Zotob, MS05-039 and Internal Pen Testing

This is a very nice summary for the recent remote vulnerability. The remote vulnerability is very timely as I am out onsite next week doing an Internal Attack and Penetration assessment just need a good command line scanner for detecting unpatched systems.

I am sure that I will find at least a few devices vulnerable unless there aren't any W2K machines (which would surprise me). Eeye and Foundstone both have released GUI scanners but would prefer a command line.


http://singe.rucus.net/blog/