Microsoft Windows SMB Registry : Classic Logon Screen

low Nessus Plugin ID 11460

Language:

Synopsis

User lists is displayed locally.

Description

The registry key HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\LogonType is set to 1.

It means that users who attempt to log in locally will see get the 'new' WindowsXP logon screen which displays the list of users of the remote host.

Solution

Use regedt32 and set the value of this key to 0

Plugin Details

Severity: Low

ID: 11460

File Name: smb_reg_logonscreen.nasl

Version: 1.18

Type: local

Agent: windows

Family: Windows

Published: 3/24/2003

Updated: 8/31/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS Score Rationale: Score based on an in-depth analysis by tenable.

CVSS v2

Risk Factor: Low

Base Score: 1.2

Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

CVSS v3

Risk Factor: Low

Base Score: 2.9

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/name, SMB/login, SMB/password, SMB/registry_access, SMB/transport, SMB/ProductName

Detections

Analytics