> been applied. We have scanned with Retina, Foundstone and Qualys tools
> which they all showed as "VULNERABLE", however when we scanned with Microsoft
> Base Security Analyzer it showed as "NOT VULNERABLE". This was at first
> confusing; one would think an assessment tool released by the original
did you try exploit code to verify? that should dispel any ambiguity
across scanner reports, it would be real easy to load your network
hosts into a batch file or shell script and see how many "roots" you get.
just a thought... eliminates alot of guesswork.. ( imo )
> which they all showed as "VULNERABLE", however when we scanned with Microsoft
> Base Security Analyzer it showed as "NOT VULNERABLE". This was at first
> confusing; one would think an assessment tool released by the original
did you try exploit code to verify? that should dispel any ambiguity
across scanner reports, it would be real easy to load your network
hosts into a batch file or shell script and see how many "roots" you get.
just a thought... eliminates alot of guesswork.. ( imo )
m.wood
http://exploitlabs.com
[ reply ]