Scanning a x64 bit system

Wed, 23 May 2007 05:30:05 -0700 

Has anyone had any problems scanning a X64 Windows 2003 SP2 R2 Server?

Here is the problem I'm having:

Security is set on the server using .inf files to per configure various 
security settings.  As a example 

a inf file is ran at the end of the build to configure telnet to have the 
following  ACL Admininstrators - Full and System - Full
"%SystemRoot%\system32\telnet.exe",2,"D:PAR(A;OICI;FA;;;BA)(A;OICI;FA;;;SY)"

I also have a .audit file that checks the file perms

<file_acl: "2">

<user: "Administrators">
        acl_inheritance: "not inherited"
        acl_apply: "This folder, subfolders and files"
        acl_allow: "full control" 
        </user>

<user: "SYSTEM">
        acl_inheritance: "not inherited"
        acl_apply: "This folder, subfolders and files"
        acl_allow: "full control" 
        </user>

</acl>

<custom_item>
      type: FILE_PERMISSIONS
      description: "%SystemRoot%\system32\telnet.exe"
      value_type: FILE_ACL
      value_data: "1"
      file: "%SystemRoot%\system32\telnet.exe"
</item>

When I scan a 32 bit version of WIndows the out is what I would expect. 

When I scan a 64 bit version of Windows I get the following

general/tcp High "%SystemRoot%\system32\telnet.exe" : [FAILED]
[0] Administrators (1-5-32-544)
type: Allow
Apply To: "this folder, subfolders and files"
Inheritance: "not inherited"
Permission: "Special"

[1] SYSTEM (1-5-18)
type: Allow
Apply To: "this folder, subfolders and files"
Inheritance: "not inherited"
Permission: "Special"

[2] Administrators (1-5-32-544)
type: Allow
Apply To: "this folder and subfolders"
Inheritance: "not inherited"
Permission: "Special"

[3] CREATOR OWNER (1-3-0)
type: Allow
Apply To: "subfolders only"
Inheritance: "not inherited"
Permission: "Special"

[4] SYSTEM (1-5-18)
type: Allow
Apply To: "this folder and subfolders"
Inheritance: "not inherited"
Permission: "Special"

[5] Users (1-5-32-545)
type: Allow
Apply To: "this folder and subfolders"
Inheritance: "not inherited"
Permission: "Special"

[6] Everyone (1-1-0)
type: Allow
Apply To: "this folder and subfolders"
Inheritance: "not inherited"
Permission: "Special"

[7] Everyone (1-1-0)
type: Deny
Apply To: "this folder and subfolders"
Inheritance: "not inherited"
Permission: "Special"

When I manual check the ACL on c:\winnt\system32\Telnet.exe it shows 
Administrators - Full and System - Full .

 Could this be a issue casued by the WOW32 envirnment and the system32 
directory that gets remapped. Also whole parts of the registry and other system 
folders as well;



Thank You, again I'm sorry for the long email, and that I may have over load 
the info

Take Care and Have Fun --John



_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus

Reply via email to