Application Security, Inc.
home client login partner login online store contact us
search:
Solutions Products Partners Support News & Events About Us

Security Updates - ASAP™ Updates
(Application Security Automatic Protection)

ASAP Update - 04 September 2007

ENHANCEMENTS IN THIS ASAP UPDATE INCLUDE:

Product: DbProtect Vulnerability Assessment Scan Engine (AppDetective)

Oracle

  • Critical Patch Update - July 2007 (verify version):
    Check version to determine if the database contains vulnerabilities fixed by critical Patch Update - July 2007.
    Risk: High

MySQL

  • mysql_real_connect Denial of Service and Potential Remote Buffer Overflow Vulnerability
    Check version to determine if the database is vulnerable to this DoS and buffer overflow.
    Risk: High

  • COM_TABLE_DUMP information disclosure and buffer overflow vulnerability
    Check version to determine if the database is vulnerable to this buffer overflow.
    Risk: High

  • Authentication bypass and buffer overflow
    Check version to determine if the database is vulnerable to this buffer overflow.
    Risk: High

  • MYSQLD_Multi Insecure Temporary File Creation Vulnerability
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Medium

  • Single Row SubSelect Remote Denial Of Service Vulnerability
    Check version to determine if the database is vulnerable to this DoS.
    Risk: Medium

  • IF Query Handling Remote Denial Of Service Vulnerability
    Check version to determine if the database is vulnerable to this DoS.
    Risk: Medium

  • MySQL Rename Table Function Access Validation Vulnerability
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Medium

  • MySQL SECURITY INVOKER Privilege Escalation Vulnerability
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Medium

  • Str_To_Date Remote Denial Of Service Vulnerability
    Check version to determine if the database is vulnerable to this DoS.
    Risk: Medium

  • Date_Format Denial Of Service Vulnerability
    Check version to determine if the database is vulnerable to this DoS.
    Risk: Medium

  • Database Creation Security Bypass
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Medium

  • GRANT EXECUTE privilege escalation
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Medium

  • Aborted Bug Report Insecure Temporary File Creation Vulnerability
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Medium

  • Privilege escalation in mysqlaccess script
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Low

  • Alter Table Function Information Disclosure Vulnerability
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Low

  • Priv escalation in ALTER TABLE
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Low

  • MERGE Privilege Revoke Bypass Vulnerability
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Low

  • Login packet information disclosure
    Check version to determine if the database is vulnerable to this exploit.
    Risk: Low

Extended Platform Support
  • Added MySQL 5.1 and 5.0 support
 
Contact Us | Privacy | Sitemap | Legal
sales@appsecinc.com | support@appsecinc.com 		Call us toll free at: 1-866-927-7732 | FAX: 1-212-947-8788
. Application Security, Inc. All Rights Reserved