Updated version of HFNetChk now available
From: Eric Schultze (eric.schultze@SHAVLIK.COM)
Date: 11/23/02
- Previous message: NGSSoftware Insight Security Research: "Mulitple Buffer Overflow conditions in RealPlayer/RealOne (#NISR22112002)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 22 Nov 2002 18:15:22 -0600 From: Eric Schultze <eric.schultze@SHAVLIK.COM> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
HFNetChk 3.86 has been updated to include detection information for MDAC
and related hotfixes, including MS02-065. (MS02-065 is a critical fix
that should be applied ASAP) 3.86 includes many features and
enhancements over the earlier 3.32 release.
HFNetChk 3.86 can be downloaded here:
http://hfnetchk.shavlik.com
HFNetChk Version 3.86
=====================
released November 20, 2002
- Changes since version 3.85
> Included MDAC as a supported product. HFNetChk will detect MDAC
versions 2.5 and above with all related MDAC Service Packs.
NOTE: In some cases, MDAC SPs only ship as part of an Operating
System Service Pack. MDAC 2.5 SP3 and MDAC 2.7 SP1 are available from
Windows 2000 SP3 and Windows XP SP1 respectively.
HFNetChk Version 3.83
=====================
released September 18, 2002
This release of HFNetChk introduces new features and corrects several
known issues.
Please report all feedback to Shavlik Technologies via the HFNetChk
newsgroup at news://news.shavlik.com or http://news.shavlik.com.
Support is available via http://hfnetchk.shavlik.com/support
- New features since version 3.32
> NT4 Terminal Server support.
> Windows Media Player support.
> Exchange Server 5.5 and 2000 support.
> File version information is displayed in -v(erbose) mode for
'Patch NOT Found' and 'Warning' messages.
> 'Patch NOT Found' messages now differentiate between file versions
equal to expected, file version less than expected, and checksums not
equal to expected.
> HFNetChk version information, scan date, and XML file version
information is displayed in output. (Available in default wrap output
only.)
> Enhanced error messages - most error messages contain error code
IDs that are documented at
http://hfnetchk.shavlik.com/support/hfprodoc/hfprohelp.htm#Error_Message
s/HFNetChkPro_Scanner_Error_Messages.htm.
> Significantly improved host scan performance.
> Scanning by IP range is now faster and more robust.
> Identification of non-existent machines/firewalled machines (drop)
and machines that are alive but not listening on tcp ports 139/445
(reset).
> NetBIOS name resolution is no longer required when scanning by IP
address.
> Enhanced detection for machines running inetinfo but not W3SVC.
> History will display explicitly installed and non-superseded
missing patches. -history does not require any parameters. Any supplied
parameters (-history 1, -history 2, etc) will be ignored.
- New switches:
> -fq <filename> switch, where filename is a list of the qnumbers
(sqnumber from xml file) for which you'd like to suppress output.
> -trace switch creates a debug log to assist with troubleshooting.
(hf.log in local directory) -trace must be the first switch specified in
command line syntax.
> -sum switch will force a checksum scan when scanning a non-English
language system. Use only if you have a custom XML file with
language-specific checksums.
> -proxy support for networks where outbound proxy authentication is
required.
> -o xml and -o xml2 create simple and detailed XML output.
> -vv very verbose output option displays bulletin title, bulletin
URL, and bulletin summary.
> -ver switch checks to see if you're running the latest available
version of HFNetChk. Version data is obtained (via signed cab file or
SSL) from xml.shavlik.com. For privacy purposes, data on web traffic to
this site is not maintained other than to gauge overall bandwidth and
server performance.
- Fixes:
> Corrected a bug where the incorrect SQL Server SP version was
being displayed if certain SQL hotfixes had been applied.
> Corrected regression where -x flag with http:// location was not
working.
> Corrected a bug where proper error messages were not being
returned if the remote machine's %systemroot% had been unshared.
> Workstation service is no longer required on the remote machine
being scanned.
> Enhanced domain resolution and scanning.
> Leading and trailing spaces in file inputs are removed and blank
lines are ignored.
> mssecure.cab file is now downloaded to the current working
directory and not to the user's temp directory.
> Now able to scan local Windows XP Home Edition systems.
HFNetChk Version 3.84
=====================
released October 28, 2002
- Changes since version 3.83
> XML file is now obtained from http://xml.shavlik.com/mssecure.cab.
> Use -ms switch to override and obtain XML file from Microsoft.
HFNetChk Version 3.85
=====================
released November 7, 2002
- Changes since version 3.84
> -z switch has been removed. Default behavior is to ignore registry
keys during scans. Registry keys are only used to assist in determining
patch installation (with -history), and to identify 'missing' patches if
the patch entry contains only registry keys and no file changes
(example: patch entry in Shavlik's MSSecure.xml file for MS02-052 MS JVM
patch). -z switch will be ignored if passed to the hfnetchk executable.
Additional features such as scanning for ISA Server or Office patches
are being considered for a future release of HFNetChk and are not
included in this release.
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by TruSecure Corporation
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Demonstrate your knowledge and understanding of core IT Security, become
TICSA certified.
Are you responsible for IT security in job function, but not necessarily
in title? Do you want to prove your IT security knowledge and increase
opportunities? Interested? Visit;
http://www.trusecure.com/solutions/certifications/ticsa/
for more information.
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Next message: GreyMagic Software: "Re: MS02-066 - fixes, gaps and incorrect statements"
- Previous message: NGSSoftware Insight Security Research: "Mulitple Buffer Overflow conditions in RealPlayer/RealOne (#NISR22112002)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
