June 16, 2005
Microsoft advisory MS05-027 corrects a serious vulnerability in SMB, which may allow an unauthenticated attacker to crash a remote Windows host or to possibly execute arbitrary code in ring0 mode.
We have released plugin #18502 which detects which hosts on the network have not been patched for this vulnerability, without the need to give any credentials to the Nessus scanner. This plugin is immediately available to our direct feed customers and will be available to the general public on June 23rd.
To scan for this vulnerability, enable plugin #18502 (Vulnerability in SMB Could Allow Remote Code Execution (896422) - Network Check) in the Nessus client, and make sure the option "enable dependencies" is enabled.