[unisog] RE: New RPC Vulnerability -> SCANMS false positive

Eric Pancer epancer at security.depaul.edu
Thu Sep 11 19:11:03 GMT 2003

On Thu, 2003-09-11 at 14:45:59 -0400, Joshua Thomas proclaimed...

> To detect the new RPC vulnerabilities, we're currently testing Nessus 
> plugin 11835:
> <http://cgi.nessus.org/plugins/dump.php3?id=11835>
> We're using the standalone interpretor 'nasl' utility to run just plugin 
> 11835.
> <http://www.nessus.org/doc/nasl.html>
> So far we haven't encountered any false positives.  Anyone already have any 
> data regarding false positives/negatives for this plugin?

There were a couple that came across Nessus mailing list, but it
looks like those problems were more for Windows NT 4, etc..

Using msrpc_dcom2.nasl from the full Nessus scanner, so far, works
here as well.

Eric Pancer     Computer Security Response Team     DePaul University
http://security.depaul.edu/               epancer at security.depaul.edu 
pgp: 1024D/7ACBCFF3 C022 4991 41E5 51E7 683C F765 62F7 7F8E 7ACB CFF3

More information about the unisog mailing list