Penetration Testing mailing list archives

Re: nessus scan - epmap (135/tcp)

From: security curmudgeon <jericho () attrition org>
Date: Fri, 19 Dec 2008 20:16:24 +0000 (UTC)


On Fri, 19 Dec 2008, Ron wrote:

: The only way to really be sure if a signature is correct is to attempt 
: an exploit (if you have permission!!)

Not the only way. Nessus has an additional check for this vulnerability 
if a credentialed scan is performed. smb_nt_ms03-027.nasl (Plugin 11792) 
will check for the presence of 821557 on the system without relying on 
remote signatures or exploitation.



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

nessus scan - epmap (135/tcp) m sesser (Dec 18)
- Re: nessus scan - epmap (135/tcp) Chris Griffin (Dec 18)
- Re: nessus scan - epmap (135/tcp) Volker Tanger (Dec 18)
- Re: nessus scan - epmap (135/tcp) m sesser (Dec 19)
- Re: nessus scan - epmap (135/tcp) Ron (Dec 19)
  - Re: nessus scan - epmap (135/tcp) security curmudgeon (Dec 19)
- <Possible follow-ups>
- nessus scan - epmap (135/tcp) christopher . riley (Dec 19)