Microsoft Windows LM / NTLMv1 Authentication Enabled

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is configured to use an insecure authentication
protocol.

Description :

The remote host is configured to attempt LM and/or NTLMv1 for outbound
authentication. These protocols use weak encryption. A remote attacker
who is able to read LM or NTLMv1 challenge and response packets could
exploit this to get a user's LM or NTLM hash, which would allow an
attacker to authenticate as that user.

See also :

http://www.nessus.org/u?33c44acc
http://support.microsoft.com/kb/2793313
http://technet.microsoft.com/en-us/library/cc960646.aspx

Solution :

Change the LmCompatibilityLevel setting to 3 or higher.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Windows

Nessus Plugin ID: 63478 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now