|
AppDetective™ Update 5.2.2 - 27 September 2006
ENHANCEMENTS
Oracle - UPDATED CHECKS
- NEW! Critical Patch Update – July 2006
Examines if the database contains vulnerabilities described by Critical Patch Update – July 2006
Risk Level – High
- NEW! DBMS_ASSERT package bypass
Examines if the database is vulnerable to DBMS_ASSERT package bypass
Risk Level – High
- UPDATED: Export xproc SQL injection
Updated to examine for Oracle CPU July 2006, where vulnerability is now patched
Risk Level – High
- UPDATED: Latest patchset not applied
Updated to examine for latest patchset
Risk Level – High
- UPDATED: Default Oracle SIDs
Updated discovery to examine for additional default SIDs
- ADDED to Audit Policies: Listener Password not enabled
Examines if a password has been properly set for the listener service
Risk Level – High
- ADDED to Audit Policies: ADMIN_RESTRICTIONS flag not set
Examines if the ADMIN_RESTRICTIONS flag has been set
Risk Level – High
IBM DB2 UDB - UPDATED CHECKS
- NEW! Multiple DoS vulnerabilities - II
Examines if the database is vulnerable to multiple DoS vulnerabilities
Risk Level – Medium
- NEW! Multiple DoS vulnerabilities - III
Examines if the database is vulnerable to multiple DoS vulnerabilities
Risk Level – Medium
Read more from Team SHATTER Advisory
- UPDATED: Latest FixPak not installed
Updated to examine for latest FixPak
Risk Level – High
- UPDATED: Auditing buffer size
Updated to allow for the maximum auditing buffer size to be set to 0
Risk Level – Medium
Sybase - UPDATED CHECKS
- UPDATED: Latest patch not applied
Updated to examine for latest patch applied
Risk Level – High
Skybox View 3.0 Security Risk Management Integration
- NEW! Scanning results are incorporated into the Skybox View model
Read more on Skybox View Integration
|
