 Hotfixes
    o Adding ssh, imap, pop3 login tests
    o Added additional tests for mysql
    o Fixed code flaw in ftp_scan.c
    o Improved performance of smb.sara

 15 June 2004 (SARA 5.0.6)
    o Added a Oracle component (issues in the past prevented testing on port 1521)
    o Updated test for unpatched MSSQL 2000 servers (Cert CA-2002-22)
    o Corrected problem with -F option and reportwriter
    o Added test for lsaenumsids in smb.sara (yield user names under null sessions)
    o Tweaked test for TNG in reconfig

 17 May 2004 (SARA 5.0.5)
    o Corrected problem with http.sara5
    o Increased scanning time-outs for slow customer networks
    o Corrected version number

  2 May 2004 (SARA 5.0.4)
    o Updated snmp to increase communities and improve OS fingerprinting 
    o Added test for LSASS vulnerability (CAN-2003-0533)

 25 March 2004 (SARA 5.0.3)
    o Fixed minor formatting problems in xml.pl
    o Added test for jetdirect null password (telnet)
    o Testing posibility of APC default password
    o Testing for Polycom password disclosure
    o Added new typing to hosttypes (Enterasys, Polycom, Delmonte)
    o Fixed problem with getfqdn.pl on dumping hosts (with dns misconfiguration).
    o Added definitive test for MSSQL SA open password

 19 February (SARA 5.0.2)
    o added encoding/decoding feature to stop virus checkers from 
      incorrecly labelling msadc.pl as virus.
    o Added basic test for MyDoom worm backdoor
    o Fixed sss.pl (changed sense of -r)
    o Fixed Green/Gray summary problem when all services were green
    o Inproved domain login support for smb.sara

 15 January 2004 (SARA 5.0.1)
    o Added additional security to html.pl
    o Clarified that there is no 'make install'
    o Fixed dscan.c to eliminate the '//' comment (problem with some cc's)
    o Again builds under MAC OS/X
    o Added rules/drop for EPSON printers for writable directories
    o Tweaked htm.cf for appendix references
    o Fixed telnet.sara to further reduce false positives
    o Updated ssl test to address SSL vulnerabilites below 0.9.6j and 7c.
    o Added stealth standalone password guesser (smb-sspg.sara)
    o Cleaned up CVE lookup.


<< See entries under CHANGES.OLD for previous changes >>
