[Customerconnect] Internet Scanner XPU 6.23 Now Available!

From: ISS Customer Relations (bpq@iss.net)
Date: 12/16/02

Next message: Dudley, Brian (ISS Chicago): "RE: A question about ISS gigabit network sensor."

Previous message: ISS Customer Relations: "[Customerconnect] Service Release for BlackICE PC Protection (Formerly Defender) and BlackICE Server Protection is Now Available!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: customerconnect@iss.net
From: ISS Customer Relations <bpq@iss.net>
Date: Mon, 16 Dec 2002 17:57:50 -0500

Internet Scanner X-Press Update 6.23 is now available from the ISS Download
Center: <http://www.iss.net/download/>. Internet Scanner XPU 6.23
contains five new checks and improvements for multiple existing checks.

PROTECTION BENEFITS
· Application Protection. Checks in this XPU address security issues
in IIS web servers and Internet Explorer.

· Platform Protection. XPU 6.23 includes checks for issues in
multiple versions of the Microsoft Windows operating systems.

NEW CHECKS

The new checks in this XPU are listed below.

Risk VulnID Check Name Category
==== ====== ========== =========
High 10568* JrunLongUrlBo NT Critical Issues
High 10809* IeMs02068Patch NT Critical Issues
Medium 10579* MsvmJavaAppletRedirect NT Critical Issues
Medium 10760 RdsEnabled Web Scan
Low 10459* IeBypassCookieRestrictions NT Critical Issues

* Please note that these checks require administrative privileges on
scanned hosts.

IMPROVED CHECKS
· NbSmbPwl (VulnID: 71).
· Telnettabbo (VulnID: 7284)
· Filesgrabbed (Vuln ID: 45)
· DomainGuestNoPwdReq (VulnID: 1360)
· DomainUserNoPwdReq (VulnID: 1363)
· DomainAdminNoPwdReq (VulnID: 1356)
· UnknownNTService (Vuln ID: 185)
· SmtpOutdated (VulnID: 124)
· IeIncorrectSecurityZone (VulnID: 7258)
· HttpCgiWwwboard (VulnID: 2344)
· AdminUserPw (Vuln ID: 165)
· WritableNetBIOSshare (VulnID: 26)
· IisSamplesCodebrws (VulnID: 2383)
· AdminAccountBlankPW (VulnID: 10633)
· SmtpSyslog (VulnID: 129)
· GuestbookCheck (VulnID: 321)

VERSIONS/PLATFORMS

XPU 6.23 is for use with Internet Scanner version 6.2.1. Internet Scanner
6.2.1 is available on the ISS Download
Center: <http://www.iss.net/eval/eval.php>.

For more information on this release, please contact the following:

* For additional product information:
- Internet Scanner:
<http://www.iss.net/products_services/enterprise_protection/vulnerability_as
sessment/>
- X-Press Updates: <http://www.iss.net/db_data/xpu/IS.php>

* For sales and professional services information:
- sales@iss.net <mailto:sales@iss.net>
- 888-776-2362 (U.S. and Canada); +1-404-236-2600 (International)

* For support information, including ISS’ Technical Support Knowledgebase:
- Customer Support - <http://www.iss.net/support/enterprise/index.php>
- Technical Support Knowledgebase -
<http://www.iss.net/support/knowledgebase/>

_______________________________________________
CustomerConnect mailing list
CustomerConnect@iss.net

Next message: Dudley, Brian (ISS Chicago): "RE: A question about ISS gigabit network sensor."
Previous message: ISS Customer Relations: "[Customerconnect] Service Release for BlackICE PC Protection (Formerly Defender) and BlackICE Server Protection is Now Available!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]