Educause Security Discussion mailing list archives
Re: Vulnerability scanner for MS05-039
From: Robert Kerr <r.kerr () CRANFIELD AC UK>
Date: Wed, 17 Aug 2005 11:04:01 +0100
On Tue, 2005-08-16 at 14:17 -0500, Graham Toal wrote:
David Taylor wrote:
Great tool! Thanks for the work you did on this and a special thanks in sharing. I scanned 4 Class B networks with it today! Fast and seems to be pretty accurate!
I have a *lot* of these:
445 MS04-007 SECURE:MS04-011 SECURE:MS05-039 INCONCLUSIVE [0000f203]
Any ideas what the Inconclusive means in that context? They're all XPs. Some of themmay not have rebooted yet despite already having received the patch. (We pushed out the updates last week using SMS)
To exploit this vulnerability with XP SP1 or above valid logon credentials are required: http://www.microsoft.com/technet/security/advisory/899588.mspx Seeing as the scanner doesn't have valid logon credentials it's not possible for it to determine for sure whether such machines are patched or not. At least that's my understanding. -- Robert Kerr
Current thread:
- Vulnerability scanner for MS05-039 Chris Russel (Aug 16)
- <Possible follow-ups>
- Re: Vulnerability scanner for MS05-039 David Taylor (Aug 16)
- Re: Vulnerability scanner for MS05-039 Graham Toal (Aug 16)
- Re: Vulnerability scanner for MS05-039 Robert Kerr (Aug 17)
- Re: Vulnerability scanner for MS05-039 Chris Russel (Aug 17)
- Re: Vulnerability scanner for MS05-039 Tom Bossie (Aug 17)