Tag: qid | Qualys Blog

Identifying Let’s Encrypt Revoked Certificates

Posted by Asif Karel in Qualys Technology, Security Labs, The Laws of Vulnerabilities on March 6, 2020

Let’s Encrypt is a free, automated, open certificate authority (CA) run for the public’s benefit as a service from the Internet Security Research Group (ISRG). It provides free digital certificates to enable HTTPS (SSL/TLS) for websites via user-friendly means.

Earlier this week, Let’s Encrypt announced that a bug in its validation code forced it to revoke more than 3 million certificates. The bug allowed subscribers (under specific circumstances and for a limited period) to issue certificates to a domain name even after the domain name holder explicitly prohibited the issuance of certificates through the use of DNS CAA.

This blog explains the implications of the incident. It provides details on the impact it can have on organizations utilizing Let’s Encrypt revoked certificates. It outlines steps for remediation and provides a link to Qualys CertView, a free tool that can be used to identify all affected certificates in users’ environments.

No Comments
Permalink
Tags: apache, certview, dashboard, detection, qid, vulnerability

Detections Released for ESU Updates on EOL Windows 7, 2008 and 2008 R2

Posted by Animesh Jain in Qualys Technology on February 13, 2020

For the February 2020 Patch Tuesday, Microsoft released security updates for Windows 7, 2008 and 2008 R2 systems which are already end of life. Qualys released Patch Tuesday detections (QIDs) which check for these new ESU patches as well.

Update: Qualys released IG QID 45424 to identify the presence of ESU on Windows 7, 2008/R2 systems.

2 Comments
Permalink
Tags: #VisualizeDataNotCSVs, dashboard, eol, esu, microsoft, qid

New EOL QIDs for Microsoft Windows 7 and 2008/R2

Posted by Animesh Jain in Qualys Technology on February 7, 2020

Qualys Vulnerability Signature, version 2.4.815-2, will include EOL QIDs (detections for end-of-life software) for Windows 7, Windows 2008, and Windows 2008 R2. Customers will be able to scan the QIDs shown below using Qualys Vulnerability Management (VM):

QID 105859 – EOL/Obsolete Operating System: Microsoft Windows 2008 R2 Detected
QID 105858 – EOL/Obsolete Operating System: Microsoft Windows 2008 Detected
QID 105793 – EOL/Obsolete Operating System: Microsoft Windows 7 Detected

1 Comment
Permalink
Tags: dashboard, eol, esu, microsoft, ms, qid, rpt, vm, windows

How to Check for Unprotected MongoDB Databases

Posted by Ses Wang in Security Labs on February 24, 2015

Recently three students from University of Saarland in Germany discovered that the MongoDB databases running on several thousand commercial web servers allow remote attackers to easily access and manipulate the database from the Internet. According to their research, it is not uncommon for MongoDB databases to be configured to accept any connection from the Internet.

In this blog I will discuss how unauthorized access works and how to check if your MongoDB is exposed. Qualys Vulnerability Management has released QID 19965 to check for the same.

All Posts

Identifying Let’s Encrypt Revoked Certificates

Detections Released for ESU Updates on EOL Windows 7, 2008 and 2008 R2

New EOL QIDs for Microsoft Windows 7 and 2008/R2

How to Check for Unprotected MongoDB Databases