On Thu, Jun 09, 2005 at 08:47:35AM -0400, [EMAIL PROTECTED] wrote: > The information being displayed is as follows: > > "The SQL Server has a blank password for the 'sa' > account.\nCVE : CAN-2000-1209\nBID : 1281, 4797\n"
Apart from the cross-references, that's what I said it should. > This is not what's in the script (ID=10673). Yes it is -- look at line 164 in revision 1.19 of the script. Or search for it in the plugin. > It used to display : > > "The remote MS SQL server(s) have the default 'sa' (System > Administrator) account enabled with a blank password. > > Solution : Disable this account, or assign it password. " Perhaps this was a local mod, but I don't see that the text you quote ever existed in the plugin. But don't take me word -- go look at the CVS repository: http://cvsweb.nessus.org/cgi-bin/viewcvs.cgi/nessus-plugins/scripts/mssql_blank_password.nasl George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
