Re: Command Line RPC vulnerability scanner?

>
>http://www.iss.net/support/product_utilities/ms03-026rpc.php

Scanms returns wrong answer when you disabled DCOM on the target box. (run dcomcnfg, uncheck the "Enable Distributed COM on this computer" checkbox)

  Target: Windows 2000 Pro SP4 with MS03-026 patch (Japanese version)

  Case A: "Enable Distributed COM on this computer" is checked

    D:\>scanms 192.168.183.129

• ScanMs Tool --- (c) 2003 Internet Security Systems --- Scans for systems vulnerable to MS03-026 vuln More accurate for WinXP/Win2k, less accurate for WinNT ISS provides no warrantees for any purpose Use at own risk. Runs best from WinXP. IP Address REMACT SYSACT DCOM Version

  ---

  192.168.183.129 [ptch] [ptch] 5.6

  Case B: "Enable Distributed COM on this computer" is un-checked

    D:\>scanms 192.168.183.129

• ScanMs Tool --- (c) 2003 Internet Security Systems --- Scans for systems vulnerable to MS03-026 vuln More accurate for WinXP/Win2k, less accurate for WinNT ISS provides no warrantees for any purpose Use at own risk. Runs best from WinXP. IP Address REMACT SYSACT DCOM Version

  ---

  192.168.183.129 [VULN] [VULN] 5.6

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Makoto Shiotsuki