Saint vulnerability scanner updated to v6.7.7

In: Penetration testing & Ethical Hacking , Saint , Vulnerability Scanner

13 April 2008

SAINT is the Security Administratorâ€™s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINTâ€™s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

New feature in 6.7.7::

Configuration options to customize password policy checks:

Password length - the required number of characters in the password
Password history - number of previous passwords which cannot be re-used
Maximum Age - days after which the user must change the password
Minimum Age - days before which the user cannot change the password
Lockout - the number of failed logins before the account is locked out

New vulnerability checks in version 6.7.7:

cumulative Internet Explorer vulnerability (MS08-024)
GDI remote code execution vulnerability (MS08-021)
CUPS
Firefox, Thunderbird and SeaMonkey
Novell eDirectory LDAP DelRequest Message Handling Buffer Overflow
Asterisk vulnerabilities
Ruby
Acrobat Reader Linux vulnerability
OpenSSH
Java Web Start vulnerabilities
Internet Explorer vulnerabilities involving setRequestHeader
additional Aurigma vulnerabilities
ASUS Remote Console DPC Proxy Service Buffer Overflow
solidDB vulnerabilities
McAfee ePolicy Orchestrator Framework Services HTTP Buffer Overflow
Cisco IOS vulnerabilities
HP OpenView Network Node Manager HTTP Handling Buffer Overflow
OpenVMS ssh
QuickTime vulnerabilities
Opera vulnerabilities
Macrovision InstallShield OCI Untrusted Library Loading Vulnerability
phpMyAdmin vulnerability
Lighttpd
Wireshark
Asterisk Invalid RTP Payload Type Number Memory Corruption
Windows DNS Spoofing vulnerability (MS08-020)
hxvz.dll ActiveX vulnerability (MS08-023)
Microsoft Project vulnerability (MS08-018)
Windows kernel user mode callback vulnerability (MS08-025)
Visio vulnerabilities (MS08-019)
VBScript and JScript engine script decoding vulnerability (MS08-022)

New exploits in this version:

Solaris rpc.ypupdated exploit
MDaemon IMAP FETCH exploit
Microsoft Office memory corruption exploit
Cisco UCP CSuserCGI.exe exploit

Post scriptum

Download basic release

Compliance Mandates

Penetration testing & Ethical Hacking :
PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2
Vulnerability Scanner :
PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

Penetration testing & Ethical Hacking	10 May 2010 : SQLNinja v0.2.5 released! 1 May 2010 : DAVTest v1.0 - WebDAV Application 25 April 2010 : (Paper) Pentesting Adobe Flex Applications (introducing new tool Blazentoo) 25 April 2010 : SIP Inspector v1.10 released 15 April 2010 : Ubuntu Pentest Edition v2.03 released
Saint	15 April 2010 : SAINTÂ® 7.3.3 Released 9 April 2010 : SARA-7.9.2a the final version released 1 April 2010 : SAINTÂ® v7.3.2 Released 16 March 2010 : Saint Vulnerability Scanner v7.3 on the wild 27 February 2010 : Saint Vulnerability Scanner and Exploiter v7.2.7 released
Vulnerability Scanner	12 May 2010 : Complemento v0.7.6 - Collection of Tools 26 April 2010 : Acunetix WVS v6.5 build 20100419 released 22 April 2010 : OpenSCAP v0.5.9 released 20 April 2010 : Sandcat v4.0 released 15 April 2010 : Nessus v4.2.2 released

Saint vulnerability scanner updated to v6.7.7

Post scriptum

Compliance Mandates

Related Articles

Follow us

Like us !

Most Read

Advertising

License

Categories

COMPANY

STANDARDS

RECENT POSTS

MENU