Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Nessus False Positive

from [Hany Fawzy] Network Security [Permanent Link]
Subject: Nessus False Positive
Date: Wed, 17 May 2006 18:20:03 +0300 
Dear  Nessus Support 

 

After scanning our servers, Nessus reported the following
vulnerabilities

 

When checking this server, we found all these required patches installed
on the machine

 

Is this a false positive

 

Please advice

 

 

Regards,

 

Vulnerability found on port microsoft-ds (445/tcp)

 

Synopsis :

 

Arbitrary code can be executed on the remote host through the web
client.

 

Description :

 

The remote host contains a version of the Internet Explorer which is

vulnerable to multiple security flaws (JPEG Rendering, Web Folder, COM

Object) which may allow an attacker to execute arbitrary code on the

remote host by constructing a malicious web page and entice a victim 

to visit this web page.

 

Solution : 

 

Microsoft has released a set of patches for Windows 2000, XP and 2003 :

 

http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx

 

Risk factor : 

 

High / CVSS Base Score : 8 

(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)

CVE : CVE-2005-1988, CVE-2005-1989, CVE-2005-1990

BID : 14511, 14512, 14515

Other references : IAVA:2005-A-0024

Nessus ID : 19401

[ back to the list of ports ]

Vulnerability found on port microsoft-ds (445/tcp)

 

Synopsis :

 

Arbitrary code can be executed on the remote host through the web
client.

 

Description :

 

The remote host contains a version of the JView Profiler module which

is vulnerable to a security flaw which may allow an attacker to execute

arbitrary code on the remote host by constructing a malicious web page

and entice a victim to visit this web page.

 

Solution : 

 

Microsoft has released a set of patches for Windows 2000, XP and 2003 :

 

http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx

 

Risk factor : 

 

High / CVSS Base Score : 8 

(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)

CVE : CVE-2005-2087

Other references : IAVA:2005-B-0016

Nessus ID : 18682

[ back to the list of ports ]

Vulnerability found on port microsoft-ds (445/tcp)

 

Synopsis :

 

Arbitrary code can be executed on the remote host through the web
client.

 

Description :

 

The remote host is missing the IE cumulative security update 905915.

 

The remote version of IE is vulnerable to several flaws which may allow
an 

attacker to execute arbitrary code on the remote host.

 

Solution : 

 

Microsoft has released a set of patches for Windows 2000, XP and 2003 :

 

http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx

 

Risk factor : 

 

High / CVSS Base Score : 8 

(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)

CVE : CVE-2005-2829, CVE-2005-2830, CVE-2005-2831, CVE-2005-1790

BID : 15823, 15825, 15827

Nessus ID : 20299

[ back to the list of ports ]

Vulnerability found on port microsoft-ds (445/tcp)

 

Synopsis :

 

Arbitrary code can be executed on the remote host through the web
client.

 

Description :

 

The remote host is missing the IE cumulative security update 883939.

 

The remote version of IE is vulnerable to several flaws which may allow
an attacker to

execute arbitrary code on the remote host.

 

Solution : 

 

Microsoft has released a set of patches for Windows 2000, XP and 2003 :

 

http://www.microsoft.com/technet/security/bulletin/ms05-025.mspx

 

Risk factor : 

 

High / CVSS Base Score : 8 

(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)

CVE : CVE-2005-1211, CVE-2002-0648

BID : 5560, 13947, 13946, 13943, 13941

Other references : IAVA:2005-A-0016

Nessus ID : 18490

[ back to the list of ports ]

Vulnerability found on port microsoft-ds (445/tcp)

 

Synopsis :

 

Arbitrary code can be executed on the remote host.

 

Description :

 

The remote version of Windows is affected by a vulnerability in 

Microsoft Message Queuing Service (MSMQ).

 

An attacker may exploit this flaw to execute arbitrary code on the
remote

host with the SYSTEM privileges.

 

Solution : 

 

Microsoft has released a set of patches for Windows 2000 and XP :

 

http://www.microsoft.com/technet/security/bulletin/ms05-017.mspx

 

Risk factor : 

 

Critical / CVSS Base Score : 10 

(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)

CVE : CVE-2005-0059

BID : 13112

Nessus ID : 18021

[ back to the list of ports ]

Vulnerability found on port microsoft-ds (445/tcp)

 

Synopsis :

 

Arbitrary code can be executed on the remote host through the web
client.

 

Description :

 

The remote host contains a version of the Internet Explorer which is

vulnerable to a security flaw (COM Object Instantiation Memory
Corruption

Vulnerability) which may allow an attacker to execute arbitrary code on
the

remote host by constructing a malicious web page and entice a victim 

to visit this web page.

 

Solution : 

 

Microsoft has released a set of patches for Windows 2000, XP SP2 and
2003 :

 

http://www.microsoft.com/technet/security/bulletin/ms05-052.mspx

 


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Not Reporting Ports, Ferdy Riphagen
Next by Date:  RE: Nessus False Positive, Biswas, Proneet
Previous by Thread:  Not Reporting Ports, Ray DuBose
Next by Thread:  RE: Nessus False Positive, Biswas, Proneet
Indexes:  [Date] [Thread] [Top] [All Lists]