June 16, 2005
Microsoft advisory MS05-027 corrects a serious vulnerability in SMB, which may allow an unauthenticated attacker to crash a remote Windows host or to possibly execute arbitrary code in ring0 mode.
We have released plugin #18502 which detects which hosts on the network have not been patched for this vulnerability, without the need to give any credentials to the Nessus scanner. This plugin is immediately available to our direct feed customers and will be available to the general public on June 23rd.
To scan for this vulnerability, enable plugin #18502 (Vulnerability in SMB Could Allow Remote Code Execution (896422) - Network Check) in the Nessus client, and make sure the option "enable dependencies" is enabled.
Tenable®, Inc. is the Cyber Exposure company. Over 24,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver Tenable.io®, the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 20 percent of the Global 2000 and large government agencies. Learn more at tenable.com.