Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Windows --> Category: infos

SMB OpenEventLog() over \srvsvc Vulnerability Scan

Vulnerability Scan Summary
Enumerates the list of remote services

Detailed Explanation for this Vulnerability Test

It is possible to anonymously read the event logs of the remote Windows 2000 host by
connecting to the \srvsvc pipe and binding to the event log service.

A possible hacker may use this flaw to anonymously read the system logs of the remote host.
As system logs typically include valuable information, a possible hacker may use them to
perform a better attack against the remote host.

Solution : Install the Update Rollup Package 1 (URP1) for Windows 2000 SP4 or
set the value RestrictGuestAccess on the Applications and System logs
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.