I hate to complain now that there is a plugin for the asn.1 vulnerability, but the one that come out this afternoon isn't finding any at all. I have verified at least two unpatched W2K systems that the Nessus plugin didn't catch, and I haven't had it catch any at all.
Thanks, Beirne On Friday 13 February 2004 09:21 am, Beirne Konarski wrote: > On Thursday 12 February 2004 05:24 am, Paul Johnston wrote: > > Hi, > > > > FYI, I found out that Retina does indeed have a non-destructive, > > no-privs test for the vuln. It uses NTLMv2 on the SMB ports. Not much > > use in my case. > > So does this mean that it will be a while before there is a plugin? I > don't want to be a pest, but knowing will help with our planning. > > Beirne > > > Take it easy, > > > > Paul > > > > Renaud Deraison wrote: > > >On Wed, Feb 11, 2004 at 04:52:04PM +0100, Thomas Springer wrote: > > >>A > > >>ny chances for one or more plugins that are working remotely by > > >>trying to exploit the vuln? > > > > > >John is working on one. > > >_______________________________________________ > > >Nessus mailing list > > >[EMAIL PROTECTED] > > >http://mail.nessus.org/mailman/listinfo/nessus -- Beirne "Bern" Konarski [EMAIL PROTECTED] "Untouched by Scandal" _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
