Saint scanner updated to 6.3.7

by

In: Saint , Vulnerability Scanner

16 February 2007

With SAINT® vulnerability assessment tool, you can:

  • Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders.
  • Anticipate and prevent common system vulnerabilities.
  • Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPPA.

The SAINT® scanning engine is the ideal cornerstone for your vulnerability assessment program. SAINT features a graphical user interface that is intuitive and easy to use.

New vulnerability checks in version 6.3.7:

  • Step-by-Step Interactive Training remote code execution (MS07-005)
  • Window Shell privilege elevation (MS07-006)
  • Image Acquisition Service privilege elevation (MS07-007)
  • HTML Help ActiveX Control remote code execution (MS07-008)
  • Internet Explorer ADODB.Connection object memory corruption (MDAC vulnerability) (MS07-009)
  • Microsoft OLE Dialog RTF remote code execution (MS07-011)
  • Added check for MFC Component RTF remote code execution (MS07-012)
  • Added check for Microsoft and Microsoft Office RichEdit in RTF vulnerability (MS07-013)
  • Microsoft Word remote code execution vulnerabilities (MS07-014)
  • Microsoft Office remote code execution vulnerabilities (MS07-015)
  • Added check for Microsoft Internet Explorer remote code execution vulnerabilities (MS07-016)
  • Month of Apple Bugs vulnerabilities
  • Operating System version check.
  • Mac OS X Help Viewer
  • iPhoto
  • iMovie HD
  • iChat
  • Apple DMG Volume Name Memory Corruption
  • Apple Installer package filename format string vulnerability
  • Safari vulnerabilities
  • DiskManagementTool vulnerability
  • Apple Preview PDF format vulnerability
  • OmniWeb Format String vulnerability
  • Application Enhancer
  • AppleTalk vulnerability
  • Mac OS X privilege elevation
  • Colloquy
  • Apple SLP vulnerability
  • Rumpus
  • Panic Transmit remote code execution
  • Added check for Mac OS X Software Update vulnerability
  • Citrix Presentation Server print provider buffer overflow.
  • Woltlab Burning Board and Woltlab Burning Board Lite
  • PHP-Nuke cross-site scripting vulnerability
  • JetDirect vulnerability
  • Cisco IOS vulnerabilities
  • Online Media Services Ltd NCTsoft NCTAudioFile2.dll buffer overflow
  • Cisco IOS SIP denial of service
  • SAMI HTTP Server denial of service caused by excessive requests for nonexistent objects
  • BIND remote fetch context and remote DNSSEC validation denial of service vulnerabilities
  • Apple QuickDraw PICT images vulnerability
  • Wireshark vulnerability
  • PGP Desktop vulnerability
  • BitDefender format string privilege elevation vulnerability
  • OpenLDAP (Gentoo version) vulnerability
  • Wordpress vulnerabilities
  • MyBB vulnerabilities
  • BrightStor ARCserve Backup of Laptops and Desktops LGServer buffer overflows
  • XMB HTML injection vulnerability
  • WS_FTP vulnerability
  • Yahoo Messenger vulnerability
  • Microsoft Word section table array buffer overflow
  • ARCserve Backup Portmapper Denial of Service
  • VLC vulnerabilities
  • Samba vulnerabilities fixed in 3.0.24
  • ColdFusion cross-site scripting in User-Agent header
  • HP Mercury Loadrunner Agent buffer overflow
  • Drupal remote code execution
  • Solaris Telnet Daemon Authorization Bypass
  • ImageMagick vulnerability
  • PostgreSQL vulnerabilities
  • PHP vulnerabilities
  • New exploits in this version:
  • Microsoft Help Workshop .CNT file exploit
  • BrightStor ARCserve LGServer exploit
  • Internet Explorer VML integer overflow exploit
  • BrightStor ARCserve Backup Tape Engine opnum 0xCF exploit

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Saint
Vulnerability Scanner