Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Plugins 14818 & 11839 report false positives

from [Shahid Sharif] Network Security [Permanent Link]
Subject: Re: Plugins 14818 & 11839 report false positives
Date: Thu, 20 Oct 2005 13:41:06 -0400

yes I did.




Shahid Sharif
 
From: Nicolas Pouvesle <npouvesle@tenablesecurity.com>
To: nessus@list.nessus.org
Subject: Re: Plugins 14818 & 11839 report false positives
Date: Thu, 20 Oct 2005 13:33:40 -0400
MIME-Version: 1.0 (Apple Message framework v734)
Received: from mail.nessus.org ([63.105.37.100]) by mc9-f25.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Thu, 20 Oct 2005 10:35:17 -0700
Received: from localhost (localhost [127.0.0.1])by mail.nessus.org (Postfix) with ESMTP id EB77E13801;Thu, 20 Oct 2005 13:35:02 -0400 (EDT)
Received: from mail.nessus.org ([127.0.0.1]) by localhost (raccoon.nessus.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 96941-01-10; Thu, 20 Oct 2005 13:34:57 -0400 (EDT)
Received: from raccoon.nessus.org (mail.nessus.org [63.105.37.104])by mail.nessus.org (Postfix) with ESMTP id 6EF31137F4;Thu, 20 Oct 2005 13:34:50 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])by mail.nessus.org (Postfix) with ESMTP id ECA36137DEfor <nessus@list.nessus.org>; Thu, 20 Oct 2005 13:34:46 -0400 (EDT)
Received: from mail.nessus.org ([127.0.0.1])by localhost (raccoon.nessus.org [127.0.0.1]) (amavisd-new, port 10024)with LMTP id 97005-01-6 for <nessus@list.nessus.org>;Thu, 20 Oct 2005 13:34:43 -0400 (EDT)
Received: from vmail2.tellurian.net (vmail2.tellurian.net [216.182.1.14])by mail.nessus.org (Postfix) with ESMTP id A7252137C3for <nessus@list.nessus.org>; Thu, 20 Oct 2005 13:34:43 -0400 (EDT)
Received: from [172.20.101.136] (66-240-11-2.isp.comcastbusiness.net[66.240.11.2]) by vmail2.tellurian.net ([216.182.1.14] Tellurian Networks Mail Serverversion 3.5b3-3) with ESMTP id 85252165 for <nessus@list.nessus.org>; Thu, 20 Oct 2005 13:33:40 -0400
>
>On Oct 20, 2005, at 1:12 PM, Shahid Sharif wrote:
>
>>I ran a scan against an XP machine and nessus reported:
>>
>>148180It was possible to log into the remote host with the login
>>'X' and a blank password. A widely available exploit, using one of
>>the vulnerabilities described in the Microsoft Bulletin MS04-028
>>creates such an account. This probably mean that the remote host
>>has been compromised by the use of this exploit. See also : http://
>>www.microsoft.com/technet/security/Bulletin/MS04-028.mspx Solution
>>: Re-install this host, as it has been compromised CVE :
>>CAN-2004-0200
>>
>>
>>
>>118390It was possible to log into the remote host with the login
>>'e' and the password 'asd#321'. A widely available exploit, using
>>one of the vulnerabilities described in the Microsoft Bulletin
>>MS03-039 creates such an account. This probably mean that the
>>remote host has been compromised by the use of this exploit. See
>>also : http://www.microsoft.com/technet/security/bulletin/
>>ms03-039.mspx Solution : Re-install this host, as it has been
>>compromised CVE : CAN-2003-0528 BID : 8459
>>
>>
>>When we used other tools to test this system, we found nothing
>>wrong at all.
>>
>>What could be causing this exposure to be triggered?
>>
>
>Did you set the option "enable plugin dependencies" ?
>
>
>Nicolas
>_______________________________________________
>Nessus mailing list
>Nessus@list.nessus.org
>http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Plugins 14818 & 11839 report false positives, Nicolas Pouvesle
Next by Date:  Re: Nessus Error: Nessusd returned an error Report, d e v a
Previous by Thread:  Re: Plugins 14818 & 11839 report false positives, Nicolas Pouvesle
Next by Thread:  Re: Plugins 14818 & 11839 report false positives, Nicolas Pouvesle
Indexes:  [Date] [Thread] [Top] [All Lists]