Microsoft Windows SMB svcctl MSRPC Interface SCM Service Enumeration

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.


Synopsis :

The remote host allows null session event log reading.

Description :

It is possible to anonymously read the event logs of the remote
Windows 2000 host by connecting to the \srvsvc pipe and binding to the
event log service, OpenEventLog().

An attacker may use this flaw to anonymously read the system logs of
the remote host. As system logs typically include valuable
information, an attacker may use them to perform a better attack
against the remote host.

See also :

http://seclists.org/fulldisclosure/2005/Jul/135

Solution :

Install the Update Rollup Package 1 (URP1) for Windows 2000 SP4 or
set the value RestrictGuestAccess on the Applications and System
logs.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 18602 ()

Bugtraq ID: 14093
14178

CVE ID: CVE-2005-2150

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now