TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
Hi, How download the xpu 4.6???????
X-press Update application not found anything.
[EMAIL PROTECTED] writes:
>
>TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
>to
>[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
>problems!
>----------------------------------------------------------------------------
>
>Internet Scanner 6.1
>X-Press Update 4.6
>January 4, 2001
>
>SUMMARY
>X-Press Update 4.6 for Internet Scanner 6.1 is now
>available for download. Internet Scanner XPU 4.6 is
>an X-Force update that delivers 43 new vulnerability
>checks, including a check for IrixTelnetdSyslogFormat
>and network sniffer checks, as well as 9 check fixes
>for SMTP checks.
>
>This XPU is available at:
>
> https://www.iss.net/update/InternetScanner
>
>The Internet Scanner User Guide and online Help contain
>instructions for installing X-Press Updates manually or
>with the automated XPU Installer.
>________________________________________________________
>NEW VULNERABILITY CHECKS
>This X-Press Update delivers checks for a wide range of
>important vulnerabilities, from backdoors to imformation
>gathering weaknesses, on an assortment of platforms. New
>vulnerability checks in this X-Press Update are listed
>below by category.
>
>Risk VulnID Check Name
>==== ====== ==========
>
>+Backdoors+
>High 5389 BackdoorEventHorizon
>High 5329 BackdoorHostControl
>High 5086 BackdoorQaz
>High 5362 BackdoorRemoteStorm
>High 5356 BackdoorSnidx2
>High 4789 BackdoorSwift
>High 3149 BackdoorUnexplained10
>High 2245 SubsevenBackdoor
>High 4092 WinwhatwhereInvestigator
>Low 1208 CarbonCopy32 Installed
>
>+CGI-Bin vulnerabilities+
>High 4546 PdgsoftChangepwBo
>
>+Daemon vulnerabilities+
>High 5092 IrixTelnetdSyslogFormat
>High 3688 SolSadmindAmslverifyBo
>Low 3455 BftelnetUsernameDos
>
>+DNS vulnerabilities+
>Medium 3675 NtMsDnsCachepollution
>
>+E-Mail vulnerabilities+
>High 3677 QpopperAuthBo
>High 428 Sendmail 8.7.5 Buffer Overflow
>High 3522 SmartserverPop3Bo
>High 3465 ViruswallHeloBo
>Medium 3807 NavPopUser
>Medium 1720 SLmailHeloOverflow
>Medium 3302 Smartserver3SmtpBo
>Medium 1617 Vintra mail server dos
>Medium 3488 XtramailPassDos
>
>+Firewall vulnerabilities+
>Medium 5218 WatchguardSohoWebDos
>
>+FTP vulnerabilities+
>Medium 3482 BrokerUserDos
>Medium 3491 QvttermLoginDos
>
>+Information Gathering vulnerabilities+
>Low 3965 NtChroniclePresent
>Low 3966 NtCiscoscannerPresent
>Low 3969 NtHypertracePresent
>Low 3972 NtMwcRedButtonScanPresent
>Low 3981 WinShadowScanPresent
>
>+NT Critical Issues+
>High 4603 NtAutoShareServer
>Medium 3653 NtMsDhcpLog
>Low 3949 MssqlAgentStoredPw
>
>+NT Password Policy+
>High 4141 NtUnencryptedPwdSmb
>
>+NT Patches+
>High 5399 NetworkMonitorBo
>
>+Network Sniffers+
>Low 3968 NtHoppaAnalyzerPresent
>Low 3971 NtLookoutPresent
>Low 3975 NtNtSniffPresent
>Low 3979 NtSpynetPresent
>
>+Web Scan vulnerabilities+
>Medium 925 8.3 File Creation
>Low 4558 IisStandaloneServer
>
>Descriptions for each of these new checks can
>be found in the documentation that is downloaded
>with the XPU.
>__________________________________________________
>UPDATED CHECKS
>The following checks are also updated by Internet
>Scanner XPU 4.6:
>
>SmtpDebug
>SmtpDecode
>SmtpExpn
>SmtpVrfy
>SmtpWizard
>SendmailAliasDos
>SendmailDaemonMode
>Sendmail875BO
>SmtpExpnBo
>SmtpHeloBo
>SmtpForgery
>SmtpRcpt
>SmtpVrfyBo
>____________________________________________________
>FIXED ISSUES
>Internet Scanner XPU 4.6 includes a fix for the
>following issue:
>
>Export issues in Executive Vulnerability reports:
>In some earlier versions, exporting an Executive
>Vulnerability report that did not contain any
>vulnerabilites resulted in an exception. All Executive
>reports have been updated to correct this issue.
>_____________________________________________________
>KNOWN ISSUES
>
>Possible False positives on SMTP EXPN:
>It is possible to get some false positives on the SMTP
>EXPN check. According to the RFC (821) it is considered
>acceptable for a server to respond with a 250 (success)
>or 550 (failure) when the server supports the EXPN command.
>For example, some of the servers return "550 EXPN command
>not available", meaning the command is not supported and
>the machine is not vulnerable, while "550 That is a
>mailing list, not a user" would be a failure code, but
>not an indication of an error and the machine would be
>vulnerable. If you suspect that you have a false positive
>check your log file for the response from the server.
>
>
>
Pedro Fern�ndez A.
Orion 2000 S.A.
Servicios Profesionales en Seguridad Inform�tica
Fono : 56-2-6403942 / Fax : 56-2-6403990
mailto:[EMAIL PROTECTED]
http://www.orion.cl
