[Customerconnect] Announcing Internet Scanner X-Press Update 6.20 Now AvailableFrom: Solutions Marketing (SolutionsMarketing@iss.net)
- Previous message: Solutions Marketing: "[Customerconnect] Announcing System Scanner Service Release 3.08 Now Available!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Solutions Marketing" <SolutionsMarketing@iss.net> To: <firstname.lastname@example.org> Date: Tue, 5 Nov 2002 11:28:57 -0500
The Internet Scanner® X-press Update (XPU) 6.20 is now available from the ISS Download Center at http://www.iss.net/download/.
This release includes new checks, modified checks, and new policies. Two new policies are provided in this XPU to support the SANS Top 20. The policies include a Windows policy and a Unix policy enabling checks related to the Top 20 vulnerable services. For more information on the SANS Top 20, please visit the following link: http://www.sans.org/top20/.
Ten new checks are included in this XPU.
VulnID Check Name Category Risk
====== ========== ========= ====
9799 IplanetChunkedEncodingBo Web Scan High
9857* MssqlXpWeakPermissions NT Critical Issues High
10133* MsvmJdbcDllExecution NT Critical Issues High
9814** HpEmanateDefaultSnmp Router/Switch High
10265* BugbearWorm NT Critical Issues High
10304 BindSigRrBo Daemons High
9816 ShoppingCartDatabaseAccess Web Scan High
9848* IeHtmScriptExecution NT Critical Issues Medium
10215* WinWshRunning NT Critical Issues Medium
10332 BindOptRrDos Daemons Low
*Please note that these checks require administrative privileges on scanned hosts.
** Please note that this check requires a read access community string.
Security content bug fixes include:
* IisStandaloneServer (vulnID 4558)
* MssqlJetOdsBo (vulnID 9375)
* MssqlMs02038Patch (Vuln ID 9667)
* SolarisAnswerbook2RemoteExecution (vulnID 5058)
* SshdeattackOverwriteMemory (vulnID 6083)
* Win2kLdapChangePasswords (vulnID 6745)
* SqlServer modified to eliminate exceptions in specific circumstances.
* Windows 2000 service pack checks modified to eliminate false positives on Windows XP.
* Checks with Internet Explorer 6 Service Pack 1 as remedy were modified.
* Updated Vulnerability Catalog.
* Multiple SMTP entries in Services report has been eliminated.
* For additional product information regarding this release:
- X-Press Updates - http://www.iss.net/db_data/xpu/RS.php
- Internet Scanner - http://www.iss.net/products_services/enterprise_protection/vulnerability_assessment/scanner_internet.php
* For sales and professional services information:
- 888-776-2362 (U.S. and Canada); +1-404-236-2600 (International)
* For support information, including ISS' Technical Support Knowledgebase:
- Customer Support - http://www.iss.net/support/enterprise/index.php
- Technical Support Knowledgebase - http://www.iss.net/support/knowledgebase/
CustomerConnect mailing list