Hi, running this plugin on its own (with safe checks enabled) against a Win2K pro host that does not have last Tuesday's updates applied causes a reproducible BSOD. [Wed Jun 22 11:17:24 2005][31392] user nessus starts a new scan. Target(s) : xxxx, with max_hosts = 15 and max_checks = 4 [Wed Jun 22 11:17:24 2005][31392] user nessus : testing xxxx (1.2.3.4) [31425] [Wed Jun 22 11:17:24 2005][31425] user nessus : launching find_service.nes against risk [31426] [Wed Jun 22 11:17:25 2005][31425] find_service.nes (process 31426) finished its job in 0.195 seconds [Wed Jun 22 11:17:25 2005][31425] user nessus : launching cifs445.nasl against risk [31427] [Wed Jun 22 11:17:25 2005][31425] cifs445.nasl (process 31427) finished its job in 0.422 seconds [Wed Jun 22 11:17:25 2005][31425] user nessus : launching netbios_name_get.nasl against risk [31428] [Wed Jun 22 11:17:25 2005][31425] netbios_name_get.nasl (process 31428) finished its job in 0.104 seconds [Wed Jun 22 11:17:25 2005][31425] user nessus : launching smb_nativelanman.nasl against risk [31429] [Wed Jun 22 11:17:25 2005][31425] smb_nativelanman.nasl (process 31429) finished its job in 0.138 seconds [Wed Jun 22 11:17:25 2005][31425] user nessus : launching smb_kb896422.nasl against risk [31430] [Wed Jun 22 11:17:55 2005][31425] smb_kb896422.nasl (process 31430) finished its job in 30.195 seconds [Wed Jun 22 11:17:55 2005][31425] Finished testing risk. Time : 31.18 secs [Wed Jun 22 11:17:55 2005][31392] user nessus : test complete [Wed Jun 22 11:17:56 2005][31392] user nessus : Kept alive connection [Wed Jun 22 11:23:41 2005][31392] Communication closed by client The host dies just after 11:17:25. The version of this plugin that checks the registry correctly identifies that the fix for MS05-027 is missing. I can provide an export of HKLM\SOFTWARE\Microsoft\Updates\Windows 2000 if the authors want to check the exact list of patches applied, I believe all SPs and security updates except the ones released last Tuesday have been installed. I would suggest to changing the category of this plugin to destructive... Regards, -- Hubert Seiwert Internet Security Specialist, Westpoint Ltd Albion Wharf, 19 Albion Street, Manchester M1 5LN, United Kingdom Web: www.westpoint.ltd.uk Tel: +44-161-2371028 _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Wed Jun 22 2005 - 03:47:20 PDT