BeyondTrust Network Security Scanner 6.6.3 Release Notes

July 25, 2019

Release Availability:

  • This release is available by download from the BeyondTrust Client Portal (https://www.beyondtrust.com/support/) and using the BeyondTrust Auto-Updater.
  • The MD5 signature is: cfe3b4cc34633091b35d3a3bdb9ceaf0
  • The SHA-1 signature is: 585b42a3a4b0c59c4c3f8653e62716de84201810

New Features and Enhancements:

  • Improved detection for Cisco Nexus 9000 switches.
  • Improved the recognition of backported OSes during audit execution.
  • Changed enumeration order of users on macOS to prioritize non-service accounts.
  • Added optional Targets parameter to Start-RetinaScan PowerShell cmdlet.
  • Added optional EnumerateScheduledTasks job option to PowerShell API.

Issues Resolved:

  • Resolved an issue where SSH command results were ignored due to connection banner timing
  • Resolved an issue where targets incorrectly flagged as tarpitted based on TCP port scan failed to run associated audits.
  • Resolved an issue with certain Samba targets being incorrectly identified as Windows.
  • Resolved an issue with Audit 66127 ("cURL < 7.56.1 - Remote Information Leak") false positive against OpenShift Enterprise.
  • Resolved an issue where users discovered during group enumeration failed to display in the management console.
  • Resolved an issue where Web application scans failed to access login forms on pages presented on a frame within a frameset.
  • Resolved an issue where reports failed to generate when scan result files (RTD) were copied without their associated scan request files.
  • Resolved an issue where PCI Compliance reports were missing PCI details for certain audit results.
  • Resolved an issues where Get-RetinaSCAPScanResults PowerShell cmdlet incorrectly prompted for Id parameter when RetinaScan parameter is supplied.
  • Resolved an issue where the Audit filename expansion failed to recognize the %ProgramFiles(x86)% environment variable.
  • Resolved an issues where the CHECK_REGISTRY_AND_FILE_VER audit check type failed to populate the scan result tested value.

Known Issues:

  • VMware offline scanning is supported only for virtual machines with Windows installed as the guest operating system.
  • For Vulnerability Management (formerly Retina) 651 and UVM embedded scanners, database scanning works only for Microsoft SQL Server and Oracle databases. MySQL database scanning is not supported.
  • Authentication requirements for custom audits are not properly defined.
  • After the Retina Engine service has stopped, the raw packet driver continues to run.
  • When using the Retina Local Scan Service option, SCAP scan jobs running against Red Hat targets could take several minutes to enter a paused or scan-restricted state.

Notes:

  • Features that use the Microsoft .NET framework - including SCAP support, the audit modification and customization dialogs, PowerShell integration, reporting, and the guided user interface - require Microsoft .NET 4.5.2 or higher.
  • Network Security Scanner 6.4.0 and higher install the Microsoft Universal C runtime.
  • Network Security Scanner 6.4.0 and higher install the Microsoft Visual C++ 2017 x86 runtimes.
  • Network Security Scanner 6.0.1 and higher install the Microsoft Visual C++ 2008 x86 runtimes.
  • To scan offline VMware virtual machines without having to power them on prior to scanning, you must have BeyondInsight installed.
  • VMware offline scanning requires VMware's Virtual Disk Development Kit (VDDK).
  • Scanning of MySQL databases depends upon the prior installation of an ODBC driver; Connector/ODBC 5.1 or higher is recommended.
  • Database scanning will yield the best results with the most powerful users; for MySQL, this will be the 'root' user; for Oracle, it will be the 'sys' user acting 'AS SYSDBA'.
  • Scanning of Amazon Web Services instances requires BeyondInsight.