Hi I am using Open Vas as a Vulnerability scanner in our network.When we ran the tests on our servers we identified a medium level vulnerability in one of our servers. "Use LDAP search request to retrieve information from NT Directory Services" The solution which was mentioned for the vulnerability is mentioned below. SolutionIf pre-Windows 2000 compatibility is not required, remove pre-Windows 2000 compatibility as follows :- start cmd.exe - execute the command : net localgroup 'Pre-Windows 2000 Compatible Access' everyone /delete - restart the remote host
When i try to execute the above command i am not able to able to do so, as i do not have any users within pre windows 2000 compatibility group in our domain. Can we consider this vulnerability as false positive as we do not see any users under "pre-Windows 2000 compatibility"? ThanksSai
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
