Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service

From: Dražen Popović <drazen.popovic () fer hr>
Date: Sat, 29 May 2010 04:24:22 +0200
On Sat, 2010-05-29 at 00:51 +0000, Richard Miles wrote:

Hi

It can't be checked without credentials? I mean, in a unsafe way?


According to the available documentation and the default configuration
of Windows boxes I've tested credentials are required. So no.

But there were claims that WinXP SP1 allows access to this service
without credentials (I haven't checked that).


There is a metasploit exploit for it?



Yes, two actually. One is more complicated than the other but they both
target the same vulnerability.

modules/exploit/windows/smb/ms06_025_rras.rb

Regards,
Dražen.

-- 
Laboratory for Systems and Signals
Department of Electronic Systems and Information Processing
Faculty of Electrical Engineering and Computing
University of Zagreb

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: