Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: PlugIn ID 10394

from [George A. Theall] Network Security [Permanent Link]
Subject: Re: PlugIn ID 10394
Date: Tue, 21 Aug 2007 10:03:47 -0400 
On 08/20/07 10:11, Lad, Amit wrote:


After the August Microsoft Plugins were updated by my direct feed, my 
first was successful with no issues.  But the next day, for some reason 
my scan is detecting PLUGIN ID 10394, which is the SMB Login 
vulnerability.  I checked and double-checked that this plug-in is not 
enabled in the plugin list, but it is still showing as a vulnerability.  


Plugin #10394 is a dependency of many plugins that do local checks 
against Windows systems. More than likely, it was run because you had 
enabled plugin dependencies.

As for why it's reporting now... that was likely a bug I introduced in 
migrating to CVSS v2 last week -- instead of reporting a security hole 
if it could log in as administrator w/o a password, it was reporting a 
hole if it could simply login in, even if that was done with 
credentials. Again, that was a mistake, and I apologize for any 
inconvenience that's caused. A new version of the plugin should become 
available via nessus-update-plugins in a couple of hours.

George
-- 
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: PlugIn ID 10394, Lad, Amit
Next by Date:  RE: PlugIn ID 10394, Lad, Amit
Previous by Thread:  PlugIn ID 10394, Lad, Amit
Next by Thread:  RE: PlugIn ID 10394, Lad, Amit
Indexes:  [Date] [Thread] [Top] [All Lists]