Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Plugin 19408 - MS05-039 - and Windows NT 4

from [Chad I. Uretsky] Network Security [Permanent Link]
Subject: RE: Plugin 19408 - MS05-039 - and Windows NT 4
Date: Mon, 29 Aug 2005 12:23:19 -0000 
Sorry...I thought I sent an e-mail stating to disregard this.  I realized I
was incorrect, and that it wasn't even this plug-in that was reporting the
vulnerability on my NT boxes.  :-)

Thanks.

Chad



-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org]
On Behalf Of Nicolas Pouvesle
Sent: Saturday, August 27, 2005 7:53 AM
To: nessus@list.nessus.org
Subject: Re: Plugin 19408 - MS05-039 - and Windows NT 4



On Aug 24, 2005, at 9:55 AM, Chad I. Uretsky wrote:


Okay, here's another question on 19408.

Plugin 19408 indicates that Windows NT boxes are vulnerable.   
However, when
I run an actual exploit crafted for the MS05-039 vulnerability
against a
Window NT box, it fails to make the NULL session connection.  Are  
these
boxes that 19408 flags actually vulnerable?  Or is this a false  
positive?
Is there a way to filter my scan so that 19408 doesn't give these  
possible
false positives?



http://bugs.nessus.org/show_bug.cgi?id=1299


Public exploits use "browser" pipe which is not available under NT 4. We use
another pipe in the NASL plugin to test the flaw. It is the  
reason why Nessus can detect both vulnerable versions of Windows 2000  
and Windows NT 4.


Nicolas
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Alternatives to Nessus, License question, Javier Fernandez-Sanguino
Next by Date:  Changing file formats, Drew Simonis
Previous by Thread:  Re: Plugin 19408 - MS05-039 - and Windows NT 4, Nicolas Pouvesle
Next by Thread:  plugin 19402, Mark Natoli
Indexes:  [Date] [Thread] [Top] [All Lists]