Bugtraq: Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!

From: "morning_wood" <se_cur_ity () hotmail com>
Date: Tue, 10 Feb 2004 20:14:08 -0800

been applied. We have scanned with Retina, Foundstone and Qualys tools
which they all showed as "VULNERABLE", however when we scanned with Microsoft
Base Security Analyzer it showed as "NOT VULNERABLE". This was at first
confusing; one would think an assessment tool released by the original


did you try exploit code to verify? that should dispel any ambiguity
across scanner reports, it would be real easy to load your network
hosts into a batch file or shell script and see how many "roots" you get.

just a thought... eliminates alot of guesswork.. ( imo )

m.wood
http://exploitlabs.com

By Date By Thread

Current thread:

Another Low Blow From Microsoft: MBSA Failure! dotsecure (Feb 10)
- Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure! morning_wood (Feb 11)
  - Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure! Valdis . Kletnieks (Feb 11)
- <Possible follow-ups>
- RE: Another Low Blow From Microsoft: MBSA Failure! Drew Copley (Feb 10)
- RE: Another Low Blow From Microsoft: MBSA Failure! Joe DeMarco (Feb 10)
  - RE: Another Low Blow From Microsoft: MBSA Failure! Frank Knobbe (Feb 11)
- RE: Another Low Blow From Microsoft: MBSA Failure! Drew Copley (Feb 11)