Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Plugins 14818 & 11839 report false positives

from [Nicolas Pouvesle] Network Security [Permanent Link]
Subject: Re: Plugins 14818 & 11839 report false positives
Date: Thu, 20 Oct 2005 13:33:40 -0400 

On Oct 20, 2005, at 1:12 PM, Shahid Sharif wrote:

I ran a scan against an XP machine and nessus reported:

148180It was possible to log into the remote host with the login 'X' and a blank password. A widely available exploit, using one of the vulnerabilities described in the Microsoft Bulletin MS04-028 creates such an account. This probably mean that the remote host has been compromised by the use of this exploit. See also : http:// www.microsoft.com/technet/security/Bulletin/MS04-028.mspx Solution : Re-install this host, as it has been compromised CVE : CAN-2004-0200



118390It was possible to log into the remote host with the login 'e' and the password 'asd#321'. A widely available exploit, using one of the vulnerabilities described in the Microsoft Bulletin MS03-039 creates such an account. This probably mean that the remote host has been compromised by the use of this exploit. See also : http://www.microsoft.com/technet/security/bulletin/ ms03-039.mspx Solution : Re-install this host, as it has been compromised CVE : CAN-2003-0528 BID : 8459


When we used other tools to test this system, we found nothing wrong at all.

What could be causing this exposure to be triggered?


Did you set the option "enable plugin dependencies" ?


Nicolas
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Nmap.nasl not in direct feed?, Michel Arboi
Next by Date:  Re: Plugins 14818 & 11839 report false positives, Shahid Sharif
Previous by Thread:  Plugins 14818 & 11839 report false positives, Shahid Sharif
Next by Thread:  Re: Plugins 14818 & 11839 report false positives, Shahid Sharif
Indexes:  [Date] [Thread] [Top] [All Lists]