Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Releases Nessus Plugins for Microsoft Tuesday Remediation

October 11, 2005

Columbia, MD

Microsoft released 9 advisories fixing several vulnerabilities this month. The following plugins make sure that the remote host has the patches applied either by connecting the remote registry or by checking the version of the files on disk:

  • Plugin #19997 checks for MS05-044 (flaw in the FTP client) 
  • Plugin #19998 checks for MS05-045 (remote denial of service in the Network Connection Manager)
  • Plugin #19999 checks for MS05-046 (remote code execution in the Network Client service, without authentication). This service is enabled only if one of the network interfaces of the host is configured to use IPX. (Note that this flaw can be exploited over IP).
  • Plugin #20000 checks for MS05-047 (remote vulnerability in Plug-n-Play which requires credentials or a local account to be exploited)
  • Plugin #20001 checks for MS05-048 (remote code execution in Microsoft Collaboration Data Objects)
  • Plugin #20002 checks for MS05-049 (local overflows in the windows shell)
  • Plugin #20003 checks for MS05-050 (code execution in DirectShow when processing a malformed .avi file)
  • Plugin #20004 checks for MS05-051 (remote code execution MSDTC)
  • Plugin #20005 checks for MS05-052 (IE cumulative update)

In addition to this, the plugin #20006 can check for the remote NetWare Client Service overflow over the network, without the need for any credentials. Our engineers are working on a credential-less plugin for MS05-051 as well. 

About Tenable

Tenable™, Inc. is the Cyber Exposure company. Over 23,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deeply understand assets, networks and vulnerabilities, extending this knowledge and expertise into Tenable.io™ to deliver the world’s first platform to provide live visibility into any asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, large government agencies and mid-sized organizations across the private and public sectors. Learn more at tenable.com.

Contact Information:

Cayla Baker
[email protected]
(443) 539-6476