Microsoft Windows Alerter Service Social Engineering Weakness

high Nessus Plugin ID 10457

Synopsis

The remote service allows users to send pop-up messages to each other.

Description

The alerter service is running. This service allows NT users to send pop-up messages to each other.

This service can be abused by an attacker who can trick valid users into doing some actions that may harm their accounts or your network (social engineering attack)

Solution

Disable this service.

How to disable this service under NT 4 :
- open the 'Services' control panel
- select the 'Alerter' service, and click 'Stop'
- click on 'Startup...' and change to radio button of the field 'Startup Type' from 'Automatic' to 'Disabled'

Under Windows 2000 :
- open the 'Administration tools' control panel
- open the 'Services' item in it
- double click on the 'Alerter' service
- click on 'stop'
- change the drop-down menu value from the field 'Startup Type' from 'Automatic' to 'Disabled'

Plugin Details

Severity: High

ID: 10457

File Name: smb_svc_alerter.nasl

Version: 1.18

Type: local

Agent: windows

Family: Windows

Published: 7/3/2000

Updated: 8/13/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: SMB/svcs

Vulnerability Publication Date: 1/1/1998

Reference Information

CVE: CVE-1999-0630

Detections

Analytics