Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

FW: Plugin 10430 (smb_reg_run_permissions) False Negatives?

from [Peter Heard] Network Security [Permanent Link]
Subject: FW: Plugin 10430 (smb_reg_run_permissions) False Negatives?
Date: Thu, 24 Mar 2005 10:39:58 -0800 
My Apologies, at the end of the message below I meant to say that the
version of the plugin 10430 is version 1.2.

-----Original Message-----
From: Peter Heard [mailto:peter@mda.ca]
Sent: March 24, 2005 10:18 AM
To: nessus@list.nessus.org
Subject: Plugin 10430 (smb_reg_run_permissions) False Negatives?


Some of the machines on our network are currently configured with vulnerable
"run" key permissions . Before 17th March, the run key permissions were
showing up as holes in the nessus report. After the 17th March, the run key
permissions are not being reported.

A typical example of an offending run key permission in our environment is:

HKLMSoftwareMicrosoftWindowsCurrentVersionRun
Power Users: Permissions set to read BUT in ADVANCED pane, permissions for
Power Users are set to SPECIAL, and specific values include:
Set Value: ALLOW
Create Subkey: ALLOW
Delete: ALLOW


Can you confirm that the latest plugin changes are still meant to report the
above run key permissions as a hole (as they did before March 17th) or is
this a bug in the latest changes made to the plugin?

I am running Redhat ES 4 with Nessus 2.2.3 and 2.2.4. The version of plugin
10396 is 1.5.

Thanks

Peter Heard


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Plugin 10396 (SMB Accessible Shares), Renaud Deraison
Next by Date:  Nessuswx clinet question, Talwar, Puneet (NIH/NIAID)
Previous by Thread:  Re: Plugin 10430 (smb_reg_run_permissions) False Negatives?, Renaud Deraison
Next by Thread:  Nessuswx clinet question, Talwar, Puneet (NIH/NIAID)
Indexes:  [Date] [Thread] [Top] [All Lists]