1 Reply Latest reply: Nov 5, 2013 2:52 PM by devilson911 RSS

    Effective Database Scanning with results

    dsardina

      Hello:

       

      I'd  like to use the MVM (Foundstone) to check for vulnerabilities in databases like Oracle and MS SQL Server.

       

      I ran a scan against a Windows 2012 SQL server and a SUN Oracle 8 server, it did not give me the results I was hoping for.

       

      Results example for the Windows 2012 SQL Server

       

      Vulnerability Name
      Microsoft Unauthorized Digital Certificates Could Allow Spoofing (2728973)
      Microsoft TURKTRUST.Inc Fraudulen Certificates Spoofing (2798897)
      (MS13-036) Microsoft Windows Kernel NTFS Pointer Dereference Privilege Escalation (2829996)
      (MS13-036) Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)
      (MS13-036) Microsoft Windows Kernel Race Condition I Privilege Escalation (2829996)
      (MS13-036) Microsoft Windows Kernel Race Condition II Privilege Escalation (2829996)

       

      Results example for the SUN Oracle 8 server.

       

      Vulnerability Name
      Sendmail Multi-Part MIME Message Handling Denial of Service
      Sendmail check_relay Access Bypassing Vulnerability
      Message Transfer Agent Open Mail Relaying Allowed

       

      I see it is showing the normal Vulnerability information pertaining to the operating system, but I do not see any "database related" results or "checks".

       

      Example:

       

      Scanning 1.2.3.4

      SUN OS found. Oracle 8 Detected.

       

       

      Is it possible to check and see what the scanner is actually scanning for? [Ex: blank SA passwords, etc.], or is there a list of database vulnerabilities this scanner checks for?

       

      The second part of the question is, what is the best setting to use for database vulnerability scanning?

      I'd like my results to show what the scanner was checking for and the results of that check.

       

      Example:

       

      Scanner Results from scan 1.2.3.4

        

      Blank SA Passwords   None Found

      SQL Injections               None Found

       

      Is it possible to get results like the one above?

       

       

      Thanks in advance.