XPUs 6.1 and 6.2 for Internet Scanner Now Available!

Tue, 04 Dec 2001 12:47:34 -0800 


TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED]  Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------

> Internet Scanner X-Press Updates 6.1 and 6.2 are now available from the
> ISS Download Center:  <http://www.iss.net/eval/eval.php>.    
> 
> XPU 6.1 delivers 21 new vulnerability checks.  These checks address a
> number of vulnerabilities that affect Exchange, IIS web servers, Internet
> Explorer, Windows NT, Windows 2000, and Solaris among others.  This XPU
> also provides fixes to 11 existing checks.  
> 
> XPU 6.2 delivers two new vulnerability checks.  One check identifies
> systems vulnerable to WU-FTPD Heap Corruption, and the second check
> identifies systems with the keylogging trojan installed by the BadTrans
> Worm.
> 
> 
> PROTECTION BENEFITS 
> 
> *     Web Servers.  XPU 6.1 contains a new check for a high risk
> vulnerability that could result in a denial of service attack for IIS web
> servers.  
> *     Application Protection.  These XPUs contain new checks to assist in
> securing applications including Exchange servers, Cmail servers, Oracle
> Application servers, SQL Server, SSH, Telnet, FTP, and Internet Explorer.
> 
> *     Platform Protection.  XPU 6.1 contains checks for Windows NT,
> Windows 2000, and Solaris vulnerabilities.  
> *     Other Malicious Code.  Many of the checks in XPU 6.1 address
> denial-of-service and buffer overflow vulnerabilities.  XPU 6.2 has a
> check to identify the keylogging trojan installed by the BadTrans Worm.
> 
> 
> VERSIONS/PLATFORMS
> 
> XPU 6.1 and XPU 6.2 are for use with Internet Scanner 6.2.1.  Internet
> Scanner 6.2.1 is available on the ISS Download Center:
> <http://www.iss.net/eval/eval.php>.  
> 
> 
> NEW CHECKS 
> 
> New checks are listed below.  To learn more about the vulnerabilities
> these checks address please see the X-Force section of the ISS web site at
> <http://xforce.iss.net/> and search by the VulnID.  
> 
> XPU 6.1
> 
> Risk          VulnID                  Check Name
> Category
> ====    ======         ==========
> =========
> High          6982                    IisWebdavLongRequestDos*
> NT Critical Issues
> High          6652                    ExchangeOwaScriptExecution*
> NT Critical Issues
> Medium        7526            ExchangeMalformedRpcDos*                NT
> Critical Issues
> High          7406                    CmailHeloBo
> E-mail
> High          7306                    OracleAppserverHttpBo
> Web Scan
> Medium        7527                    MssqlMalformedRpcDos*
> NT Critical Issues
> High          6748                    IeFrameVerificationVariant*
> NT Critical Issues
> High          7260                    IeTelnetCommandExecutionVariant*
> NT Critical Issues
> High          6230                    IeTelnetExecuteCommands*
> NT Critical Issues
> Medium        7258                    IeIncorrectSecurityZone*
> NT Critical Issues
> Medium        7259                    IeUrlHttpRequests*
> NT Critical Issues
> High          6083                    SshDeattackOverwriteMemory
> Daemons
> High          7284                    TelnetTabBO
> Daemons
> Medium        7334                    SolarisFingerdListAccounts
> Daemons
> Medium        7157                    SquidMkdirPutDos
> Daemons
> High          6443                    Win2kCatalogRemoveHotfixes*
> NT Critical Issues
> High          6745                    Win2kLdapChangePasswords*
> NT Critical Issues
> Medium        6506                    Win2kKerberosDos*
> NT Patches
> Medium        7528                    WinntMalformedRpcDos*
> NT Critical Issues
> Medium        7125                    WinntIndexserverSqlqhitAsp
> Web Scan
> Medium        7105                    WinntRpcEndpointDos*
> NT Patches
> 
> XPU 6.2
> 
> Risk    VulnID                Check Name
> Category
> ====    ======        ==========                              =========
> High  7611            WuftpGlobHeapCorruption         FTP
> High  7607            BadtransWorm*                           Backdoors
> 
> * beside check name above indicates that administrative privileges on
> scanned hosts are required to run check.
> 
> 
> IMPROVED CHECKS
> 
> A number of checks have also been improved in XPU 6.1.  Details of the
> types of changes that were made are available in the ReadMe.
> 
> *     LegalNotice
> *     Cart32AdminPassword
> *     FTP PASV Denial of Service
> *     IIS HTR Overflow
> *     GauntletCyberdaemonBo
> *     Novell Web Server DoS
> *     Smtpexpn
> *     IisIsapiPrinterBo
> *     IeMimeExecuteCode
> *     Display Last Username
> *     HttpPut
> 
> 
> For more information on the release of Internet Scanner, please contact
> the following:
> 
> *     For additional product information:
>       -       http://www.iss.net/db_data/xpu/IS.php
>       -       Jamie Lau, X-Press Updates Product Manager, [EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>
> 
> *     For sales information:
>       -       [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>       -       888-901-7477 (North America)
> 
> *     For education, consulting and support information, including ISS
> SecureU training on Internet Scanner:
>       -       Lisa Weinstein, Marketing Programs Manager, Consulting &
> Education
>               [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>       -       ISS SecureU training -
> <http://education.iss.net/namerica.php>
>       -       Technical Support, [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>,
> 888-447-4861 (North America)
>

Reply via email to