June 16, 2005
Microsoft advisory MS05-027 corrects a serious vulnerability in SMB, which may allow an unauthenticated attacker to crash a remote Windows host or to possibly execute arbitrary code in ring0 mode.
We have released plugin #18502 which detects which hosts on the network have not been patched for this vulnerability, without the need to give any credentials to the Nessus scanner. This plugin is immediately available to our direct feed customers and will be available to the general public on June 23rd.
To scan for this vulnerability, enable plugin #18502 (Vulnerability in SMB Could Allow Remote Code Execution (896422) - Network Check) in the Nessus client, and make sure the option "enable dependencies" is enabled.
Tenable™, Inc. is the Cyber Exposure company. Over 23,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deeply understand assets, networks and vulnerabilities, extending this knowledge and expertise into Tenable.io™ to deliver the world’s first platform to provide live visibility into any asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, large government agencies and mid-sized organizations across the private and public sectors. Learn more at tenable.com.