Family: Windows --> Category: infos
SMB OpenEventLog() over \srvsvc Vulnerability Scan
Vulnerability Scan Summary
Enumerates the list of remote services
Detailed Explanation for this Vulnerability Test
It is possible to anonymously read the event logs of the remote Windows 2000 host by
connecting to the \srvsvc pipe and binding to the event log service.
A possible hacker may use this flaw to anonymously read the system logs of the remote host.
As system logs typically include valuable information, a possible hacker may use them to
perform a better attack against the remote host.
Solution : Install the Update Rollup Package 1 (URP1) for Windows 2000 SP4 or
set the value RestrictGuestAccess on the Applications and System logs
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.