2011 Issue #38
ScoutNews
The weekly Security update from
the makers of SecureScout
September 30, 2011
2011 Issue #38 | ScoutNews |
Table of Contents
Product Focus |
Apache Chunked Vulnerability Scanner - The S4 Apache Chunked Vulnerability Scanner is a free utility made by SecureScout that will scan up to 256 IP addresses at once to assess if any are vulnerable to the Apache Chunked Encoding buffer overflow.
Download Here:
http://www2.netvigilance.com/productdownloads?productname=apachechunkedvulnerabilityscanner
This Week in Review
Security a complex business challenge. Text spammer banned from texting. Need for social media security controls. Activists take down Harvard.
Enjoy reading & Stay safe.
Call or email netVigilance to get an update on SecureScout.
(503) 524 5758 or sales@netVigilance.com
Top Security News Stories this Week
• Mobile malware, "whaling" top challenges of 2011, says IBM report
An unprecedented number of successful attacks on corporate networks in the first half of the year illustrates that "basic network security is not just a technical problem, but rather a complex business challenge," according to the "IBM X-Force 2011 Mid-year Trend and Risk Report," released on Thursday
To address these new challenges, the report said, enterprises need to shape their risk exposure, communication, end-user education and technology in a delicate balance.
One of the newest vectors of attack - the so-called "bring your own device" approach - has sprung up from the burgeoning market for smartphones and tablets and their adaption into the enterprise network, the report said. Security issues seen on the mobile platform are rising with the market - with double the number of mobile exploit releases that were seen in 2010.
SC Magazine
Full Story :
http://www.scmagazineus.com/mobile-malware-whaling-top-challenges-of-2011-says-ibm-report/article/213219/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCMagazineNews+%28SC+Magazine+News%29
• FTC settles with SMS marketer over spam allegations
The Federal Trade Commission (FTC) has settled its first-ever case against a text message spammer.
The agency announced Thursday that the settlement with the defendant, Phil Flora, bans him from sending or aiding others in the delivery of unsolicited text messages that promote a commercial product. In addition, he must pay $32,000 to satisfy a judgment.
Flora of Huntington Beach, Calif. is alleged to have sent a "mind-boggling" amount of spam SMS, according to a complaint filed in February by the FTC. Specifically, he delivered more than 5.5 million unsolicited text messages, sold consumers' wireless numbers to third parties and advertised his services.
SC Magazine
Full Story :
http://www.scmagazineus.com/ftc-settles-with-sms-marketer-over-spam-allegations/article/213163/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCMagazineNews+%28SC+Magazine+News%29
• Most businesses lack social media security controls
IT security practitioners agree that employees' social media use represents a security threat, but 29 percent polled in a new survey said their company has the necessary controls in place to mitigate the risks.
The "Global Survey on Social Media Risks," released Wednesday by the Ponemon Institute, found that many organizations have experienced the danger posed by sites like Facebook and Twitter. In the survey of more than 4,000 IT and IT security professionals, 52 percent of respondents said they faced an increase in malware as a result of social media.
Despite the increased risks, a majority of respondents acknowledged that social media is an important tool for meeting business objectives, according to the survey.
SC Magazine
Full Story :
http://www.scmagazineus.com/most-businesses-lack-social-media-security-controls/article/213161/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCMagazineNews+%28SC+Magazine+News%29
• Harvard site back online after "sophisticated" defacement
The home page of Harvard University is functioning normally after it was defaced Monday morning by activists in support of the embattled regime in Syria.
"We took down the site for several hours in order to restore it," a statement from the Cambridge, Mass. college said. "The attack appears to have been the work of a sophisticated individual or group."
But considering defacements have been commonplace on the web for more than a decade, some experts questioned whether the attack could be considered advanced.
SC Magazine
Full Story :
http://www.scmagazineus.com/harvard-site-back-online-after-sophisticated-defacement/article/212949/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCMagazineNews+%28SC+Magazine+News%29
New Vulnerabilities Tested in SecureScout
• 19481 Microsoft .NET Framework JIT Compiler Optimization Remote Code Execution Vulnerability (MS10-077/2160841) (Remote File Checking)
The Microsoft .NET Framework is prone to a remote code-execution vulnerability.
The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs).
The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page.
The issue affects Microsoft .NET Framework 4.0 on x64-based and Itanium-based platforms.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* MS: MS10-077
http://www.microsoft.com/technet/security/Bulletin/MS10-077.mspx
* OVAL: oval:org.mitre.oval:def:6824
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6824
* BID: 43781
http://www.securityfocus.com/bid/43781/discuss
* MSKB: 2160841
http://support.microsoft.com/kb/2160841
CVE Reference:
CVE-2010-3228 (cve.mitre.org, nvd.nist.gov)
• 19482 Microsoft Windows Failover Clustering File Permissions Security Bypass Vulnerability (MS10-086/2294255) (Remote File Checking)
Microsoft Windows Failover Clustering is prone to a security-bypass vulnerability.
The user interface in Microsoft Cluster Service (MSCS) in Microsoft Windows Server 2008 R2 does not properly set administrative-share permissions for new cluster disks that are shared as part of a failover cluster, which allows remote attackers to read or modify data on these disks via requests to the associated share, aka "Permissions on New Cluster Disks Vulnerability."
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* MS: MS10-086
http://www.microsoft.com/technet/security/Bulletin/MS10-086.mspx
* OVAL: oval:org.mitre.oval:def:6789
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6789
* SECTRACK: 1024558
http://www.securitytracker.com/id?1024558
* BID: 43818
http://www.securityfocus.com/bid/43818
* MISC:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3223
CVE Reference:
CVE-2010-3223 (cve.mitre.org, nvd.nist.gov)
• 19483 Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (MS10-083/2405882) (Remote File Checking)
A vulnerability exists in Microsoft Office products that could result in remote code execution.
The vulnerability could allow remote code execution if a user opens a specially crafted file using WordPad or selects or opens a shortcut file that is on a network or WebDAV share. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* MS: MS10-036
http://www.microsoft.com/technet/security/bulletin/ms10-036.mspx
* MS: MS10-083
http://www.microsoft.com/technet/security/Bulletin/MS10-083.mspx
* CERT: TA10-159B
http://www.us-cert.gov/cas/techalerts/TA10-159B.html
* BID: 40574
http://www.securityfocus.com/bid/40574
* OVAL: oval:org.mitre.oval:def:7286
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7286
* SECTRACK: 1024555
http://www.securitytracker.com/id?1024555
CVE Reference:
CVE-2010-1263 (cve.mitre.org, nvd.nist.gov)
• 19485 Microsoft Windows Media Encoder 9 DLL Loading Arbitrary Code Execution Vulnerability (MS10-094/2447961) (Remote File Checking)
Microsoft Windows Media Encoder 9 is prone to a vulnerability that lets attackers execute arbitrary code.
The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate Windows Media Profile (.prx) file that is located in the same network directory as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* MS: MS10-094
http://www.microsoft.com/technet/security/Bulletin/MS10-094.mspx
* CERT: TA10-348A
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
* BID: 42855
http://www.securityfocus.com/bid/42855
* OVAL: oval:org.mitre.oval:def:12235
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12235
* SECTRACK: 1024876
http://www.securitytracker.com/id?1024876
* VUPEN: ADV-2010-3217
http://www.vupen.com/english/advisories/2010/3217
CVE Reference:
CVE-2010-3965 (cve.mitre.org, nvd.nist.gov)
• 19486 Microsoft Internet Connection Wizard DLL Loading Arbitrary Code Execution Vulnerability (MS10-097/2443105) (Remote File Checking)
Microsoft Internet Connection Wizard (Icwconn1.exe) is prone to a vulnerability that lets attackers execute arbitrary code.
The vulnerability could allow remote code execution if a user opens an .ins or .isp file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* EXPLOIT-DB: 14754
http://www.exploit-db.com/exploits/14754/
* MS: MS10-097
http://www.microsoft.com/technet/security/Bulletin/MS10-097.mspx
* CERT: TA10-348A
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
* OVAL: oval:org.mitre.oval:def:11993
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11993
* SECTRACK: 1024879
http://www.securitytracker.com/id?1024879
CVE Reference:
CVE-2010-3144 (cve.mitre.org, nvd.nist.gov)
• 19487 Microsoft Windows Kernel NDProxy Local Privilege Escalation Vulnerability (MS10-099/2440591) (Remote File Checking)
Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel.
The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* MS: MS10-099
http://www.microsoft.com/technet/security/Bulletin/MS10-099.mspx
* CERT: TA10-348A
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
* BID: 45269
http://www.securityfocus.com/bid/45269
* OSVDB: 69823
http://osvdb.org/69823
* OVAL: oval:org.mitre.oval:def:12461
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12461
* SECTRACK: 1024881
http://www.securitytracker.com/id?1024881
* SECUNIA: 42613
http://secunia.com/advisories/42613
* VUPEN: ADV-2010-3221
http://www.vupen.com/english/advisories/2010/3221
CVE Reference:
CVE-2010-3963 (cve.mitre.org, nvd.nist.gov)
• 19488 Microsoft Windows Consent User Interface Registry Key Local Privilege Escalation Vulnerability (MS10-100/2442962) (Remote File Checking)
Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in Consent User Interface.
The vulnerability could allow elevation of privilege if an attacker runs a specially crafted application on an affected system. An attacker must have valid logon credentials and the SeImpersonatePrivilege and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* MS: MS10-100
http://www.microsoft.com/technet/security/Bulletin/MS10-100.mspx
* CERT: TA10-348A
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
* BID: 45318
http://www.securityfocus.com/bid/45318
* OSVDB: 69824
http://osvdb.org/69824
* OVAL: oval:org.mitre.oval:def:12323
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12323
* SECTRACK: 1024882
http://www.securitytracker.com/id?1024882
* SECUNIA: 42614
http://secunia.com/advisories/42614
* VUPEN: ADV-2010-3222
http://www.vupen.com/english/advisories/2010/3222
CVE Reference:
CVE-2010-3961 (cve.mitre.org, nvd.nist.gov)
• 19489 Microsoft Hyper-V VMBus Denial of Service Vulnerability (MS10-102/2345316) (Remote File Checking)
Microsoft Hyper-V is prone to a denial-of-service vulnerability.
The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
Test Case Impact: Gather Info Vulnerability Impact: DoS Risk: Medium
References:
* MS: MS10-102
http://www.microsoft.com/technet/security/Bulletin/MS10-102.mspx
* CERT: TA10-348A
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
* BID: 45293
http://www.securityfocus.com/bid/45293
* OSVDB: 69818
http://osvdb.org/69818
* OVAL: oval:org.mitre.oval:def:12359
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12359
* SECTRACK: 1024884
http://www.securitytracker.com/id?1024884
* SECUNIA: 42617
http://secunia.com/advisories/42617
* VUPEN: ADV-2010-3224
http://www.vupen.com/english/advisories/2010/3224
CVE Reference:
CVE-2010-3960 (cve.mitre.org, nvd.nist.gov)
• 19496 Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability (MS11-006/2483185) (Remote File Checking)
Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability in the Windows Graphics Rendering Engine because the software fails to perform adequate boundary-checks on user-supplied data.
The vulnerability could allow remote code execution if a user views a specially crafted thumbnail image (a malicious '.MIC' or office file). An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* MISC:
http://www.powerofcommunity.net/speaker.html
* MISC:
http://www.metasploit.com/redmine/projects/framework/repository/revisions/11466/entry/modules/exploits/windows/fileformat/ms11_xxx_createsizeddibsection.rb
* MISC:
http://www.microsoft.com/technet/security/advisory/2490606.mspx
* MISC:
http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx
* MS: MS11-006
http://www.microsoft.com/technet/security/Bulletin/MS11-006.mspx
* CERT-VN: VU#106516
http://www.kb.cert.org/vuls/id/106516
* BID: 45662
http://www.securityfocus.com/bid/45662
* OVAL: oval:org.mitre.oval:def:11671
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11671
* SECTRACK: 1024932
http://www.securitytracker.com/id?1024932
* SECUNIA: 42779
http://secunia.com/advisories/42779
* VUPEN: ADV-2011-0018
http://www.vupen.com/english/advisories/2011/0018
* MSKB: 2483185
http://support.microsoft.com/kb/2483185
CVE Reference:
CVE-2010-3970 (cve.mitre.org, nvd.nist.gov)
• 19497 Microsoft Windows OpenType Compact Font Format Remote Code Execution Vulnerability (MS11-007/2485376) (Remote File Checking)
Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Compact Font Format (CFF) driver.
The vulnerability could allow remote code execution if a user views content rendered in a specially crafted CFF font. In all cases, an attacker would have no way to force users to view the specially crafted content. Instead, an attacker would have to convince users to visit a Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* CONFIRM:
http://support.avaya.com/css/P8/documents/100127239
* MS: MS11-007
http://www.microsoft.com/technet/security/Bulletin/MS11-007.mspx
* BID: 46106
http://www.securityfocus.com/bid/46106
* OSVDB: 70821
http://osvdb.org/70821
* OVAL: oval:org.mitre.oval:def:11593
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11593
* SECTRACK: 1025034
http://www.securitytracker.com/id?1025034
* SECUNIA: 43252
http://secunia.com/advisories/43252
* VUPEN: ADV-2011-0320
http://www.vupen.com/english/advisories/2011/0320
* XF: ms-opentype-cff-code-execution(64906)
http://xforce.iss.net/xforce/xfdb/64906
CVE Reference:
CVE-2011-0033 (cve.mitre.org, nvd.nist.gov)
New Vulnerabilities found this Week
• CVE-2011-2998 Mozilla CVSS 2.0 Score = 10.0
Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=684815
CONFIRM: http://www.mozilla.org/security/announce/2011/mfsa2011-37.html
CVE Reference: CVE-2011-2998
• CVE-2011-2996 Mozilla CVSS 2.0 Score = 10.0
Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=555018
CONFIRM: http://www.mozilla.org/security/announce/2011/mfsa2011-36.html
CVE Reference: CVE-2011-2996
• CVE-2011-2997 Mozilla CVSS 2.0 Score = 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=678818
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=673757
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=672436
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=671756
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=670319
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=669228
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=668941
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=667507
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=667011
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=664930
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=661567
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=658864
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=657198
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=552002
CONFIRM: http://www.mozilla.org/security/announce/2011/mfsa2011-36.html
CVE Reference: CVE-2011-2997
• CVE-2011-3003 Mozilla CVSS 2.0 Score = 10.0
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=682335
CONFIRM: http://www.mozilla.org/security/announce/2011/mfsa2011-41.html
CVE Reference: CVE-2011-3003
• CVE-2011-2995 Mozilla CVSS 2.0 Score = 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=665360
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=662215
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=660453
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=655098
CONFIRM: http://www.mozilla.org/security/announce/2011/mfsa2011-36.html
CVE Reference: CVE-2011-2995
• CVE-2011-3867 Mozilla CVSS 2.0 Score = 9.3
Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=684815
CONFIRM: http://www.mozilla.org/security/announce/2011/mfsa2011-37.html
CVE Reference: CVE-2011-3867
• CVE-2011-3002 Mozilla CVSS 2.0 Score = 9.3
Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=680840
CONFIRM: http://www.mozilla.org/security/announce/2011/mfsa2011-41.html
CVE Reference: CVE-2011-3002
• CVE-2011-3005 Mozilla CVSS 2.0 Score = 9.3
Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=675747
CONFIRM: http://www.mozilla.org/security/announce/2011/mfsa2011-44.html
CVE Reference: CVE-2011-3005
Vulnerability Resource
Check out this compendium of links and up-to-the minute information about network security issues.
Their claim to be the 'security portal for information system security professionals' is well founded.
http://www.infosyssec.org/infosyssec/
Thank You
Thanks for sifting through another great edition of the ScoutNews. We hope we captured a flavor for the week and gave you
just enough information on newly found vulnerabilities to keep you up-to-date. To subscribe or unsubscribe, contact us at
ScoutNews@netVigilance.com
About SecureScout
SecureScout is a leading vulnerability scanner and management tool developed and marketed worldwide by NexantiS Corporation.
SecureScout is a trademark of NexantiS Corporation.
netVigilance, Inc. is a partner of NexantiS and an authorized distributor of SecureScout.
For any inquiry about SecureScout by:
Customers in America and Northern Europe contact us at info@netVigilance.com
Customers in France, Italy, Spain, Portugal, Greece, Turkey, Eastern Europe, Middle East, Africa and Asia/Pacific, contact NexantiS at
info-scanner@securescout.net