Code Red and ISS Internet Scanner

From: Mike Peterson (slidefxat_private)
Date: Mon Jul 30 2001 - 06:37:24 PDT

  • Next message: Tulchinskiy, Sasha: "GET /BIBA.IDA"

    I don't want to start any discussions about ISS
    Internet Scanner but, with the prospect of renewed
    activity by the Code Red worm it needs to be pointed
    out that Internet Scanner may not pick up the
    vulnerability.
    
    After using Internet Scanner 6.1 xpu 10 we did not
    find the vulnerability, until we got hit by the Code
    Red worm.  According to ISS, Internet Scanner will
    only find the vulnerability if you operate with a
    username and password with administrative rights on
    the target.
    
    __________________________________________________
    Do You Yahoo!?
    Make international calls for as low as $.04/minute with Yahoo! Messenger
    http://phonecard.yahoo.com/
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Mon Jul 30 2001 - 11:00:42 PDT