Sorry...I thought I sent an e-mail stating to disregard this. I realized I was incorrect, and that it wasn't even this plug-in that was reporting the vulnerability on my NT boxes. :-)
Thanks. Chad -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nicolas Pouvesle Sent: Saturday, August 27, 2005 7:53 AM To: [email protected] Subject: Re: Plugin 19408 - MS05-039 - and Windows NT 4 On Aug 24, 2005, at 9:55 AM, Chad I. Uretsky wrote: > Okay, here's another question on 19408. > > Plugin 19408 indicates that Windows NT boxes are vulnerable. > However, when > I run an actual exploit crafted for the MS05-039 vulnerability > against a > Window NT box, it fails to make the NULL session connection. Are > these > boxes that 19408 flags actually vulnerable? Or is this a false > positive? > Is there a way to filter my scan so that 19408 doesn't give these > possible > false positives? http://bugs.nessus.org/show_bug.cgi?id=1299 Public exploits use "browser" pipe which is not available under NT 4. We use another pipe in the NASL plugin to test the flaw. It is the reason why Nessus can detect both vulnerable versions of Windows 2000 and Windows NT 4. Nicolas _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
