Saint Scanner 6.7.13 released

by

In: Penetration testing & Ethical Hacking , Saint , Vulnerability Management

17 July 2008

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

New vulnerability checks in version 6.7.13:

  • Spoofing vulnerabilities in DNS. (MS08-037) (CVE 2008-1447 CVE 2008-1454)
  • Windows Explorer Remote Code Execution. (MS08-038) (CVE 2008-1435)
  • Outlook Web Access cross site scripting vulnerabilities. (MS08-039) (CVE 2008-2247 CVE 2008-2248)
  • Microsoft SQL Server vulnerabilities. (MS08-040) (CVE 2008-0085 CVE 2008-0086 etc.)
  • MacOSX vulnerabilities fixed in 10.5.4/2008-004. (CVE 2008-2307 CVE 2008-2308 CVE 2008-2309 CVE 2008-2310 etc.)
  • CA BrightStor ARCserve Backup Discovery Service Denial of Service (CVE 2008-1979)
  • OpenOffice vulnerability on Windows (CVE 2008-2152). (Linux check already existed.)
  • Lyris ListManager words Parameter Cross-Site Scripting (CVE 2008-2923)
  • dotProject Security Bypass
  • SSH1 Protocol version 1 supported. (CVE 2001-0361 CVE 2001-1473)
  • CA Multiple Products gui_cm_ctrls ActiveX Control Memory Corruption (CVE 2008-1786)
  • Microsoft IIS Authentication Method Disclosure. (CVE 2002-0419)
  • Adobe Acrobat JavaScript Method Handling Vulnerability (CVE 2008-2641)
  • Multiple Vulnerabilities in Apple Safari 3.1.1 and prior for Microsoft Windows (CVE 2008-2306 CVE 2008-2307)
  • IBM AFP Viewer Plugin Buffer Overflow (CVE 2008-2880)
  • OpenLDAP ber_get_next BER Decoding Denial of Service (CVE 2008-2952)
  • SurgeMail IMAP Command Handling Denial of Service (CVE 2008-2859)
  • Alt-N MDaemon WorldClient Service Memory Corruption (CVE 2008-2631)
  • vulnerabilities in Apple Safari 3.1.1 and prior for Mac OS X 10.4.11 (CVE 2008-2307)
  • Novell eDirectory ds.dlm Module Integer Overflow Vulnerability
  • Firefox, SeaMonkey and Thunderbird vulnerabilities (CVE 2008-2798 CVE 2008-2799 CVE 2008-2800 etc.)
  • Snapshot Viewer for Microsoft Access file download vulnerability. (CVE 2008-2463)
  • PCRE vulnerability (CVE 2008-2371)
  • BIND spoofing vulnerabilities. (CVE 2008-1447)
  • TFTP Server Error Packet Handling Buffer Overflow (CVE 2008-2161)
  • TCP timestamps enabled
  • Microsoft Telnet servers which do not enforce NTLM authentication
  • XDMCP available
  • HTML clear-text form-based authentication
  • HTML autocomplete enabled for passwords in HTML forms
  • Management Interface accessibility on Cisco Devices
  • remote DNS server cache snooping vulnerability
  • Netbios memory disclosure vulnerability
  • NetBIOS share enumeration using null session
  • SSH default admin/password login.

New exploits in this version:

  • Microsoft Access Snapshot Viewer file download exploit. (CVE 2008-2463)
  • HP OpenView Network Node Manager connectedNodes.ovpl command injection exploit. (CVE 2005-2773)
  • Novell GroupWise Messenger HTTP response exploit. (CVE 2008-2703)
  • Orbit Downloader Unicode conversion exploit. (CVE 2008-1602)

Post scriptum

Compliance Mandates

  • Penetration testing & Ethical Hacking :

    PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Management :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Penetration testing & Ethical Hacking
Saint
Vulnerability Management