ARTICLE Saint Vulnerability Scanner v7.3 on the wild

Tuesday 16 March 2010 - 1305 read - ( Keywords : Penetration testing & Ethical Hacking , Saint , Vulnerability Scanner )

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and save.

New features in this version:

- Cross-site scripting exploit

  • Detects cross-site scripting vulnerability
  • E-mail forgery tool sends link which exploits vulnerability to steal cookies
  • Session hijacking tool after successful exploit

- New SAINTwriter pre-configured reports

  • Phishing report
  • Web crawling report

- New SAINTwriter vulnerability list columns (in custom reports)

  • Microsoft Bulletin number
  • Reference IDs

- Tutorial reductions (for some tutorials)

  • Only information relevant to reported CVEs is displayed
  • Less extraneous information
JPG - 31.3 kb

New vulnerability checks in version 7.3:

- multiple vulnerabilities in Microsoft Office Excel (MS10-017). (CVE2010-0257, CVE2010-0258, CVE2010-0260 through CVE2010-0264)
- Movie Maker and Producer buffer overflow vulnerability (MS10-016). (CVE2010-0265)
- Samba ’mount.cifs’ Utility Local Privilege Escalation Vulnerability. (CVE2010-0787)
- Apache Tomcat Multiple Directory Traversal Vulnerabilities. (CVE2009-2901CVE2009-2902)
- IBM Cognos Express Backdoor Account Remote Code Execution Vulnerability. (CVE2010-0557)
- Snitz Forums 2000 ’X-Forwarded-For’ SQL Injection Vulnerability. (BID37637)
- Apache 1.3 mod_proxy HTTP Chunked Encoding Integer Overflow Vulnerability. (CVE2010-0010)
- IMail Multiple Vulnerabilities (reversible encryption + weak ACL). (BID38109)
- Cisco Collaboration Server Cross Site Scripting Vulnerability. (CVE2010-0642)
- Wireshark Dissector LWRES Multiple Buffer Overflow Vulnerabilities. (CVE2010-0304)
- RSA SecurID Cross Site Scripting Vulnerability. (BID38207)
- Domino Web Access ActiveX Control URL Handling Buffer Overflow Vulnerability.(BID38457)
- Pidgin Multiple Denial of Service Vulnerabilities fixed in 2.6.6. (CVE2010-0277CVE2010-0420CVE2010-0423)
- IBM DB2 ’kuddb2’ Remote Denial of Service Vulnerability. (CVE2010-0472)
- lighttpd Slow Request Handling Remote Denial Of Service Vulnerability.(CVE2010-0295)
- Asterisk T.38 ’FaxMaxDatagram’ Remote Denial of Service Vulnerability. (CVE2010-0441)
- PostgreSQL ’bitsubstr’ Buffer Overflow Vulnerability. (CVE2010-0442)

New exploits in this version:

- Oracle Database DBMS_JVM_EXP_PERMS exploit
- Microsoft Office PowerPoint Viewer TextBytesAtom Record Buffer Overflow exploit. (CVE-2010-0033)
- Lotus Domino Web Access ActiveX exploit * cross-site scripting cookie theft exploit


POSTSCRIPTUM

Download SAINT v7.3 released


COMPLIANCE MANDATES

Penetration testing & Ethical Hacking : PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2
Vulnerability Scanner : PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


RELATED ARTICLES

Penetration testing & Ethical Hacking, Saint, Vulnerability Scanner,

15 April 2010 : SAINT® 7.3.3 Released
9 April 2010 : SARA-7.9.2a the final version released
1 April 2010 : SAINT® v7.3.2 Released
16 March 2010 : Saint Vulnerability Scanner v7.3 on the wild
27 February 2010 : Saint Vulnerability Scanner and Exploiter v7.2.7 released