[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Scanning the PCs for RPC Vulnerability
- To: "Nadeem Rafi" <nrafi@xxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Scanning the PCs for RPC Vulnerability
- From: "Marc Maiffret" <marc@xxxxxxxx>
- Date: Wed, 3 Sep 2003 10:51:58 -0700
Try our RPC scanner, I think you'll find it is much more accurate than
Foundstones and Microsofts.
http://www.eeye.com/html/Research/Tools/RPCDCOM.html
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
-----Original Message-----
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx]On Behalf Of Nadeem Rafi
Sent: Wednesday, September 03, 2003 3:07 AM
To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Scanning the PCs for RPC Vulnerability
I have found some faults in the scanning tools available from Foundstone and
Microsoft for RPC vulnerable machines. Both of these tools are not error free.
These tools are showing the ip addresses of even those machines which are
Windows 9x, Windows98/Sec, Windows ME. Both tools are not free from this error.
And Foundstone's RPC Scan tool is even more error prone. If you even applied
all the patches in correct sequence even then some of my machines are reported
as "Vulnerable".
Any body have any experience with these problems or any suggestions please
let me know.
Best Regards,
Nadeem Rafi