TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
> Internet Scanner X-Press Update 6.17 is now available from the ISS Download Center: ><http://www.iss.net/download/>. Internet Scanner XPU 6.17 contains 12 new checks >and improvements for several existing checks. > > PROTECTION BENEFITS > > * Application Protection. Checks in this XPU address security issues in >Microsoft SQL Server, Apache HTTP Server, Lotus Domino Server, and Macromedia Flash >Player. > > * Platform Protection. XPU 6.17 includes checks for Solaris Answerbook2, Cisco >IOS, and Windows buffer overflow vulnerabilities. > > NEW CHECKS > > The new checks in this XPU are listed below. > > Risk VulnID Check Name Category > ==== ====== ========== ========= > High 9756 Answerbook2AdminScriptsAccess Web Scan > High 9758 Answerbook2DwhttpdFormatString Web Scan > High 9808 ApacheEncodedDirectoryTraversal Web Scan > Medium 5899 LotusDominoDirectoryTraversal Web Scan > Medium 7424 LotusDominoReplicaidAccess Web Scan > High 9794 WsftpSiteCpwdBo FTP > High 9700 CiscoTftpFilenameBo Daemons > Medium 10062 MalformedHttpStatusResponse Daemons > Medium 9797* FlashSameDomainDisclosure NT Critical Issues > High 8359* MssqlMultipleXpBo NT Critical >Issues > High 8243* MssqlOledbAdhocBo NT Critical Issues > Low 9933* WinSmbPacketBo NT Patches > > * Please note that these checks require administrative privileges on scanned hosts. > > IMPROVED CHECKS > * SshDeattackOverwriteMemory (VulnID: 6083) > * IisURLdecode (VulnID: 6534) > * Passfilt.dll (VulnID: 1310) > * MailtoPipedAddress (VulnID: 5241) > > VERSIONS/PLATFORMS > > XPU 6.17 is for use with Internet Scanner version 6.2.1. Internet Scanner 6.2.1 is >available on the ISS Download Center: <http://www.iss.net/eval/eval.php>. > > > For more information on this release, please contact the following: > > * For additional product information: > - Internet Scanner: ><http://www.iss.net/products_services/enterprise_protection/vulnerability_assessment/> > - X-Press Updates: <http://www.iss.net/db_data/xpu/IS.php> > > * For sales and professional services information: > - [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > - 888-776-2362 (U.S. and Canada); +1-404-236-2600 (International) > > * For support information, including ISS> '> Technical Support Knowledgebase: > - Customer Support - <http://www.iss.net/support/enterprise/index.php> > - Technical Support Knowledgebase - <http://www.iss.net/support/knowledgebase/> > > > CONNECT 2002: The Premier Conference for Internet, Enterprise and Network Security > Join us at Internet Security Systems' International Security Summit, September 30 - >October 4, 2002 in Atlanta > Visit <http://www.issconnect.net> for details >
