June 16, 2005
Microsoft advisory MS05-027 corrects a serious vulnerability in SMB, which may allow an unauthenticated attacker to crash a remote Windows host or to possibly execute arbitrary code in ring0 mode.
We have released plugin #18502 which detects which hosts on the network have not been patched for this vulnerability, without the need to give any credentials to the Nessus scanner. This plugin is immediately available to our direct feed customers and will be available to the general public on June 23rd.
To scan for this vulnerability, enable plugin #18502 (Vulnerability in SMB Could Allow Remote Code Execution (896422) - Network Check) in the Nessus client, and make sure the option "enable dependencies" is enabled.
About Tenable Network Security
Tenable Network Security transforms security technology for the business needs of tomorrow through comprehensive solutions that provide continuous visibility and critical context, enabling decisive actions to protect your organization. Tenable eliminates blind spots, prioritizes threats, and reduces exposure and loss. With more than one million users and more than 20,000 enterprise customers worldwide, organizations trust Tenable for proven security innovation. Tenable's customers range from Fortune Global 500 companies, to the U.S. Department of Defense, to mid-sized and small businesses in all sectors, including finance, government, healthcare, higher education, retail and energy. Transform security with Tenable, the creators of Nessus and leaders in continuous monitoring, by visiting tenable.com.
(410) 872-0555 x1559