Just received this from ISS minutes ago...Another RPC vulnerability scanning tool:
http://www.iss.net/support/product_utilities/ms03-026rpc.php Couple things we have noticed.... 1) OS identification is pretty much hit and miss 2) We have seen where XP SP1 unpatched doesn't show vulnerable (this patch was previously installed and then un-installed.) However, machine is confirmed vulnerable. Anyone else know what the last column of the output means? i.e. '5.6' or '0.0'? Robert _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html