Saint Vulnerability Scanner 6.7.5 released

In: Saint , Vulnerability Management , Vulnerability Scanner

13 March 2008

SAINT is the Security Administratorâ€™s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINTâ€™s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved.

New vulnerability checks in version 6.7.5:

Microsoft Excel arbitrary code execution (MS08-014)
Microsoft Outlook mailto arbitrary code execution vulnerability (MS08-015)
Microsoft Office memory corruption vulnerabilities (MS08-016)
Microsoft Office Web Component Arbitrary Code Execution vulnerabilities (MS08-017)
multiple JDK/JRE arbitrary code execution vulnerabilities
multiple Lyris ListManager remote vulnerabilities
SQL injection vulnerability in PHP-Nuke Web_Links module cid parameter
SQL injection in XOOPS classifieds module cid parameter for the Adsview action
multiple Dokeos SQL injection and cross-site scripting vulnerabilities
Trend Micro OfficeScan Policy Server buffer overflow
Symantec Backup Exec for Windows Server pvcalendar.ocx ActiveX control arbitrary code execution
SurgeMail multiple vulnerabilities
SurgeFTP Content-Length parameter NULL pointer vulnerability
lighttpd file descriptor array denial of service
Facebook ActiveX Control buffer overflow vulnerability
VSF 5.0 for windows dos vulnerability
VLC Media Player MP4 Demuxer remote code execution
activePDF Server buffer overflow
TikiWiki cross-site scripting
MyServer HTTP Methods "204 Not Content" Error remote denial of service
S9Y Serendipity "Real Name" Field HTML Injection
Citrix MetaFrame Web Manager Cross-site scripting
VMWare products shared folders directory traversal vulnerability
GNOME Evolution vulnerability
Lighttpd vulnerabilities
IBM WebSphere MQ Security Bypass
Horde vulnerabilities
MediaWiki cross-site scripting
Wireshark vulnerabilities fixed in 0.99.8

New exploits in this version:

Veritas Storage Foundation Administrator service exploit
Trend Micro OfficeScan CGI exploit
MySQL yaSSL Hello message exploit
Novell iPrint Control ActiveX exploit
Microsoft Office Web Components exploit

Post scriptum

Download

Compliance Mandates

Vulnerability Management :
PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2
Vulnerability Scanner :
PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

Saint	15 April 2010 : SAINTÂ® 7.3.3 Released 9 April 2010 : SARA-7.9.2a the final version released 1 April 2010 : SAINTÂ® v7.3.2 Released 16 March 2010 : Saint Vulnerability Scanner v7.3 on the wild 27 February 2010 : Saint Vulnerability Scanner and Exploiter v7.2.7 released
Vulnerability Management	28 April 2010 : Nessus Parsing Tools v1.3.1 15 April 2010 : Nessus v4.2.2 released 9 March 2010 : Dradis v2.5.1 released 7 March 2010 : Samurai Web Testing Framework 0.8 available 1 March 2010 : Security-Database Vulnerability Dashboard updates
Vulnerability Scanner	12 May 2010 : Complemento v0.7.6 - Collection of Tools 10 May 2010 : SQLNinja v0.2.5 released! 26 April 2010 : Acunetix WVS v6.5 build 20100419 released 22 April 2010 : OpenSCAP v0.5.9 released 20 April 2010 : Sandcat v4.0 released

Saint Vulnerability Scanner 6.7.5 released

Post scriptum

Compliance Mandates

Related Articles

Follow us

Like us !

Most Read

Advertising

License

Categories

COMPANY

STANDARDS

RECENT POSTS

MENU