Some of the machines on our network are currently configured with vulnerable
"run" key permissions . Before 17th March, the run key permissions were
showing up as holes in the nessus report. After the 17th March, the run key
permissions are not being reported.
A typical example of an offending run key permission in our environment is:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun
Power Users: Permissions set to read BUT in ADVANCED pane, permissions for
Power Users are set to SPECIAL, and specific values include:
Set Value: ALLOW
Create Subkey: ALLOW
Delete: ALLOW
Can you confirm that the latest plugin changes are still meant to report the
above run key permissions as a hole (as they did before March 17th) or is
this a bug in the latest changes made to the plugin?
I am running Redhat ES 4 with Nessus 2.2.3 and 2.2.4. The version of plugin
10396 is 1.5.
Thanks
Peter Heard
------------------------------------------------------------------------
PLEASE NOTE:
The entire content of this e-mail is for "information purposes" only
unless otherwise confirmed in writing by way of letter or facsimile."
------------------------------------------------------------------------
Peter Heard E-mail: peter@mda.ca
Electrical Engineer Phone: 1 (604) 231-2358 (direct)
MacDonald Dettwiler Phone: 1 (604) 278-3411 (operator)
13800 Commerce Parkway, Fax: 1 (604) 278-2936
Richmond BC Canada, V6V 2J3 URL: http://www.mda.ca
------------------------------------------------------------------------
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
