This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
The remote host allows null session event log reading.
It is possible to anonymously read the event logs of the remote
Windows 2000 host by connecting to the \srvsvc pipe and binding to the
event log service, OpenEventLog().
An attacker may use this flaw to anonymously read the system logs of
the remote host. As system logs typically include valuable
information, an attacker may use them to perform a better attack
against the remote host.
See also :
Install the Update Rollup Package 1 (URP1) for Windows 2000 SP4 or
set the value RestrictGuestAccess on the Applications and System
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false