WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
June 7, 2002
Symantec NetRecon 3.5 Security Update 9

Description

Download Security Update 9 Release Notes (PDF)

This security update can only be downloaded using the LiveUpdate feature of Symantec NetRecon 3.5.

SU9 enhancements include improved performance through granular objectives and three new checks.

Symantec NetRecon 3.5 SU9 provides three new checks for identifying an RPC server vulnerability, a missing Windows 2000 patch that fixes a packaging anomaly, and a vulnerability in ISC BIND 9 that allows a denial of service attack. In addition, NetRecon has added granular objectives that drastically increase performance.

New Vulnerability Checks

  • Malformed RPC request can cause service problems

    NetRecon can discover an RPC server vulnerability that allows denial of service attacks and could allow attackers to crash the server. Several of the RPC servers that are associated with Microsoft Exchange, SQL Server, Windows NT 4.0 and Windows 2000 services do not adequately validate inputs. In some cases, RPC servers accept invalid inputs that prevent normal processing. Specific input values vary from RPC server to RPC server, but an attacker can send malformed RPC packets to the system services to deny or crash the services.

  • Packaging anomaly could cause hotfixes to be removed

    NetRecon can discover a missing patch for a packaging anomaly that allows Windows 2000 post-SP1 hotfixes to be overwritten. Under certain circumstances, Windows 2000 post-Service Pack 1 (SP1) catalog file (Sp2.cat) may be incorrectly versioned. This causes it to replace a new version of Sp2.cat with an old one.

  • Denial of service in ISC BIND 9

    NetRecon can discover a vulnerable version of BIND that allows remote attackers to shut down BIND servers. An attacker sends a DNS packet that is designed to trigger an internal consistency check. This check fails to properly handle the request, causing BIND to shut down.


New Features and Enhancements

  • Granular objectives

    NetRecon has added several granular objectives to give users an ability to run certain commonly-used objectives individually, rather than as part of a full scan. This enhancement gives users the versatility to select specific objectives from the list. Because NetRecon runs only the necessary scans to obtain information regarding the selected objectives, rather than running a full scan, users quickly have the needed information.

    All objectives previously contained in the miscellaneous category, as well as certain objectives from the light, medium, and heavy scans, are part of the list of granular objectives. Those objectives from the light, medium, and heavy scans are still part of the full scans and they run when a full scan is selected. Granular objectives have parent and child objectives. Select a parent objective to run each of the child objectives, or select a child objective to run it individually. In the list of granular objectives, indented items are child objectives.

    • Discover NSF vulnerabilities
    • Use Windows networking
      • Use Windows networking to discover vulnerabilities
      • Obtain access to Windows network resources
    • Discover vulnerabilities of Netware network resources
    • Discover RPC services
    • Obtain maps from NFS servers
    • Discover SMB server vulnerabilities
    • Discover SMTP vulnerabilities
    • Discover FTP vulnerabilities
    • Discover IRC vulnerabilities
    • Discover HTTP vulnerabilities
    • Discover finger vulnerabilities
    • Discover BIND vulnerabilities
    • Discover Oracle database vulnerabilities
    • Trojans
      • Discover trojans and vulnerable services running on UDP ports
      • Discover trojans and vulnerable services running on TCP ports
    • SNMP vulnerabilities
      • Guess SNMP community names
      • Discover SNMP vulnerabilities
      • Discover SNMP vulnerabilities of identified SNMP agents
    • Discover network resources that are not running Enterprise Security Manager agents
    • Discover network resources that are not running Intruder Alert agents
    • All TCP services (full connect)
      • Discover all privileged TCP services (full connect)
      • Discover all non-privileged TCP services (full connect)
    • Discover select TCP services
    • Discover select TCP and UDP services (half open)
    • Discover all TCP and UDP services (half open)
    • Obtain banners from TCP services
    • Discover network resources that are running Norton AntiVirus Corporate Edition
    • Discover network resources that are not running Norton AntiVirus Corporate Edition
    • Enumerate resources
      • Identify network resources
      • Enumerate target network resources
      • Use ICMP protocol to scan network resources
      • Analyze resources to determine preliminary vulnerabilities

    Granular objectives cannot run simultaneously with full scans or other granular objectives.


Last modified on: Tuesday, 11-Jun-02 18:45:20
Site Map · Legal Notices · Privacy Policy · · Contact Us · Global Sites · License Agreements
©1995 - 2008 Symantec Corporation