On Aug 18, 2005, at 17:50, Chris Lyon wrote:
On 8/17/05, Renaud Deraison <[EMAIL PROTECTED]> wrote:
On Aug 17, 2005, at 19:49, Chad I. Uretsky wrote:
I just ran a scan against a Win2K3 box I have, checking for the
MS05-039 vulnerability. I have not yet patched the box, and so I
expected it to show up as vulnerable.
It won't show up as vulnerable, as the pipe which is needed to access
the PNP service is not available over a NULL session (while it is on
Win2K). The good news is that a worm can not do a blind attack
either, as credentials are needed on this platform.
Even if you supply the login information?
If you supply the correct login information, the plugin 19402 will
complain about the missing patch.
-- Renaud
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
