A Sunbelt Network Security Inspector legújabb frissítései a szokásos Office, Windows és Linux sebezhetőségek mellett olyan népszerű blogmotorok és webes alkalmazások, mint a Wordpress, a Horde keretrendszer és a phpmyadmin MySQL felhasználói felület biztonsági réseit is tartalmazzák. A sebezhetőségek között továbbra is megtalálhatók a Mitre Common Vulnerabilities and Exposures (CVE) lista, az FBI/SANS lista, a CERT, CIAC Microsoft és FedCIRC (Department of Homeland Security) legújabb biztonsági figyelmeztetései.
Ha még nem ismeri az SNSI-t, töltsön le a termék honlapjáról egy ingyenes próbaváltozatot, ami rögtön megállapítja, hogy számítógépe hány befoltozatlan, távolról kihasználható bizonsági rést tartalmaz!
Az adatbázisba bekerült új és frissített sebezhetőségek:
W3288 Microsoft Office Could Allow Remote Code Execution - Office 2003
W3287 Microsoft Office Could Allow Remote Code Execution - Office 2002/XP
W3286 Microsoft Office Could Allow Remote Code Execution - Office 2000
W3285 MS-Office Publisher 2003 Could Allow Remote Code Execution
W3284 MS-Office Publisher XP/2002 Could Allow Remote Code Execution
W3283 MS-Office Publisher 2000 Could Allow Remote Code Execution
W3282 Microsoft Works File Converter Could Allow Remote Code Execution
W3280 Cumulative Security Update for Internet Explorer - W2K, XP, W2K3
W3279 Microsoft Word Viewer Could Allow Remote Code Execution - W2K, XP, W2K3
W3278 Microsoft Word 2003 Could Allow Remote Code Execution - W2K, XP, W2K3
W3277 Microsoft Word XP Could Allow Remote Code Execution
W3276 Microsoft Word 2000 Could Allow Remote Code Execution
W3275 OLE Automation Could Allow Remote Code Execution - VB 6
W3048 SeaMonkey Multiple Vulnerabilities
W2992 Java Runtime Environment 1.5 latest not installed
W2559 Firefox multiple vulnerabilities
S0453 Mozilla 1.7 browser, mail client JavaScript - Solaris 8 - 10
S0546 USB Mouse STREAMS driver may induce panic - Solaris 9-10
M0054 Firefox multiple vulnerabilities - Mac OS X
L0444 LibTorrent bdecode_recursive stack exhaustion flaw - FC
L0445 SDL_image LWZReadByte error - FC
L0446 KDEbase password bypass & local DoS errors - FC
L0449 Deluge bdecode_recursive stack exhaustion flaw - FC
L0450 OpenLDAP BDB slapd NOOP modify error - FC
L0451 Gnumeric XLS HLINK stack corruption error - FC
L0452 TCL/TK animated GIF image error - FC
L0453 Perl-Tk ReadImage GIF vulnerability - FC
W3296 Excel Could Allow Remote Code Execution. W2K, XP, W2K3
W3297 Excel Could Allow Remote Code Execution. W2K, XP, W2K3
W3302 Outlook Could Allow Remote Code Execution. W2K, XP, W2K3
W3303 Outlook Could Allow Remote Code Execution. W2K, XP, W2K3
W3311 Office Web Components Could Allow Remote Code Execution
W3312 Office Web Components Could Allow Remote Code Execution
W3313 Office Web Components Could Allow Remote Code Execution
L0483 Xine-lib array index demux_audio error - FC
L0484 Duplicity FTP password on command line - FC
L0485 Wordpress XML-RPC remote edit error - FC
L0486 Moin directory traversal dot dot flaw - FC
L0487 Glib2 PCRE codepoint 255 overflow error - FC
L0489 Openldap slapd/back-bdb/modrdn flaw - FC
L0490 Mailman HTML template info attribute injection error - FC
L0491 HTTPD Multiple security vulnerabilities - FC
L0492 Scponly -F -o and subcommand bypass error - FC
L0494 PCRE codepoint 255 overflow error - FC
L0495 CUPS process_browse_data double free flaw - FC
W3258 CA BrightStor ARCServe Backup ListCtrl.ocx ActiveX Control Vulnerability
M0139 Security Update 2008-002 - Mac OS X 10.4
L0528 DNSSEC-Tools libval APEX trust flaw - FC
L0530 KVM disk block access range break-out error - FC
L0531 Qemu disk block access range break-out error - FC
L0532 Horde Turba2 IMP and Webmail validation errors - FC
L0533 Turba2 Horde IMP and Webmail validation errors - FC
L0534 IMP Turba2 Horde and Webmail validation errors - FC
L0535 Dbus daemon security policy error - FC
L0536 Xen Qemu disk block access range break-out error - FC
L0537 PhpMyAdmin $_REQUEST access error - FC
L0540 GhostScript zseticcspace function flaw - FC
L0542 ViewVC multiple file query flaws - FC
L0543 Evolution emf_multipart_encrypted flaw - FC
L0544 SynCE packages shell metacharacter and vdccm flaws - FC
L0545 MediaWiki api.php and BotQuery flaws - FC
L0546 NX Xserver byte swapping and memory errors - FC
L0547 Lighttpd calculate descriptor & CGI source send flaws - FC
L0549 Libtirpc svcauth_gss RPC long string kadmind error - FC
L0550 Kronolith Horde Turba2 IMP and Webmail validation errors - FC
L0552 Ruby WEBrick encoded backslash flaw - FC
L0553 Dovecot mail_extra_groups & login errors - FC
L0554 Roundup property permissions error - FC
L0555 Boost invalid regex errors - FC
L0560 OpenLDAP objectClasses and slapo-pcache error - MDV
Frissített biztonsági rések
L1525 Mozilla Firefox multiple vulnerabilities - RHE
L1529 Seamonkey multiple vulnerabilities - RHE
H0181 OpenView Operations Java GUI vulnerabilities - HP-UX 11
H0135 OpenView Operations/VantagePoint JRE vulnerability
M0048 QuickTime Player RTSP response message-reason phase - Mac OS X
S0441 Java 1.5 applet handling - Solaris
S0539 PostgreSQL 8.1/8.2 multiple vulnerabilities - Solaris 10
W1142, W1986, W1999, W2067 Anti-Virus Signatures
W2493 Microsoft Malware Removal Tool
W2692 QuickTime RTSP response message-reason phase Vulnerability
W2493 Microsoft Windows Malicious Software Tool Not Updated
W1142, W1986, W1999, W2067 Anti-Virus Signatures
H0156 Usermod incorrect access validation - HP-UX 11
H0163 ARPA Transport Vulnerability - HP-UX 11
H0166 OV Data Storage Protector vulnerabilities - HP-UX 11
H0173 World Time Zones update - HP-UX 11
W1142, W1986, W1999, W2067 Anti-Virus Signatures
L1519 Thunderbird multiple vulnerabilities - FC
Az SNSI adatbázis frissítés minden felhasználónak ingyenes és automatikusan megtörténik.
Bővebb információ: SNSI hálózati sebezhetőség vizsgáló honlapja