On Oct 20, 2005, at 1:12 PM, Shahid Sharif wrote:
I ran a scan against an XP machine and nessus reported:
148180It was possible to log into the remote host with the login
'X' and a blank password. A widely available exploit, using one of
the vulnerabilities described in the Microsoft Bulletin MS04-028
creates such an account. This probably mean that the remote host
has been compromised by the use of this exploit. See also : http://
www.microsoft.com/technet/security/Bulletin/MS04-028.mspx
Solution : Re-install this host, as it has been compromised CVE :
CAN-2004-0200
118390It was possible to log into the remote host with the login
'e' and the password 'asd#321'. A widely available exploit, using
one of the vulnerabilities described in the Microsoft Bulletin
MS03-039 creates such an account. This probably mean that the
remote host has been compromised by the use of this exploit. See
also : http://www.microsoft.com/technet/security/bulletin/
ms03-039.mspx Solution : Re-install this host, as it has been
compromised CVE : CAN-2003-0528 BID : 8459
When we used other tools to test this system, we found nothing
wrong at all.
What could be causing this exposure to be triggered?
Did you set the option "enable plugin dependencies" ?
Nicolas
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
