Educause Security Discussion mailing list archives

Vulnerability scanner for MS05-039

From: Chris Russel <russel () YORKU CA>
Date: Tue, 16 Aug 2005 08:29:19 -0400

Our vuln scanning tool is here, updated to detect MS05-039:

http://infosec.yorku.ca/tools/

(also checks MS04-007, MS04-011 for good measure)

It is designed for speed and should do a class-B in 5-10 minutes or less (run
with 100+ threads). I got tired of renaming it after every new Microsoft
security bulletin, so it is just called noxscan now (used to be 011scan). It is
somewhat of a hack but works well enough for us - standard disclaimer, YMMV, no
guarantees of any kind... Tested on Linux, OpenBSD, and Solaris.

Thanks to those on #unisog who helped test it.

--
Chris Russel
Manager CNS Information Security
York University, Toronto, Canada

Current thread:

Vulnerability scanner for MS05-039 Chris Russel (Aug 16)
- <Possible follow-ups>
- Re: Vulnerability scanner for MS05-039 David Taylor (Aug 16)
- Re: Vulnerability scanner for MS05-039 Graham Toal (Aug 16)
- Re: Vulnerability scanner for MS05-039 Robert Kerr (Aug 17)
- Re: Vulnerability scanner for MS05-039 Chris Russel (Aug 17)
- Re: Vulnerability scanner for MS05-039 Tom Bossie (Aug 17)