N-Stalker has made available the latest database update for its Web Application Security Assessment Products. Following the support life-cycle, we are still distributing updates for previous version.

You will be able to download it automatically in the following versions:

• N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
• WSI Update (N-Stalker Update Manager)
• N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

• Microsoft .NET Framework 2.0 Request Filtering Bypass Vulnerability
• Zwahlens Online Shop 5.2.2 Cat Parameter Cross-Site Scripting Vulnerability
• Mailman 2.1.8 Findmember Parameter Input Validation Vulnerability
• Mailman 2.1.8 Html_Code Parameter Input Validation Vulnerability
• Uber Project Document Management System 1.0 Secure.PHP Remote File Include Vulnerability
• ArticleBeach Script 2.0 Index.PHP Remote File Include Vulnerability
• Mod_Perl 1.29/2.0.3 Path_Info Remote Denial Of Service Vulnerability
• Apache HTTP Server Tomcat 6.0.9/5.5.22 Directory Traversal Vulnerability
• Apache Tomcat Mod_JK.SO 1.2.20 Arbitrary Code Execution Vulnerability
• Apache Tomcat Mod_JK.SO 1.2.20 Arbitrary Code Execution Vulnerability
• Unauthorized access to JBoss application server management functionality
• ImageView 5 Index.PHP Remote File Include Vulnerability
• CMS Faethon 1.3.2 Rss-Reader.PHP Remote File Include Vulnerabilities
• CMS Faethon 1.3.2 Config.PHP Remote File Include Vulnerabilities
• WikiNi 0.4.3 Wakka.PHP Multiple HTML-Injection Vulnerabilities
• Comment IT 0.2 Class_Comments.PHP Remote File Include Vulnerability
• Comment IT 0.2 Class_Admin.PHP Remote File Include Vulnerability
• PacPoll 4.0 Check.ASP Multiple SQL Injection Vulnerabilities
• Multi-Page Comment System 1.0 Functions.PHP Remote File Include Vulnerability
• Multi-Page Comment System 1.0 Include.PHP Remote File Include Vulnerability
• EPNadmin 0.7 Constantes.Inc.PHP Remote Code Execution Vulnerability
• GestArt beta1 Aide.PHP Remote File Include Vulnerability
• Hosting Controller 6.1.0 DisableForum.ASP SQL Injection Vulnerabilit
• Hosting Controller 6.1.0 EnableForum.ASP SQL Injection Vulnerabilit
• MAXdev MD-Pro 1.0.76 User.PHP Cross-Site Scripting Vulnerability
• Ask Rave 0.9 PR End.PHP Remote File Include Vulnerability
• MiniBill 1.23 Menu_Builder.PHP Remote File Include Vulnerability
• Unisor CMS Login.ASP USER SQL Injection Vulnerability
• Unisor CMS Login.ASP PASS SQL Injection Vulnerability
• Extended Registration 4.1 Component mosConfig_absolute_path Multiple Remote File Include Vulnerabilities