SAINT Security Scanner 6.7 Released

by

In: Saint , Vulnerability Scanner

28 December 2007

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved.

New vulnerability checks in version 6.7:

  • check in Jetty vulnerability
  • Yahoo Toolbar vulnerability
  • QuickTime
  • RealPlayer ActiveX denial of service
  • Mac OS X vpnd remote denial of service
  • Mac OS X local denial of service vulnerabilities
  • SiteBar vulnerabilities
  • Apache HTTP Server 413 Error HTTP Rquest Method cross-site scripting weakness
  • QuickBooks Online Edition ActiveX vulnerabilities
  • HP Info Center ActiveX vulnerabilities
  • Apache Cross-site scripting
  • Ichitaro Buffer Overflow
  • Novell Groupwise client vulnerabilities
  • Heimdal vulnerabilities
  • MySQL vulnerabilities
  • MaxDB vulnerabilities
  • Flash Player vulnerabilities
  • Skype4COM URI handler vulnerability
  • Easy File Sharing Web Server
  • Mac OS X Security Update 2007-009
  • Lotus Domino Web Access ActiveX buffer overflow
  • Opera 9.25
  • Yahoo Toolbar ActiveX vulnerability
  • BIND vulnerability in Fedora Core 8 and Red Hat 5

New exploits in this version:

  • ACDSee XPM file exploit
  • HP Openview Network Node Manager ovlogin.exe exploit
  • Samba LSA RPC exploit

New features in 6.7:

  • New concurrency control options for command-line scans
  • Quick start-up option (-Q) to skip SAINTexpress updates
  • Encoding of saved passwords for scheduled scans
  • Faster execution of authenticated Linux/Unix/Mac OS X checks
  • Password verification on Scan Setup page

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Saint
Vulnerability Scanner