Presentation is loading. Please wait.

Presentation is loading. Please wait.

Nessus Vulnerability Scan

Published byMerry Dickerson Modified over 7 years ago

Similar presentations

Presentation on theme: "Nessus Vulnerability Scan"— Presentation transcript:

1 Nessus Vulnerability Scan
Why a Samsung Smart TV Knew that there was an update available that was not installed Many Smart TVs are probably not updated Used Advanced Scan policy Uncovered 27 vulnerabilities 1 High 5 Medium 2 Low Ahmed Alkaysi Ahmed Alkaysi

2 Results 1 High vulnerability 5 Medium and 2 Low Ahmed Alkaysi
Cisco ASA software CLI invalid command Invocation Flaw in the CLI Attacker can exploit by causing denial-of-service or execute arbitrary code 5 Medium and 2 Low SSL related Certificate can’t be trusted Certificate signed using weak hashing algorithm Weak cipher suites supported Ahmed Alkaysi

3 Solutions Ahmed Alkaysi Update firmware
Purchase or generate proper certificate for service Contact Certificate Authority to reissue certificate Reconfigure affected application to avoid using weak SSL cipher Ahmed Alkaysi

Download ppt "Nessus Vulnerability Scan"

Similar presentations

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Cryptography and Network Security

Cryptography and Network Security
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.

Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Chapter 8 Web Security.

Chapter 8 Web Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Brute Force Password Cracking and its Role in Penetration Testing Andrew Keener and Uche Iheadindu.

Brute Force Password Cracking and its Role in Penetration Testing Andrew Keener and Uche Iheadindu.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.
Information Security What is Information Security?

Information Security What is Information Security?
Washington System Center © 2005 IBM Corporation August 25, 2005 RDS Training Secure Socket Layer (SSL) Overview z/Series Security (Mary Sweat, Greg Boyd)

Washington System Center © 2005 IBM Corporation August 25, 2005 RDS Training Secure Socket Layer (SSL) Overview z/Series Security (Mary Sweat, Greg Boyd)
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Security.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Security.
PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint,.net Other updates, MSRT, Defender Definitions,

PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint,.net Other updates, MSRT, Defender Definitions,
Security Vulnerability Identification and Reduction Linda Cornwal, JRA1, Brno 20 th June 2005

Security Vulnerability Identification and Reduction Linda Cornwal, JRA1, Brno 20 th June 2005

Similar presentations

Ads by Google