xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
添加工具Xcon English Version

MS05039Scan.zip


提交时间:2005-08-22
提交用户:eyas
工具分类:扫 描 器
运行平台:Windows
工具大小:56901 Bytes
文件MD5 :6471f06c95c167e85dd6284de552b59b
工具来源:http://www.foundstone.com/

MS05-039 Scan v1.0

Microsoft UPnP MS05-039 Vulnerability Detection Utility
Copyright 2005© by Foundstone, Inc.
http://www.foundstone.com

MS05-039 Scan 1.0 is a Windows based detection and analysis utility that can quickly and accurately identify Microsoft operating systems that are vulnerable to the multiple buffer overflow vulnerabilities released in the MS05-039 bulletin.

MS05-039 Scan is intended for use by enterprise system and network administrators as a fast and reliable utility for identifying at risk Microsoft systems in a passive manner. This tool is non-abrasive in nature and may be run in production environments during production hours.

Limitations of the tool:
The scanner is limited to 10 outgoing connections on WIndows XP SP2. This scanning limitation is caused by SP2. All other platforms will have 64 concurrent scanning threads running.

If you have anti-virus running it *may* detect this tool as an exploit. This tool *does NOT* exploit the vulnerabilty it simply determines if the machine is vulnerable or not.

Vulnerability Information:
There is a remotely exploitable vulnerability in the Plug and Play (PnP) RPC interface in Microsoft Windows.

Using a null session, an attacker could make an RPC request to the PnP interface on a Microsoft Windows system that could potentially execute arbitrary code.

This Foundstone check detects the absence of the patch by attempting to trigger the vulnerability in a nonintrusive manner over RPC.

Affected systems: Microsoft Windows Server 2003 (All Versions)
Microsoft Windows XP (All Versions)
Microsoft Windows 2000 (All Versions)


For more information see:
http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx

>> 下载 <<