Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service

From: Richard Miles <richard.k.miles () googlemail com>
Date: Mon, 31 May 2010 00:49:27 +0000
According to the available documentation and the default configuration
of Windows boxes I've tested credentials are required. So no.

But there were claims that WinXP SP1 allows access to this service
without credentials (I haven't checked that).


Interesting. But for the others that required a credential, this
credential need to be a administrative credential? Or it can be a
normal user?


Yes, two actually. One is more complicated than the other but they both
target the same vulnerability.

modules/exploit/windows/smb/ms06_025_rras.rb


Nice. This vulnerability is newer then MS08-067?

Thanks



Regards,
Dražen.

--
Laboratory for Systems and Signals
Department of Electronic Systems and Information Processing
Faculty of Electrical Engineering and Computing
University of Zagreb



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: