|
ASAP Update - 11 December 2007
ENHANCEMENTS IN THIS ASAP UPDATE INCLUDE:
Product: DbProtect Vulnerability Assessment Scan Engine (AppDetective)
Oracle
- Critical Patch Update – October 2007
Examines if the database contains vulnerabilities fixed by CPU – October 2007
Risk: High
- Privilege escalation via libraries and executables with bad permissions
Examines for privilege escalation vulnerability within the system
Risk: Medium
- OLAP clear-text user and password saved in registry
Examines for clear-text credentials presence within OLAP’s registry entries
Risk: Medium
MySQL
- Malformed password packed DoS
Examines if the database is subject to a DoS via a malformed password packet
Risk: Medium
- Privilege elevation on external table via table view
Examines the database to verify if the vulnerability Privilege Elevation on external table via table view exists
Risk: Medium
- Security bypass and information disclosure
Examines if the database is subject to the Security Bypass and Information Disclosure
Risk: Low
|
