Checks if a Microsoft Windows 2000 system is vulnerable to a crash in regsvc caused by a null pointer dereference. This check will crash the service if it is vulnerable and requires a guest account or higher to work.
The vulnerability was discovered by Ron Bowes while working on
was reported to Microsoft (Case #MSRC8742).
This check was previously part of smb-check-vulns.
smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusernameSee the documentation for the smbauth library.
randomseed, smbbasic, smbport, smbsignSee the documentation for the smb library.
vulns.short, vulns.showallSee the documentation for the vulns library.
nmap --script smb-vuln-regsvc-dos.nse -p445 <host> nmap -sU --script smb-vuln-regsvc-dos.nse -p U:137,T:139 <host>
| smb-vuln-regsvc-dos: | VULNERABLE: | Service regsvc in Microsoft Windows systems vulnerable to denial of service | State: VULNERABLE | The service regsvc in Microsoft Windows 2000 systems is vulnerable to denial of service caused by a null deference | pointer. This script will crash the service if it is vulnerable. This vulnerability was discovered by Ron Bowes | while working on smb-enum-sessions. |_
License: Same as Nmap--See https://nmap.org/book/man-legal.html