various modules to respond to the cancel request in a more timely manner. Discovery module enhancements: - Added probe for detection of and banner grabbing from UDP port 427 (SRVLOC). - Updated UDP port 5353 (mdns) probe. - Added check for EMC systems during Windows OS identification. Fixed small memory leak in the Shell Module. Added CVSS scoring to ticketing. Fixed report server 'Unknown error 0x800A0CC1' while loading the 'AssetsVulns' recordset. Fixed synchronization of Benchmarks during Policy Auditor Maintain Foundstone Audits. Sends set preference commands for NSM-enabled FCAgent only when needed. Fixed intermittent failure when communicating with NSM.

API server settings are now present for NSM-enabled clients. Foundstone 7.0.3 Release Notes Added the ability to detect the Oracle Transparent Network Substrate (TNS) protocol running on non-standard ports. Create a new scan or edit an existing scan. On the Settings tab, click Services, then click Advanced Options. Make sure Detecting services running on non-standard ports is selected. Select tns under Available Services, then click >> to add it to Selected Services. Click Close. Under TCP Scanning, select Custom. Type the custom port number, separating the numbers with a space. Save your scan. Added Awaiting Resources to the Status column on the scan status page. This status appears when the engine has insufficient memory to run the scan. When scan engine resources become available, the scan will resume. Fixed NetBIOS name not being correctly recorded. Fixed WHAM module state transition during the pause command right after the module completes processing of the batch. Fixed OS identification conflict resolution. Updated the McAfee Community URL on the Portal login page. Fixed Report Server hang on encountering an Asset/OS mismatch. Fixed throttling to wait until the default number of threads is available when throttling back in low memory conditions. Fixed update of LastFoundDateTime column during asset reconciliation. Fixed scan completion notifications to list correct Scan Engine. Added SSL code to support checks such as CVE-2009-3555 (TLS / SSL Man-In-The-Middle Renegotiation Vulnerability). Fixed scan start notification email to be sent at the actual scan start time. Added additional logging in the Scan Controller to identify malformed XML documents. Fixed Scan Engine hang when batching hosts for assessment. Fixed IP Range import failure. Fixed Scan Configuration to correctly select Use Engine Time for all new scans. Fixed unexpected credentials set removal from Scan Configuration. Fixed unexpected log out from Asset Management. Fixed character escaping which caused CSV and XML reports to fail. Fixed trend.xml file growth due to redundant data. Fixed ticket verification error handling. Fixed IP search feature from Report Server. Fixed creation of LDAP Data Source. Fixed email notification when Tickets are exported. Fixed Asset Filter to allow empty string for DNS name and NetBIOS name. Fixed issue with pasting text into scan description field of Scan Configuration. Foundstone 7.0.2 Release Notes

Fixed the maintenance job delete operation to delete only inactive jobs. Fixed the scan status page to enable the Resume button for scans paused by user. Fixed the Enterprise Manager to correctly extract files from the generated report archive transferred by the Report Server. Fixed sort by asset owner on the Manage Assets page. Updated and improved content of Portal online help. Fixed the scan editor to use the correct Organization ID when validating IP addresses as they are added to the scan configuration. Fixed Discovery to perform RFC compliant banner grab. Fixed Discovery to allow certificates during shell target authentication. Added Actual and Expected columns to the compliancevulnerabilities.csv file of the generated report. Fixed Report Search to avoid filtering based on ticket assignment. Fixed OS mapping tables so that the Shell Module runs appropriate assessment scripts. Fixed usability issue with the Enter key in the Ticket Assignment page. Fixed ticket assignment on the Ticket Details page. Added NT_SERVICE_NULL value to Service policy Start and State options. Added FILE_PERM_NONE value to File Permission policy option. Added NONE value to Registry Key policy option. Fixed Scan Engine to preserve the user-modified logical engine name instead of reverting to the NETBIOS name of the engine. Fixed shell target authentication to gather the most secure key available. Fixed poor portal performance attributed to numerous unique Vulnerability Sets. Fixed Scan Engine performance when host names are configured in the scan. Fixed localization of PDF reports for supported languages. Fixed scan scheduling to account for scan configuration time zone. Fixed scan configuration Save for non-administrator users when using unnamed Vulnerability Sets. Fixed deletion of the previous unnamed Vulnerability Set when it is replaced by a new unnamed Vulnerability Set. Fixed WebFASL Module to run scripts against IP address when target DNS name is not available. Fixed SNMP trap for Close Ticket. Foundstone 7.0.1 Release Notes Added registry tweak to control OVAL script timeout. Added legacy NetBiosComputer.connect functionality. Fixed target share enumeration loop during assessment. Fixed target network API enumeration cleanup. Added NetShareEnum workaround to avoid infinite Win32 API loop. Fixed scan engine crash when scan is configured with more than 32 DNS names in the exclusion list. Fixed timeout mismatch between scan engine and scan controller. Fixed FCServer to push a complete FASL script update package to an FCAgent that detects missing scripts. Fixed upgrade of the RMI version on FS-850 appliances to version 6.0.8. Upload-validation certificates are also installed on the FS- 850 appliance to validate uploaded applications. Fixed erroneous 'Due Date' for remediation tickets updated by Non-Admin Users. Fixed missing fields 'Scan' and 'Criticality' in the ticket details.

Fixed the MVM 7.0.0 license registration tool to correctly locate the license file. Improved scan engine selection for Quick Scans. Fixed erroneous report using authentication status as asset filters. Fixed the scan status page so that the scan details are displayed for all pending scans. Fixed the "Clear All Inactive" button on the scan status page to hide all canceled scans. Fixed scan configuration editor to allow epo tags as scan targets. Fixed scheduling issues for weekly scans. Fixed scheduling issues for scans affected by Foundstone 7.0 upgrade. Fixed sort by group name in Asset Management interface. Fixed input validation of role description when creating new role. Fixed IP import validation. Improved accuracy of Windows/Unix/Infrastructure Host Assessment report sections. Fixed log file retention to remove empty folders. Added FCM support for MVM2100 and MVM3100. Added Portal support for MVM2100 and MVM3100. Fixed erroneous report using authentication status as asset filters. Implemented Tweak to Omit Redundant Services data in Risk_data.xml Stopped generating the redundant VulnDatabase section for PDF report. Fixed PDF report section for PCI Vuln by severity.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback