psexec vulnerabilty on linux server

Started by exzR, July 04, 2014, 12:34:01 PM

Previous topic - Next topic

exzR

hi,
i'm searching vulnerability on my own network, after scan i can see my linux server (debian 7 64bit) has a medium vulnerability MS Windows smb guest account local user acess. i'm trying to access using this vulnerability psexec but it's for windows... i understand that my linux server has a smb service for sharing directory with windows client but i don't understand why has a windows vulnerability seeing psexec exploit doesn't work beacuse it's for windows

i hope you can undestand my question... sorry for my bad english

b4d_bl0ck

Hi exzR,
if the exploit is for windows you obviously can't use it to compromise a linux box.
You didn't tell which vulnerability scanner you used, nor the vulnerability found (CVE or other identifiers), nor the exploit you are trying to run and from which database/source.
Maybe it's just a false positive, maybe it's fixed, or you just need some additional (from scratch) work to do if the exploit is not available for linux.
Most of the times tools just give you an hint. Then you need more researches to do on your own.

Have fun.
Bye!
bool secure = check_paranoia() ? true : false;

exzR

hi, my mistake i'm sorry.... i used nessus (last release) for the scan and i have found this vuln "Ms windows smb guest account local user access" CVE "1999-0505" on port 445 tpc on my server. i have tried to link with windows/smb/psexec to use msf microsoft windows authenticated user code execution

after your response i'm supposing that is a false positive

(sorry for my bad english :()

b4d_bl0ck

exzR,
as you can see, CVE 1999-0505 is a fifteen years old windows vulnerability... I strongly doubt you will find such a vulnerable system around these days (even more a Debian one ;D ). Well, unless you have a purposely vulnerable machine.

Bye!
bool secure = check_paranoia() ? true : false;

exzR

thanks for reply... i know but my server is not a debian standard installation is a for from the industry that created this server... so i suppose that can has an old vuln..

:)