Thundarr
10-12-2004, 05:42 PM
12.10.2004 / SANS Institute:
Top 2004 Vulnerabilities List
Web servers and services and the BIND Domain Name Systems were named the most critical Internet threats facing companies.
The SANS Institute’s fifth annual Top-20 report, which for the first time was launched in Europe, (London), was conducted by security researchers at government security agencies including GCHQ, CSIA, NISCC, US NSA, Canada’s RCMP as well as security experts from companies such as Microsoft, Symantec, Qualys and ISS. In prior years, the US White House and FBI hosted the annual announcements.
The top 10 vulnerabilities to Windows Systems are Web servers and services; Workstation service; Windows Remote Access Services; Microsoft SQL Server; Windows Authentication; Web Browsers; File Sharing Applications, LSAS Exposures; Mail Client and Instant Messaging.
Under its Top 10 vulnerabilities to Unix Systems, it ranks BIND Domain Name System as No. 1, followed by Web Server; Authentication; Version Control Systems; Mail Transport Service; Simple Network Management Protocol (SNMP); Open SecureSockets Layer (SSL); Misconfiguration of Enterprise Services (NIS/NFS); Databases and Kernel.
While MSSQL and Windows Authentication usually make the list, IM and Mail Client were new to the list. “The SANS Top 20 highlights the core threats that security specialists need to address and helps systems managers take action to combat the threat,” Hazel Blears, the Minister of State for the UK’s Home Office said in a statement.
Source: EDITTECH INTERNATIONAL
Top 2004 Vulnerabilities List
Web servers and services and the BIND Domain Name Systems were named the most critical Internet threats facing companies.
The SANS Institute’s fifth annual Top-20 report, which for the first time was launched in Europe, (London), was conducted by security researchers at government security agencies including GCHQ, CSIA, NISCC, US NSA, Canada’s RCMP as well as security experts from companies such as Microsoft, Symantec, Qualys and ISS. In prior years, the US White House and FBI hosted the annual announcements.
The top 10 vulnerabilities to Windows Systems are Web servers and services; Workstation service; Windows Remote Access Services; Microsoft SQL Server; Windows Authentication; Web Browsers; File Sharing Applications, LSAS Exposures; Mail Client and Instant Messaging.
Under its Top 10 vulnerabilities to Unix Systems, it ranks BIND Domain Name System as No. 1, followed by Web Server; Authentication; Version Control Systems; Mail Transport Service; Simple Network Management Protocol (SNMP); Open SecureSockets Layer (SSL); Misconfiguration of Enterprise Services (NIS/NFS); Databases and Kernel.
While MSSQL and Windows Authentication usually make the list, IM and Mail Client were new to the list. “The SANS Top 20 highlights the core threats that security specialists need to address and helps systems managers take action to combat the threat,” Hazel Blears, the Minister of State for the UK’s Home Office said in a statement.
Source: EDITTECH INTERNATIONAL