偵測

安全開機中的 Windows 安全性功能繞過 (BootHole)

high Nessus Plugin ID 139239

語言:

版本 1.153

Jul 22, 2025, 3:24 AM

  • Detection (Turn off failover to NTLM if 'only_use_kerberos' is set.)

Plugin Feed: 202507220324

版本 1.151

Jul 10, 2025, 5:41 PM

  • Logic Changes (Windows CA support)

Plugin Feed: 202507101741

版本 1.150

Jun 27, 2025, 8:01 PM

  • Logic Changes

Plugin Feed: 202506272001

版本 1.149

Jun 23, 2025, 9:47 PM

  • Logic Changes

Plugin Feed: 202506232147

版本 1.148

Jun 16, 2025, 4:11 PM

  • Logic Changes (Validate X509 certificates against CA's CRL in preference to OCSP.)

Plugin Feed: 202506161611

版本 1.146

Apr 18, 2025, 9:45 PM

  • CVE (added CVE-2022-34301, CVE-2022-34302, CVE-2022-34303)

Plugin Feed: 202504182145

版本 1.145

Mar 31, 2025, 5:13 PM

  • Detection (Improvements to OS detection results. adding remote detection support for SEoL plugins)

Plugin Feed: 202503311713

版本 1.143

Feb 12, 2025, 3:29 PM

  • Logic Changes

Plugin Feed: 202502121529

版本 1.142

Feb 12, 2025, 1:58 AM

  • Logic Changes

Plugin Feed: 202502120158

版本 1.141

Feb 10, 2025, 4:00 PM

  • Logic Changes

Plugin Feed: 202502101600

版本 1.138

Jan 15, 2025, 1:31 AM

  • Logic Changes (Structured vuln reporting for MS Rollups)

Plugin Feed: 202501150131

版本 1.137

Jan 13, 2025, 10:27 PM

  • New

Plugin Feed: 202501132227

版本 1.133

Nov 22, 2024, 6:54 PM

  • Logic Changes (Fixed installation reporting)

Plugin Feed: 202411221854

版本 1.132

Nov 12, 2024, 8:29 PM

  • Logic Changes (Adding installs report)

Plugin Feed: 202411122029

版本 1.131

Nov 4, 2024, 6:02 PM

  • Plugin requirements

Plugin Feed: 202411041802

版本 1.130

Oct 10, 2024, 11:57 PM

  • New

Plugin Feed: 202410102357

版本 1.129

Sep 3, 2024, 11:47 PM

  • Logic Changes (additional data collection for runtime scanning. fixed logic bug causing potential false negatives. fixed logic bug causing potential false positives. fixed logic bug with potential to break cyberark logins)

Plugin Feed: 202409032347

版本 1.127

Aug 14, 2024, 8:33 PM

  • Logic Changes (Endianness fix in Kerberos authentication for SCAP scanning)

Plugin Feed: 202408142033

版本 1.126

Aug 6, 2024, 4:43 PM

  • Detection (Fix to allow Nessus Agent audits to query security settings registry key default values.)

Plugin Feed: 202408061643

版本 1.122

Jul 17, 2024, 11:02 PM

  • Logic Changes

Plugin Feed: 202407172302

版本 1.120

Jun 12, 2024, 4:30 PM

  • Logic Changes (Prefer replace_kb_item in debug KBs to prevent unintentional duplication/forking)

Plugin Feed: 202406121630

版本 1.119

May 20, 2024, 10:13 AM

  • Logic Changes

Plugin Feed: 202405201013

版本 1.113

Mar 19, 2024, 6:40 PM

  • Logic Changes (Improving logging to reduce disk space usage)

Plugin Feed: 202403191840

版本 1.112

Mar 5, 2024, 2:40 PM

  • Detection (improved file verification for Windows Agents)

Plugin Feed: 202403051440

版本 1.111

Mar 5, 2024, 1:15 AM

  • Logic Changes (Report structured data for Microsoft Exchange checks.. Report structured data for RPM version checks.)

Plugin Feed: 202403050115

版本 1.110

Feb 27, 2024, 4:10 PM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202402271610

版本 1.109

Feb 27, 2024, 1:50 PM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202402271350

版本 1.105

Jan 16, 2024, 8:55 PM

  • Logic Changes (Improving debug logging)

Plugin Feed: 202401162055

版本 1.104

Jan 16, 2024, 5:39 PM

  • Detection (Support privacy mode DCOM over Kerberos)
  • Logic Changes (Improving debug logging)

Plugin Feed: 202401161739

版本 1.103

Nov 14, 2023, 4:21 PM

  • Detection (Support SHA2 based encryption for Kerberos)

Plugin Feed: 202311141621

版本 1.101

Sep 26, 2023, 8:16 PM

  • Logic Changes

Plugin Feed: 202309262016

版本 1.100

Jul 17, 2023, 5:15 PM

  • Logic Changes (Make torture_cgi library PCP clean and consolidate utf16_to_ascii())

Plugin Feed: 202307171715

版本 1.99

Jul 10, 2023, 7:11 PM

  • Logic Changes (Restrict ClientHello ciphersuites by encapsulation)

Plugin Feed: 202307101911

版本 1.98

Jul 6, 2023, 8:06 PM

  • Detection (added older dbx signatures, timestamp check and a check for KB5012170)

Plugin Feed: 202307062006

版本 1.97

Jun 20, 2023, 9:07 PM

  • Logic Changes (Temporarily limit debug logging)

Plugin Feed: 202306202107

版本 1.96

Jun 9, 2023, 12:10 AM

  • Logic Changes (Fix two function returns)

Plugin Feed: 202306090010

版本 1.95

Jun 1, 2023, 5:27 AM

  • Logic Changes (Better logging)

Plugin Feed: 202306010527

版本 1.94

May 16, 2023, 7:02 PM

  • Detection (Authenticate WMI/DCOM using Kerberos credentials.)

Plugin Feed: 202305161902

版本 1.92

May 1, 2023, 9:07 PM

  • Detection (Make and use compatibility wrapper for running commands on scanner localhost to handle deprecation of pread().)

Plugin Feed: 202305012107

版本 1.89

Apr 17, 2023, 8:04 PM

  • Detection (adding march 2023 DBX signatures)

Plugin Feed: 202304172004

版本 1.88

Apr 6, 2023, 6:58 PM

  • Detection (Add Kerberos debug logging)

Plugin Feed: 202304061858

版本 1.86

Mar 8, 2023, 1:05 AM

  • Logic Changes

Plugin Feed: 202303080105

* Changelogs are generally available for changes made after Nov 1, 2022