Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Qualys Threads

501 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Qualys Threads

  1. 1. Qualys Threads May 2011 <ul><li>Paul R.
  2. 2. Vlad Z.
  3. 3. Stefan F. </li></ul>26 th of August 2011 – TGIF IT Security
  4. 4. Overview <ul><li>Qualys Top 10 Threads
  5. 5. Internal Vulnerability
  6. 6. External Vulnerability
  7. 7. Q&A </li></ul>
  8. 8. <ul><li>Qualys Top 10 Threads </li></ul><ul><li>List of Top 10 External and Internal Vulnerabilities </li><ul><ul><li>Dynamically updated
  9. 9. 200 millions IP audits </li></ul></ul><li>Based on “ Laws of Vulnerabilities 2.0 “
  10. 10. No patches </li><ul><ul><li>Work-around may be possible </li></ul></ul></ul>
  11. 11. Internal Thread <ul><li>M$ Windows Print Spooler Remote Code Execution Vulnerability </li><ul><ul><li>CVE-2010-2729
  12. 12. MS10-061
  13. 13. Affects all versions of Windows </li></ul></ul><li>Allows remote attackers to </li><ul><ul><li>create files in the system
  14. 14. execute arbitrary code </li></ul></ul><li>Recommendation: update the system KB2347290 </li></ul>
  15. 15. External Thread <ul><li>SSH Protocol Version 1 Supported </li><ul><ul><li>CVE-2001-1473
  16. 16. Affects SSH 1.2.24 … 1.2.31 </li></ul></ul><li>Men-in-the-middle attack </li><ul><ul><li>Gain privileges of a system </li></ul></ul><li>Recommendation: update to SSH 2.4.0 </li></ul>
  17. 17. Questions?

×