SAINT® 7.1 Released

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and save

New features in version 7.1:

  • Oracle authentication
  • Option to enter Oracle Database user and password
  • Requires sqlplus utility (found in freely available Oracle Instant Client)
  • Enables local Oracle checks:
    • Accounts with default passwords
    • Accounts with DBA role
    • Accounts with .ANY. privileges
    • Accounts with .ALTER SYSTEM. or .CREATE LIBRARY. privilege
    • Privileges with .grantable. or .with admin. options
    • External users
  • SAINTmanager auto-close feature
  • Closes tickets for vulnerabilities which are not discovered in a later scan
  • Log-out link on every page (remote mode and SAINTmanager)
  • Named subnets in custom SAINTwriter reports
  • Enter a name for each subnet which was scanned
  • Improves readability of summary charts by subnet
  • More new features in SAINTwriter:
  • Optionally show check ID and CVSS score in Details section
  • Custom margins for PDF reports

New vulnerability checks in this version:

  • Microsoft .NET framework vulnerability (MS09-036). (CVE 2009-1536)
  • multiple Microsoft ATL vulnerabilities (MS09-037). (CVE 2008-0015 CVE 2008-0020 and etc.)
  • windows media file processing vulnerability (MS09-038) (CVE 2009-1545 CVE 2009-1546)
  • Remote Code Execution Vulnerabilities in WINS. (MS09-039) (CVE 2009-1923 CVE 2009-1924)
  • Microsoft Windows Message Queuing Service Queue Elevation of Privilege. (MS09-040) (CVE 2009-1922)
  • ’Elevation of Privilege’ Vulnerability in Workstation Service. (MS09-041). (CVE 2009-1544)
  • ’Telnet Authentication Relay’ Vulnerability in Microsoft Telnet Server (MS09-042). (CVE 2009-1930)
  • Microsoft Office Web Components remote code execution vulnerabilities (MS09-043). (CVE 2009-0562 CVE 2009-1136 and etc.)
  • Windows Remote Desktop Connection vulnerabilities (MS09-044). (CVE 2009-1133 CVE 2009-1929)
  • multiple Adobe Flash Player vulnerabilities. (CVE 2009-0901, CVE 2009-1863, etc.)
  • Squid Multiple Remote Denial of Service Vulnerabilities. (CVE 2009-2621 CVE 2009-2622)
  • Linux Kernel ’kvm_arch_vcpu_ioctl_set_sregs()’ Local Denial of Service Vulnerability. (CVE 2009-2287)
  • Apple Safari ’reload()’ Denial of Service Vulnerability. (CVE 2009-2419)
  • IBM WebSphere Application Server JAX-WS Application Security Bypass Vulnerability. (CVE 2009-0903)
  • Opera Web Browser ’javascript:’ URI in ’Refresh’ Header Cross-Site Scripting Vulnerability. (CVE 2009-2351)
  • Google Chrome ’javascript:’ URI in ’Refresh’ Header Cross-Site Scripting Vulnerability. (CVE 2009-2352)
  • Linux Kernel ’ptrace_start()’ And ’do_coredump()’ Deadlock Local Denial of Service Vulnerability. (CVE 2009-1388)
  • Apache ’mod_proxy’ Remote Denial Of Service Vulnerability. (CVE 2009-1890)
  • Bugzilla Bug Status Modification Security Bypass Vulnerability. (BID35604)
  • ISC BIND 9 Dynamic Update Request Denial of Service. (CVE 2009-0696)
  • IBM WebSphere Application Server JAX-RPC WS-Security Security Bypass Vulnerability. (BID35610)
  • RealNetworks Helix Server RTSP SETUP Request Denial of Service. (CVE 2009-2534)
  • Firebird SQL op_connect_request Denial of Service. (CVE 2009-2620)
  • Linux Kernel ’PER_CLEAR_ON_SETID’ Incomplete Personality List Access Validation Weakness. (CVE 2009-1895)
  • Multiple Vulnerabilities fixed in Firefox 3.0.12.(CVE 2009-2462 CVE 2009-2469 and etc.)
  • ISC DHCP Server Host Definition Remote Denial Of Service Vulnerability.(CVE 2009-1892)
  • ISC DHCP ’dhcpd -t’ Command Insecure Temporary File Creation Vulnerability.(CVE 2009-1893)
  • ASMAX device (Asmax Ar-804gu Router) BID35153
  • Multiple vulnerabilities fixed in Google Chrome 2.0.172.37. (CVE 2009-2555 CVE 2009-2556)
  • Nagios statuswml script command execution vulnerability (CVE 2009-2288)

New exploits in this version:

  • Visual Studio Active Template Library unitialized object exploit. (CVE 2009-0901)
  • Easy Chat Server Authentication Request Buffer Overflow exploit
  • MS Office Word malformed Sprm record buffer overflow exploit. (CVE 2009-0565)
  • Windows Telnet Credential Reflection (CVE 2009-1930)

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Application Scanner
Exploitation
Saint
Vulnerability Scanner