On Tuesday 26 July 2005 08:48, Jersey, Steve wrote: > Our group has used Nessus for a couple years to scan critical servers > in relation to auditing at various locations. We have become > proficient with use of the tool, but we do not at this time have the > technical capability to write our scripts.
One of the recent updates to the Metasploit Framework included a module for the Backup Exec remote registry access flaw. Unfortunately I do not have the time to port it to NASL, but someone else on this list might. Pedram Amini should be credit for the discovery of the bug and the reverse engineering of the RPC stubs. http://metasploit.com/projects/Framework/exploits.html#backupexec_registry There are some fairly ugly bugs on the horizon for both Backup Exec and ARCserve, you may want to just disable both products on any system that has significant security requirements. -HD _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
