| VID |
27095 |
| Severity |
30 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
The "Allow Anonymous SID / Name Translation" policy is set to "Enable" on the remote Windows server. If this policy is set to ¡°Enable¡±, a user with local access can use the well-known Administrator SID to get the real name of the Administrator account and run a password guessing attack.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
- Start / Run / SECPOL.MSC / Local Policies / Security Options
- Set the ¡°Network Access: Allow Anonymous SID / Name Translation¡± policy to ¡°Disabled¡± |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
