Saint vulnerability scanner v6.7.4 released

In: Network Discovery , Saint , Vulnerability Scanner

1 March 2008

SAINT is the Security Administratorâ€™s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINTâ€™s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved.

New vulnerability checks in version 6.7.4:

JRE and JDK XML external entity and untrusted application/applet privilege elevation vulnerabilities
Belkin Wireless G Plus MIMO router remote authentication bypass
Netwerk Smart Publisher base-64 PHP injection in filedata parameter
WordPress plugin fGallery fin_rss.php SQL injection vulnerability
WordPress plugin WP-Cal editevent.php SQL injection vulnerability
Novell Client EnumPrinters buffer overflow
Xlight FTP Server LDAP authentication bypass vulnerability
Titan FTP Server DELE command remote buffer overflow
Apple iPhoto Photocast subscription remote format string vulnerability
Kerio MailServer multiple vulnerabilities
Veritas Storage Foundation Adminstrator vulnerability
ClamAV vulnerabilities
PCRE vulnerabilities
WordPress vulnerabilities
Mailman vulnerabilities
Cacti vulnerabilities
CUPS vulnerabilities
SQL injection vulnerability in Customer Testimonials add-in for osCommerce
Gallery vulnerabilities
Sybase SQL Anywhere MobiLink buffer overflow vulnerability
Opera multiple vulnerabilities
WS_FTP opendir command buffer overflow vulnerability
WS_FTP logging server denial of service vulnerability
Novell iPrint Client ActiveX vulnerability
address book security bypass vulnerability in Horde Turba Contact Manager and related applications
multiple Claroline vulnerabilities including SQL injection and cross-site scripting
Altiris Notification Server Agent local privilege elevation vulnerability
WS_FTP Server Manager authentication bypass vulnerability
SAPlpd vulnerabilities

New exploits in this version:

BrightStor ARCserve LGServer rxRPC.dll directory traversal exploit
Microsoft Works File Converter field length exploit
Microsoft Works File Converter Index Table exploit
Novell Client nwspool.dll EnumPrinters exploit

Post scriptum

Download

Compliance Mandates

Network Discovery :
PCI DSS 11.2, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5
Vulnerability Scanner :
PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

Network Discovery	12 May 2010 : Complemento v0.7.6 - Collection of Tools 10 April 2010 : Scapy v2.1.1 in the wild 30 March 2010 : pwnat tool v0.2-beta released 30 March 2010 : Nmap v5.30 beta 1 in the wild - doped with scripts - 27 March 2010 : pwnat tool v0.1-beta bypassing NAT
Saint	15 April 2010 : SAINTÂ® 7.3.3 Released 9 April 2010 : SARA-7.9.2a the final version released 1 April 2010 : SAINTÂ® v7.3.2 Released 16 March 2010 : Saint Vulnerability Scanner v7.3 on the wild 27 February 2010 : Saint Vulnerability Scanner and Exploiter v7.2.7 released
Vulnerability Scanner	10 May 2010 : SQLNinja v0.2.5 released! 26 April 2010 : Acunetix WVS v6.5 build 20100419 released 22 April 2010 : OpenSCAP v0.5.9 released 20 April 2010 : Sandcat v4.0 released 15 April 2010 : Nessus v4.2.2 released

Saint vulnerability scanner v6.7.4 released

Post scriptum

Compliance Mandates

Related Articles

Follow us

Like us !

Most Read

Advertising

License

Categories

COMPANY

STANDARDS

RECENT POSTS

MENU