I'd like to use the MVM (Foundstone) to check for vulnerabilities in databases like Oracle and MS SQL Server.
I ran a scan against a Windows 2012 SQL server and a SUN Oracle 8 server, it did not give me the results I was hoping for.
Results example for the Windows 2012 SQL Server
|Microsoft Unauthorized Digital Certificates Could Allow Spoofing (2728973)|
|Microsoft TURKTRUST.Inc Fraudulen Certificates Spoofing (2798897)|
|(MS13-036) Microsoft Windows Kernel NTFS Pointer Dereference Privilege Escalation (2829996)|
|(MS13-036) Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)|
|(MS13-036) Microsoft Windows Kernel Race Condition I Privilege Escalation (2829996)|
|(MS13-036) Microsoft Windows Kernel Race Condition II Privilege Escalation (2829996)|
Results example for the SUN Oracle 8 server.
|Sendmail Multi-Part MIME Message Handling Denial of Service|
|Sendmail check_relay Access Bypassing Vulnerability|
|Message Transfer Agent Open Mail Relaying Allowed|
I see it is showing the normal Vulnerability information pertaining to the operating system, but I do not see any "database related" results or "checks".
SUN OS found. Oracle 8 Detected.
Is it possible to check and see what the scanner is actually scanning for? [Ex: blank SA passwords, etc.], or is there a list of database vulnerabilities this scanner checks for?
The second part of the question is, what is the best setting to use for database vulnerability scanning?
I'd like my results to show what the scanner was checking for and the results of that check.
Scanner Results from scan 18.104.22.168
Blank SA Passwords None Found
SQL Injections None Found
Is it possible to get results like the one above?
Thanks in advance.