cve-2019-1040-scanner False negative result when SMB signing enabled

False negative result when SMB signing enabled

Open mpgn opened this issue 4 years ago • 1 comments

When SMB signing is enabled, the test doesn't work properly. I have a Windows server vulnerable to CVE-2019-1040 but the scanner says it's not. But if I disabled smb signing (Not required), the magic happens, the server is now vulnerable.

Example when SMB signing is enabled (Required):

Example when SMB signing is disabled (Not required), same target is now vulnerable

Apr 30 '20 15:04 mpgn

Hi, I think I have fixed this issue, and it works in my environment, plz check it. If it works in your environment too, i will make a PR

Oct 09 '20 03:10 Dliv3

cve-2019-1040-scanner cve-2019-1040-scanner copied to clipboard

False negative result when SMB signing enabled

cve-2019-1040-scanner
cve-2019-1040-scanner copied to clipboard