Saint scanner updated to 6.4

by

In: Saint , Vulnerability Scanner

5 March 2007

With SAINT® vulnerability assessment tool, you can:

  • Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders.
  • Anticipate and prevent common system vulnerabilities.
  • Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPPA.

The SAINT® scanning engine is the ideal cornerstone for your vulnerability assessment program. SAINT features a graphical user interface that is intuitive and easy to use.

New features in version 6.4:

  • IPv6 compatibility in SAINTexploit
  • Requires Socket6 and IO-Socket-INET6 PERL modules available from www.cpan.org
  • Encrypted Windows authentication
  • Secure authenticated checks against Windows targets
  • Full compatibility with Windows Vista
  • Requires OpenSSL
  • Smaller file sizes for PDF reports
  • zlib compression of PDF streams
  • Faster target discovery in firewall mode
  • Shorter scan times

New vulnerability checks in version 6.4:

  • Sun Solaris Telnet worm
  • Snort vulnerability
  • Microsoft Malware Protection Engine PDF integer overflow
  • Trend Micro ServerProtect Buffer Overflow
  • Trend Micro OfficeScan Client ActiveX Control buffer overflow
  • Mozilla Firefox vulnerabilities
  • Mozilla SeaMonkey vulnerabilities
  • Mozilla Thunderbird vulnerabilities
  • Lotus Domino Webmail names.nsf hidden form field vulnerability
  • Mac OS X Security Update 2007-002
  • Mac OS X ImageIO GIF Image Integer Overflow
  • PHP denial of service vulnerability
  • Opera vulnerability
  • ClamAV vulnerabilities
  • MailEnable Professional and Enterprise
  • JRun cross-site scripting
  • Cold Fusion vulnerability
  • iTunes vulnerability
  • Google Desktop vulnerability
  • Capital Request Forms configuration file access vulnerability
  • MicroTorrent
  • Kiwi CatTools TFTP directory traversal
  • Cisco IOS IPS vulnerabilities
  • JBoss Console access
  • SpamAssassin vulnerability
  • SupportSoft ActiveX components in Symantec products
  • @Mail vulnerabilities

New exploits in this version:

  • Solaris telnetd authentication bypass exploit
  • Trend Micro OfficeScan ActiveX exploit
  • Trend Micro ServerProtect CMON_NetTestConnection exploit
  • Trend Micro ServerProtect ENG_SendEMail exploit
  • HP Mercury LoadRunner exploit
  • NetBackup bpcd command chaining exploit
  • CA License Server GCR buffer overflow (added Linux support)

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Saint
Vulnerability Scanner