Possible bug in plugin 10394
Jesper S. Jensen
jsj at uni-c.dk
Wed Nov 10 09:56:01 EST 2004
We believe there is a bug in pluing 10394.
We get this message on a patched/fixed Windows 2003 server.
---
It was possible to log into the remote host using a NULL session.
The concept of a NULL session is to provide a null username and
a null password, which grants the user the 'guest' access
To prevent null sessions, see MS KB Article Q143474 (NT 4.0) and
Q246261 (Windows 2000).
Note that this won't completely disable null sessions, but will
prevent them from connecting to IPC$
Please see http://msgs.securepoint.com/cgi-bin/get/nessus-0204/50/1.html
---
According to various documentations and the links in the message, this
message shouldn't show up, with the patches/changes we have done to the
server, and because of that we believe this to be a false positive.
What do you guys think about it?
More information about the Nessus
mailing list