Penetration Testing mailing list archives

Re: nessus scan - epmap (135/tcp)

From: Ron <ron () skullsecurity net>
Date: Fri, 19 Dec 2008 11:07:00 -0600

m sesser wrote:

hi list,

some nessus scans have the following result:

Vulnerability found on port epmap (135/tcp)
 The remote host is running a version of Windows which has a flaw in
 its RPC interface which may allow an attacker to execute arbitrary code
 and gain SYSTEM privileges. There is at least one Worm which is
 currently exploiting this vulnerability. Namely, the MsBlaster worm.

Solution: seehttp://www.microsoft.com/technet/security/bulletin/MS03-026.mspx

> ...
>

which tool is right?
is there a 3rd-party tool to test?
is nessus (2.2.9 ubuntu) state of the art?

thanks,
markus

The only way to really be sure if a signature is correct is to attemptan exploit (if you have permission!!)

Metasploit comes with a fairly stable exploit (as far as exploits go)for ms03-026.


Ron

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

nessus scan - epmap (135/tcp) m sesser (Dec 18)
- Re: nessus scan - epmap (135/tcp) Chris Griffin (Dec 18)
- Re: nessus scan - epmap (135/tcp) Volker Tanger (Dec 18)
- Re: nessus scan - epmap (135/tcp) m sesser (Dec 19)
- Re: nessus scan - epmap (135/tcp) Ron (Dec 19)
  - Re: nessus scan - epmap (135/tcp) security curmudgeon (Dec 19)
- <Possible follow-ups>
- nessus scan - epmap (135/tcp) christopher . riley (Dec 19)