TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- > ================================================== > X-PRESS UPDATES FOR NETWORK SENSOR, > INTERNET SCANNER AND DATABASE SCANNER NOW AVAILABLE! > ================================================== > > APPLICATION PROTECTION > > The most recent X-Press Updates provide new > vulnerability assessment and attack detection > capabilities for a variety of popular applications. > New checks and signatures for applications include > the following: > > - Wireless. Internet Scanner XPU 4.9 contains a check > to detect rogue 802.11 access points. The check will > identify Wireless LANS on your network, which put your > network at risk if left unsecured. > > - Microsoft SQL. Database Scanner XPU 1.1 provides new > checks to identify vulnerabilities in SQL databases. > These include a buffer overflow, exposed > user names and passwords, and a vulnerability that can > cause the server to crash. > > - Web Servers. Internet Scanner XPU 4.9 contains two checks > to detect vulnerabilities in IIS web servers, and one > check to detect vulnerabilities in Jakarta Tomcat used > with Apache web servers. > > There are also checks and signatures that apply to > mail applications, shopping carts, and others. > > > PROTECTION FROM HOSTILE CODE > > The X-Press Updates protects against new hostile > code. New checks and signatures include > protection against denial of service attacks, backdoors, > buffer overflow attacks, and many others. > > Internet Scanner XPU 4.9 also contains the Solaris snmpxdmidbo > check to detect vulnerable versions of the snmpXdmid daemon. > This vulnerability has been used to exploit many Solaris > systems in recent weeks. > > > PLATFORMS > > The XPUs are not focused on one platform, but > provide checks and signatures relevant for the > Windows, Solaris, and Unix environments. > > > *************************************************** > NEW IN INTERNET SCANNER XPU 4.9 > *************************************************** > > NEW CHECKS > > Risk VulnID Check Name Category > ==== ====== ========== ======== > High 6263 Ieee80211DevicePresent SNMP > High 6245 SolarisSnmpxdmidBo RPC > Medium 5050 LinuxLockdRemoteDos RPC > High 6238 BackdoorDagger Backdoors > High 6150 BackdoorNetdemon Backdoors > High 6321 NtpdRemoteBo Daemons > High 5175 OutlookVcardDos NT Critical Issues > High 6160 Win2kEventViewerBo NT Critical Issues > High 5937 WinMediaplayerArbitraryCode NT Critical Issues > Medium 6205 IisWebdavDos NT Critical Issues > Medium 6166 FtpxqDirectoryTraversal FTP > High 5335 IisIndexDirTraverse Web Scan > High 4880 MinivendViewpageSample Web Scan > Medium 5160 JakartaTomcatAdmin Web Scan > > FIXES > > 1. Tool Talk Overflow was improved to reduce false positives. > 2. Tfn2kDos was modified to improve consistency of check. > 3. Unknown PWD Filter was improved to recognize more known > filters and reduce false positives. > 4. ASP Source and ASPdot Check Exceptions. > 5. Open Netbios Share Improvements. > > IMPORTANT NOTES > > The NtpdRemoteBo check will DoS an HPUX 11.0 machine. > The machine will need to be rebooted because it will > not respond to commands from the console. > > > *************************************************** > NEW IN NETWORK SENSOR XPU 2.3 > *************************************************** > > NEW SIGNATURES > > SecChkID ProductCheckName CategoryName > ----------- ------------------- ------------- > 1463 IMAP_Authenticate_Overflow High > 1608 Bootp_Remote_Overflow High > 6321 NTP_Buffer_Overflow High > 1895 IMAP_Imail_Overflow Medium > 1558 Cisco_Syslog_DoS Medium > 2349 Email_Amavis_Exec High > 3432 Email_To_Dot_Dot Medium > 1743 HTTP_ColdFusion_FileExists Low > 4404 Quake3Arena_Vulnerable_Server High > 4404 Quake3Arena_Vulnerable_Client High > > FIXES > > 1. Stream_DoS has been revised to help reduce false positives. > 2. TFN includes a bug fix. > > IMPORTANT NOTES > > Prior to installing RealSecure Network Sensor XPU 2.3, Service > Release 1.1 must be applied. > > For more information on how to install an X-Press Update, > please see RealSecure Help and the XPU 2.3 ReadMe. > > > *************************************************** > NEW IN DATABASE SCANNER XPU 1.1 > *************************************************** > > NEW CHECKS > > SecCkID Category Name > ======= ======== ==== > 4582 Authentication DTS Passwords Exposed > 5622 System Integrity Buffer Overflow in Extended > Stored Procedures > 6271 System Integrity Force SSL Encryption > 3891 System Integrity Malformed TDS Packet Header > > FIXES > > 1. This XPU ensures that Database Scanner 4.1 reporting will > be compatible with installations of Internet Scanner 6.2. > 2. This XPU contains a fix for the Oracle penetration test feature.
