On Aug 24, 2005, at 9:55 AM, Chad I. Uretsky wrote:
Okay, here's another question on 19408.
Plugin 19408 indicates that Windows NT boxes are vulnerable.
However, when
I run an actual exploit crafted for the MS05-039 vulnerability
against a
Window NT box, it fails to make the NULL session connection. Are
these
boxes that 19408 flags actually vulnerable? Or is this a false
positive?
Is there a way to filter my scan so that 19408 doesn't give these
possible
false positives?
http://bugs.nessus.org/show_bug.cgi?id=1299
Public exploits use "browser" pipe which is not available under NT 4.
We use another pipe in the NASL plugin to test the flaw. It is the
reason why Nessus can detect both vulnerable versions of Windows 2000
and Windows NT 4.
Nicolas
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
