3 Replies Latest reply on Oct 29, 2012 1:37 PM by cgrim

    MS06-070

      Hi All,

       

      I have 1 problem about MS06-070, this one following microsoft affect only windows 2000 server but Mcafee Vulnerability Manager still warn it is high risk for windows 2003 server. Did anybody meet this vulnerability and how to fix it.

       

      Tks

        • 1. Re: MS06-070

          If you enable the following registry tweak on your MVM manager:

          KB73271

          e.g. https://kc.mcafee.com/corporate/index?page=content&id=KB73271

           

          Then the CSV version of the vulnerability report will include FASL script output, showing what triggered the vulnerability alert.  Sometimes this isn't particularly useful, and sometimes it is VERY useful.  If the output contains a filename and/or a version number, then you will have some idea of what MVM thinks it sees and what it thinks needs to get fixed.  That might give you an idea of what to try next.

           

          j.

          1 of 1 people found this helpful
          • 2. Re: MS06-070

            Dear Jldnunn,

             

            I try enable/dis FASL script in registry to test MS06-070 vulnerability but Report still warning high risk this one for windows 2003 servers. Althrough, it just only affects for windows 2000 server, following from microsoft

            • 3. Re: MS06-070

              Hi,

               

              McAfee has 2 scripts for MS06-070.  Intrusive and Non-intrusive.  The Non-Intrusive script checks for a vulnerable version of a .dll by using credentials, and the Intrusive script likely tries the exploit.

               

              Which script is flagging you as Vulnerable.  The existence of an affected .dll makes you by definition vulnerable.

               

              -Cathy

              1 of 1 people found this helpful