AnsweredAssumed Answered

"Null Session Variable" vulnerability  Remediation

Question asked by prasad kalluri on Feb 15, 2018
Latest reply on Feb 15, 2018 by Shyam Raj

I am a Windows Engineer supporting 5000+ windows servers. At the end of last year, there was a vulnerability "Null Session Accessible" reported by Microsoft. This vulnerability doesn't show up in Qualys scans because of which there doesn't seem to be any definitive solution. The vulnerability seems to address Null sessions. My question is how do we detect this in a server OS -- 2008R2, 2012r2 OR 2016. If the detection finds it, how do I remediate ?

Outcomes