BeyondTrust Network Security Scanner 6.6.3 Release Notes
July 25, 2019
- This release is available by download from the BeyondTrust Client Portal (https://www.beyondtrust.com/support/) and using the BeyondTrust Auto-Updater.
- The MD5 signature is: cfe3b4cc34633091b35d3a3bdb9ceaf0
- The SHA-1 signature is: 585b42a3a4b0c59c4c3f8653e62716de84201810
New Features and Enhancements:
- Improved detection for Cisco Nexus 9000 switches.
- Improved the recognition of backported OSes during audit execution.
- Changed enumeration order of users on macOS to prioritize non-service accounts.
- Added optional Targets parameter to Start-RetinaScan PowerShell cmdlet.
- Added optional EnumerateScheduledTasks job option to PowerShell API.
- Resolved an issue where SSH command results were ignored due to connection banner timing
- Resolved an issue where targets incorrectly flagged as tarpitted based on TCP port scan failed to run associated audits.
- Resolved an issue with certain Samba targets being incorrectly identified as Windows.
- Resolved an issue with Audit 66127 ("cURL < 7.56.1 - Remote Information Leak") false positive against OpenShift Enterprise.
- Resolved an issue where users discovered during group enumeration failed to display in the management console.
- Resolved an issue where Web application scans failed to access login forms on pages presented on a frame within a frameset.
- Resolved an issue where reports failed to generate when scan result files (RTD) were copied without their associated scan request files.
- Resolved an issue where PCI Compliance reports were missing PCI details for certain audit results.
- Resolved an issues where Get-RetinaSCAPScanResults PowerShell cmdlet incorrectly prompted for Id parameter when RetinaScan parameter is supplied.
- Resolved an issue where the Audit filename expansion failed to recognize the %ProgramFiles(x86)% environment variable.
- Resolved an issues where the CHECK_REGISTRY_AND_FILE_VER audit check type failed to populate the scan result tested value.
- VMware offline scanning is supported only for virtual machines with Windows installed as the guest operating system.
- For Vulnerability Management (formerly Retina) 651 and UVM embedded scanners, database scanning works only for Microsoft SQL Server and Oracle databases. MySQL database scanning is not supported.
- Authentication requirements for custom audits are not properly defined.
- After the Retina Engine service has stopped, the raw packet driver continues to run.
- When using the Retina Local Scan Service option, SCAP scan jobs running against Red Hat targets could take several minutes to enter a paused or scan-restricted state.
- Features that use the Microsoft .NET framework - including SCAP support, the audit modification and customization dialogs, PowerShell integration, reporting, and the guided user interface - require Microsoft .NET 4.5.2 or higher.
- Network Security Scanner 6.4.0 and higher install the Microsoft Universal C runtime.
- Network Security Scanner 6.4.0 and higher install the Microsoft Visual C++ 2017 x86 runtimes.
- Network Security Scanner 6.0.1 and higher install the Microsoft Visual C++ 2008 x86 runtimes.
- To scan offline VMware virtual machines without having to power them on prior to scanning, you must have BeyondInsight installed.
- VMware offline scanning requires VMware's Virtual Disk Development Kit (VDDK).
- Scanning of MySQL databases depends upon the prior installation of an ODBC driver; Connector/ODBC 5.1 or higher is recommended.
- Database scanning will yield the best results with the most powerful users; for MySQL, this will be the 'root' user; for Oracle, it will be the 'sys' user acting 'AS SYSDBA'.
- Scanning of Amazon Web Services instances requires BeyondInsight.