Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Plugin 19408 - MS05-039 - and Windows NT 4

from [Nicolas Pouvesle] Network Security [Permanent Link]
Subject: Re: Plugin 19408 - MS05-039 - and Windows NT 4
Date: Sat, 27 Aug 2005 08:53:04 -0400 

On Aug 24, 2005, at 9:55 AM, Chad I. Uretsky wrote:

Okay, here's another question on 19408.

Plugin 19408 indicates that Windows NT boxes are vulnerable. However, when
I run an actual exploit crafted for the MS05-039 vulnerability against a
Window NT box, it fails to make the NULL session connection. Are these
boxes that 19408 flags actually vulnerable? Or is this a false positive?
Is there a way to filter my scan so that 19408 doesn't give these possible
false positives? 


http://bugs.nessus.org/show_bug.cgi?id=1299


Public exploits use "browser" pipe which is not available under NT 4.
We use another pipe in the NASL plugin to test the flaw. It is the reason why Nessus can detect both vulnerable versions of Windows 2000 and Windows NT 4.


Nicolas
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Inconsistent port scans, Martin Macleod-Brown
Next by Date:  Runnning nessuswx in command line, hitesh parmar
Previous by Thread:  Plugin 19408 - MS05-039 - and Windows NT 4, Chad I. Uretsky
Next by Thread:  RE: Plugin 19408 - MS05-039 - and Windows NT 4, Chad I. Uretsky
Indexes:  [Date] [Thread] [Top] [All Lists]