[Full-disclosure] EEYE: Free scanning tool for critical MS06-040 flaw



Hey guys, wanted to let you know that we have released a free
vulnerability assessment tool for the critical, and potentially
wormable, MS06-040 vulnerability. This free tool can be used to scan
networks for any potentially vulnerable machines. This tool does not
require administrator access to machines so it will give IT
administrators a real-world perspective on where their network stands
against this attack regardless of what they think they have or have not
patched yet.

http://www.eeye.com/html/resources/downloads/audits/NetApi.html

As always if there are any bugs you experience or questions/comments
feel free to send them to skunkworks@xxxxxxxx and your hostess will be
by shortly to take your order.

Signed,
Marc Maiffret
Co-Founder/CTO
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9329
http://eEye.com/Blink - End-Point Vulnerability Prevention
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • [NT] CitectSCADA ODBC Service Vulnerability
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... are distributed in over 80 countries through a network of more than 500 ... A vulnerability was found in CitectSCADA that could allow a remote ...
    (Securiteam)
  • Re: Biometrics
    ... within a network for internal safety reasons and potentially to act as ... source code that is flexible enough to offer external security, ... Chris's distinction between the Internet and "a network" (presumably ... You quote a specific vulnerability below, about DNS, and you then make ...
    (microsoft.public.security)
  • RE: Pentesting vs VA - was Pentesting tool - Commercial
    ... How safe is it to outsource network management to an MSP, ... use site-to-site tunnels, SSL and SNMP V2? ... both vulnerability assessment and penetration testing. ... buy it or download a solution FREE today! ...
    (Pen-Test)
  • RE: MS05-039 Scanner
    ... Retina is able to detect the patch as missing, as Shavlik ... and MBSA do, but we also are ... vulnerable systems on a Class B network because really who has ... they cant truly give you a view of vulnerability within your Class B ...
    (Pen-Test)
  • CERT Advisory CA-2002-12 Format String Vulnerability in ISC DHCPD
    ... The Internet Software Consortium provides a Dynamic Host ... have not seen active scanning or exploitation of this vulnerability. ... NSUPDATE allows the DHCP ... significant impact on your normal network operations. ...
    (Cert)