Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
619 Views 1 Reply Latest reply: Nov 5, 2013 2:52 PM by devilson911 RSS
dsardina Newcomer 1 posts since
May 22, 2013
Currently Being Moderated

May 22, 2013 2:18 PM

Effective Database Scanning with results

Hello:

 

I'd  like to use the MVM (Foundstone) to check for vulnerabilities in databases like Oracle and MS SQL Server.

 

I ran a scan against a Windows 2012 SQL server and a SUN Oracle 8 server, it did not give me the results I was hoping for.

 

Results example for the Windows 2012 SQL Server

 

Vulnerability Name
Microsoft Unauthorized Digital Certificates Could Allow Spoofing (2728973)
Microsoft TURKTRUST.Inc Fraudulen Certificates Spoofing (2798897)
(MS13-036) Microsoft Windows Kernel NTFS Pointer Dereference Privilege Escalation (2829996)
(MS13-036) Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)
(MS13-036) Microsoft Windows Kernel Race Condition I Privilege Escalation (2829996)
(MS13-036) Microsoft Windows Kernel Race Condition II Privilege Escalation (2829996)

 

Results example for the SUN Oracle 8 server.

 

Vulnerability Name
Sendmail Multi-Part MIME Message Handling Denial of Service
Sendmail check_relay Access Bypassing Vulnerability
Message Transfer Agent Open Mail Relaying Allowed

 

I see it is showing the normal Vulnerability information pertaining to the operating system, but I do not see any "database related" results or "checks".

 

Example:

 

Scanning 1.2.3.4

SUN OS found. Oracle 8 Detected.

 

 

Is it possible to check and see what the scanner is actually scanning for? [Ex: blank SA passwords, etc.], or is there a list of database vulnerabilities this scanner checks for?

 

The second part of the question is, what is the best setting to use for database vulnerability scanning?

I'd like my results to show what the scanner was checking for and the results of that check.

 

Example:

 

Scanner Results from scan 1.2.3.4

  

Blank SA Passwords   None Found

SQL Injections               None Found

 

Is it possible to get results like the one above?

 

 

Thanks in advance.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points