Hi, Through Metasploit framework it is very easy to exploit this vulnerability MS06-035. You can get the shell (command prompt) of the remote system depending on the payload selected in Metasploit.
Please note that similar to other tools, Nessus is not an exception in reporting false positives. So please confirm the vulnerability before reporting it to client. Windows XP service pack 2 is vulnerable but not service pack 3. So if somebody scans XP system with SP3 even then Nessus reports this vulnerability. I hope this helps. Happy exploitation. Regards, Ravi Gopal On Thu, Jul 8, 2010 at 4:28 PM, Sandeep Thakur <[email protected]> wrote: > It seems you have run Nessus on your Windows XP operating system. However, > Please refer to MS06-035: Vulnerability in Server Service Could Allow Remote > Code Execution (917159) (uncredentialed check) > > http://www.microsoft.com/technet/security/bulletin/ms06-035.mspx > > > Regards > Sandeep Thakur > On Thu, Jul 8, 2010 at 1:16 AM, Old Chick <[email protected]> wrote: > >> Hello Friends, >> >> Iam Trying to work on Nessus and i found the vulnerabitlity like >> this . >> >> can we disscuss on these >> Synopsis >> Arbitrary code can be executed on the remote host due to a flaw in the >> 'Server' service. >> >> Description >> The remote host is vulnerable to heap overflow in the 'Server' service >> that may allow an attacker to execute arbitrary code on the remote >> host with 'SYSTEM' privileges. >> >> In addition to this, the remote host is also affected by an >> information disclosure vulnerability in SMB that may allow an attacker >> to obtain portions of the memory of the remote host. >> >> Thank u >> Oldchic >> >> -- >> You received this message because you are subscribed to the Google Groups >> "nforceit" group. >> To post to this group, send an email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]<nforceit%[email protected]> >> . >> For more options, visit this group at >> http://groups.google.com/group/nforceit?hl=en-GB. >> >> > -- > You received this message because you are subscribed to the Google Groups > "nforceit" group. > To post to this group, send an email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<nforceit%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/nforceit?hl=en-GB. > -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
