[Update] Saint Vulnerability Scanner 6.7.2 available

In: Penetration testing & Ethical Hacking , Saint , Vulnerability Scanner

4 February 2008

SAINT is the Security Administratorâ€™s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINTâ€™s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

New vulnerability checks in version 6.7.2:

MS Rich Textbox Control Savefile vulnerability
MS Visual FoxPro DoCmd ActiveX vulnerability
yaSSL vulnerability in MySQL
Jetty Double Slash URI Information Disclosure Vulnerability
JustSystems Ichitaro JSFC.dll buffer overflow vulnerability
QuickTime HTTP Error Response buffer overflow vulnerability
McAfee E-Business Server vulnerability
AOL Radio AmpX vulnerability
TSM Express vulnerability
PostgreSQL vulnerabilities
QuickTime vulnerabilities fixed by version 7.4
Drupal vulnerability
MadWifi
Apache module vulnerabilities
Gateway Web Launch ActiveX vulnerabilities
SAP MaxDB cons.exe command injection vulnerability
MS Excel file handling code execution vulnerability
Tectia SSH Server privilege elevation vulnerability
Cisco UCM CTLProvider heap overflow vulnerability
Oracle Database Critical Patch Update
security bypass and cross-site scripting vulnerabilities in Horde application framework and IMP Webmail
security bypass vulnerabilities in Horde Turba Contact Manager, Nag, Mnemo, Kronolith
macrovision FLEXNet ActiveX control vulnerability
UTorrent peers window remote denial of service vulnerability
Citadel SMTP buffer overflow
Citrix Presentation Server IMA buffer overflow vulnerability
Winamp Ultravox vulnerabilities
Crystal Reports Enterprise Tree ActiveX Control buffer overflow
Tivoli Provisioning Manager HTTP server bo vulnerability
Member Area System remote file include (view_func.php)
Gradman directory traversal (info.php)

New exploits in this version:

BrightStor ARCserve LGServer rxsUseLicenseIni exploit
Novell GroupWise Client IMG SRC exploit
MaxDB cons.exe command injection exploit
Microsoft Excel exploit
Microsoft DirectX SAMI parser exploit
Tivoli Provisioning Manager for OS Deployment exploit

Post scriptum

Download

Compliance Mandates

Penetration testing & Ethical Hacking :
PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2
Vulnerability Scanner :
PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

Penetration testing & Ethical Hacking	10 May 2010 : SQLNinja v0.2.5 released! 1 May 2010 : DAVTest v1.0 - WebDAV Application 25 April 2010 : (Paper) Pentesting Adobe Flex Applications (introducing new tool Blazentoo) 25 April 2010 : SIP Inspector v1.10 released 15 April 2010 : Ubuntu Pentest Edition v2.03 released
Saint	15 April 2010 : SAINTÂ® 7.3.3 Released 9 April 2010 : SARA-7.9.2a the final version released 1 April 2010 : SAINTÂ® v7.3.2 Released 16 March 2010 : Saint Vulnerability Scanner v7.3 on the wild 27 February 2010 : Saint Vulnerability Scanner and Exploiter v7.2.7 released
Vulnerability Scanner	12 May 2010 : Complemento v0.7.6 - Collection of Tools 26 April 2010 : Acunetix WVS v6.5 build 20100419 released 22 April 2010 : OpenSCAP v0.5.9 released 20 April 2010 : Sandcat v4.0 released 15 April 2010 : Nessus v4.2.2 released

[Update] Saint Vulnerability Scanner 6.7.2 available

Post scriptum

Compliance Mandates

Related Articles

Follow us

Like us !

Most Read

Advertising

License

Categories

COMPANY

STANDARDS

RECENT POSTS

MENU