NASLDB: Microsoft Windows SMB Registry : Winlogon Cached Password Weakness
General
ID: 11457
Name: Microsoft Windows SMB Registry : Winlogon Cached Password Weakness
Summary: Determines the value of a remote key
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N
CVSS Base Vector: –
CVSS Temporal Vector: –
Port: 139
Family: Windows
Type: Local
Description
The registry key
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount
is non-null. It means that the remote host locally caches the passwords
of the users when they log in, in order to continue to allow the users
to log in in the case of the failure of the PDC.
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: –
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: –
Plugin Release: 2003/03/24
Plugin
Version: 1.12
Filename: smb_reg_cachedlogons.nasl
Filesize: 2510 bytes
MD5 Hash: 0a1b48620974d9a2a6ed20419bae2818
Identification: SMB/transport
Require Keys: SMB/transport", "SMB/name", "SMB/login", "SMB/password", "SMB/registry_access
Dependencies: "netbios_name_get.nasl", "smb_login.nasl", "smb_registry_access.nasl"
Copyright: This script is Copyright© 2003-2011 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack