Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, August 2, 2018 7:48 AM
Dear Sir, Madam,
I am scanning some Windows Server 2012 r2 by using OpenVAS in the same network. The following vulnerability found in the result:
DCE/RPC and MSRPC Services Enumeration Reporting
Distributed Computing Environment / Remote Procedure Calls (DCE/RPC) or MSRPC services running on the remote host can be enumerated by connecting on port 135 and doing the appropriate queries.
I would like to ask if I can fix the vulnerability, or just ignore it because it is an internal scan and we cannot fix it?
Thank you for your help.
Regards,
Dennis
All replies (2)
Friday, August 10, 2018 4:17 AM
Execute me, anyone can help me?
Thank you for your kind attention.
Friday, August 10, 2018 9:49 AM
Hello,
Regarding this point it seems to be a false positive according to this blog (Not hosted on a Microsoft Website) :
https://www.alienvault.com/forums/discussion/4777/dce-services-enumeration
Maybe this vulnerability is corrected with the security baseline for Windows Server 2012 r2, I think you should try to apply the security baseline on one 2012 r2 system and run your scan on this machine to this if it is solved :
/en-us/windows/security/threat-protection/windows-security-baselines
Best Regards,