Security Auditor's Research Assistant (SARA) Version
ARC

SARA Home

SARA Search

Data Management

Target selection

Data Analysis

Configuration Mgt

Documents/CVE

Troubleshooting

SARA Tests by CVE (version )

SARA vulnerability tests address the vast majority of the Common Vulnerabilities and Exposures that (a) can be tested remotely and (b) do not cause a denial of service. Below is the current list:

     CVE No.   
           Description        
        SARA Test       
CVE-2002-1056 Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. Registry Check
CVE-2002-1117 Veritas Backup Exec 8.5 and earlier requires that the RestrictAnonymous registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares. Null session test
CVE-2002-1123 Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the Hello overflow. MS SQL test
CVE-2002-1142 Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. overflow test
CVE-2002-1146 The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary (read buffer overflow), allowing remote attackers to cause a denial of service (crash). dns version check
CVE-2002-1219 Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). dns version check

CVE References

     CVE No.   
              References          
CVE-2002-1056BUGTRAQ:20020331 More Office XP Problems
BUGTRAQ:20020403 More Office XP problems (Version 2.0)
MS:MS02-021
BID:4397
XF:outlook-object-execute-script(8708)
CVE-2002-1123BUGTRAQ:20020806 SPIKE 2.5 and associated vulns
BUGTRAQ:20020807 MS SQL Server Hello Overflow NASL script
MS:MS02-056
BID:5411
XF:mssql-preauth-bo(9788)
CVE-2002-1142MS:MS02-065
VULNWATCH:20021120 Foundstone Advisory
MISC:http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337
CERT:CA-2002-33
CERT-VN:VU#542081
XF:mdac-rds-server-bo(10659)
BID:6214
CVE-2002-1146FREEBSD:FreeBSD-SA-02:42
MANDRAKE:MDKSA-2004:009
NETBSD:NetBSD-SA2002-015
REDHAT:RHSA-2002:197
REDHAT:RHSA-2002:258
REDHAT:RHSA-2003:022
REDHAT:RHSA-2003:212
CERT-VN:VU#738331
XF:dns-resolver-lib-read-bo(10295)
CONECTIVA:CLA-2002:535