SAINT v7.2.6 released

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and save.

Version 7.2.6

New features in this version:

  • SAINTManager:
    • Added audit log entry for deleting scheduled scans.
    • Added scheduling, recovery, and SAINTmanager support for OVAL scans.
  • SAINTWriter:
    • Ability to list CVSS score per CVE (HTML, FRAMELESS, TAB and PDF formats)
    • Ability to search by reference ID’s (MS #, CERT #, etc.) in custom scan level setup.
JPEG - 31.3 kb

New vulnerability checks in version 7.2.6:

  • Microsoft Office remote code excution vulnerability (MS10-003). (CVE 2010-0243)
  • Microsoft Office Powerpoint remote code execution vulnerability (MS10-004). (CVE 2010-0029, CVE 2010-0030, CVE 2010-0031, CVE 2010-0032, CVE 2010-0033, CVE 2010-0034)
  • Microsoft Paint Integer Overflow vulnerability (MS10-005). (CVE 2010-0028)
  • Microsoft SMB Client Remote Code Execution vulnerabilities (MS10-006). (CVE 2010-0016, CVE 2010-0017)
  • Windows Shell Handler vulnerability (MS10-007). (CVE 2010-0027)
  • Microsoft Data Analyzer ActiveX Kill Bits (MS10-008). (CVE 2010-0252)
  • TCP/IP driver vulnerabilities (MS10-009). (CVE 2010-0239, CVE 2010-0240, etc.)
  • Microsoft Hyper-V Server Denial of Service Vulnerability (MS10-010). (CVE 2010-0026)
  • Microsoft CSRSS Elevation of Privilege vulnerability (MS10-011). (CVE 2010-0023)
  • SMB Server Service vulnerabilities (MS10-012). (CVE 2010-0020, CVE 2010-0021, etc.)
  • Windows DirectShow AVI buffer overflow (MS10-013). (CVE 2010-0250)
  • Windows Kerberos denial-of-service vulnerability (MS10-014). (CVE 2010-0035)
  • Elevation of Privilege Vulnerabilities in Windows Kernel (MS10-015). (CVE 2010-0232 CVE 2010-0233)
  • MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities. (CVE 2009-4212)
  • multiple vulnerabilities in Microsoft Windows Flash Player 6. (SA27105)
  • Multiple Vulnerabilities fixed in PowerDNS Recursor (CVE 2009-4009 CVE 2009-4010)
  • MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability. (CVE 2009-4484)
  • nginx Terminal Escape Sequence in Logs Command Injection vulnerability. (CVE 2009-4487)
  • Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability. (CVE 2009-4489)
  • Sun Java System Directory Server ’core_get_proxyauth_dn’ Denial of Service Vulnerability.(CVE 2010-0313)
  • RealNetworks RealPlayer ".rm" File Malformed URI Remote Denial of Service vulnerability. (BID37704)
  • Acme thttpd Terminal Escape Sequence in Logs Command Injection Vulnerability. (CVE 2009-4491)
  • HP Power Manager formExportDataLogs Buffer Overflow.(CVE 2009-3999)
  • Drupal 6.15 Multiple HTML Injection Vulnerabilities. (BID37676)
  • eStore SQL injection vulnerability. (BID37525)
  • Adobe Illustrator buffer overflow. (CVE 2009-3952)
  • HP Power Manager formExportDataLogs Directory Traversal.(CVE 2009-4000)
  • Adobe Reader and Acrobat 9.2 Multiple Vulnerabilities. (CVE 2009-3953 CVE 2009-3954 and etc.)
  • Linux Kernel ’print_fatal_signal()’ Local Information Disclosure Vulnerability. (CVE 2010-0003)
  • Linux Kernel ’ebtables’ Security Bypass Vulnerability. (CVE 2010-0007)
  • Multiple Vulnerabilities fixed in Adobe Shockwave Player (CVE 2009-4002 CVE 2009-4003)
  • Mac OS X Security Update 2010-001.(CVE 2010-0036 CVE 2010-0037 and etc.)
  • WebLogic Server Node Manager Command Execution vulnerability. (BID37926)
  • vBulletin ’misc.php’ SQL Injection Vulnerability.(BID37854)
  • SurgeFTP ’surgeftpmgr.cgi’ Multiple Cross Site Scripting Vulnerabilities.(BID37844)
  • Vulnerabilities fixed in phpMyAdmin 2.11.10. (CVE 2008-7251 CVE 2008-7252 CVE 2009-4605)
  • Multiple Remote Vulnerabilities in WebLogic Server. (CVE 2010-0068 CVE 2010-0069 CVE 2010-0074 CVE 2010-0078)
  • ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability. (CVE 2010-0097)
  • IBM DB2 SQL REPEAT Buffer Overflow Vulnerability. (BID37976)
  • OpenOffice ’.csv’ File Remote Denial of Service Vulnerability. (BID37807)
  • XOOPS Cross Site Scripting and SQL Injection Vulnerabilities. (SA37920)
  • HP OpenView Network Node Manager nnmRptConfig.exe Buffer Overflow. (CVE 2009-3848)
  • HP OpenView Network Node Manager snmp.exe Buffer Overflow. (CVE 2009-3849)
  • SAP MaxDB Unspecified Information Disclosure and Denial of Service Vulnerabilities. (BID37766)
  • PHPCart Cross Site Scripting Vulnerability. (BID37567)
  • MercuryBoard Cross Site Scripting Vulnerability (BID37605)
  • Sun Java System Web Server Admin Server Denial of Service Vulnerability. (BID37909)
  • Microsoft Internet Explorer Security Zone Bypass. (CVE 2010-0255)
  • Multiple RealNetworks Products Multiple Remote Vulnerabilities. (CVE 2009-4241 CVE 2009-4242 and etc.)
  • Adobe Flash Media Server arbitrary DLL loading vulnerability (CVE 2009-1365)
  • Adobe Flash Media Server remote Action Script and Dos vulnerabilities (CVE 2009-3791 CVE 2009-3792)
  • BigAnt USV Request Buffer Overflow (BID37520)
  • Cisco WebEx WRF Player buffer overflow in atrpui.dll(CVE 2009-2880)
  • Unbound DNS NSEC3 Signature Verification DNS Spoofing Vulnerability (CVE 2009-3602)
  • httpdx Remote Source Code Disclosure (SA36734)
  • web server default web pages
  • OpenOffice ’.slk’ File NULL Pointer Dereference Remote Denial of Service Vulnerability. (BID37857)
  • Adobe Flash Player SWF File Denial of Service Vulnerability. (BID37850)
  • VLC Media Player ASS File Buffer Overflow Vulnerability. (CVE 2010-0364)
  • Ruby malformed HTTP request vulnerability. (CVE 2009-4492)
  • Linux Kernel ’fasync_helper()’ Local Privilege Escalation Vulnerability. (CVE 2009-4141)
  • Linux Kernel ’ipv6_hop_jumbo()’ Remote Denial of Service Vulnerability. (CVE 2010-0006)

New exploits in this version:

  • HP Power Manager formExportDataLogs exploit. (CVE 2009-3999)
  • Novell iPrint Client ienipp.ocx persistence parameter parsing buffer overflow exploit. (CVE 2009-1569)
  • PHP remote file inclusion exploit
  • HP Openview Storage Data Protector buffer overflow exploit
  • Sun Java System Web Server WebDAV OPTIONS request exploit. (CVE 2010-0361)
  • BigAnt Messenger Server USV Command Buffer Overflow exploit. (BID 37520)

Post scriptum

Compliance Mandates

  • Penetration testing & Ethical Hacking :

    PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

Related Articles

Penetration testing & Ethical Hacking
Vulnerability Scanner