|
AppDetective™ Update 5.1.3 - 10 November 2005
ENHANCEMENTS
Oracle - NEW CHECKS
- Critical Patch Update - October 2005
Examines if the database contains vulnerabilities described by Critical Patch Update - October 2005
Risk Level - High
- SQL injection in VALIDATE_STMT
Examines if the database is vulnerable to SQL injection in VALIDATE_STMT
Risk Level - High
- SQL injections in WKSYS owned procs
Examines if the database is vulnerable to SQL injections in WKSYS owned procs
Risk Level - High
- SYS_CONTEXT buffer overflow
Examines if the database is vulnerable to SYS_CONTEXT buffer overflow
Risk Level - High
- Wrapped proc buffer overflow
Examines if the database is vulnerable to Wrapped proc buffer overflow
Risk Level - High
- iSQL*Plus service buffer overflow
Examines if the database is vulnerable to iSQL*Plus service buffer overflow
Risk Level - High
- MD2 procs buffer overflow
Examines if the database is vulnerable to MD2 procs buffer overflow
Risk Level - High
- Import package buffer overflow
Examines if the database is vulnerable to import package buffer overflow
Risk Level - Medium
- SQL injections in report ext package
Examines if the database is vulnerable to SQL injections in report ext package
Risk Level - Medium
IBM DB2 - NEW CHECKS
- Multiple DoS vulnerabilities
Examines if the database is vulnerable to multiple DoS vulnerabilities
Risk Level - Medium
SECURITY AUDITING
- Test Connection - Added test database connection functionality which allows users to validate username and password prior to running a Security Audit
REPORTS
- Added the hostname coupled with the IP address on all reports
Return to ASAP™ Updates Listing
|
