seems to me there are a lot of false posititives....I am still proving
to my security people that I installed the required Oracle patches that
plugin 18034 checks for....In our case it seems that the code isn't
smart enough to determine if the patch was applied. It only looks at the
version number for the database....and the patches don't change the
version number, so possibly your false positive is similar.
-----Original Message-----
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org]On Behalf Of Miles B.L.
Sent: Tuesday, June 28, 2005 8:52 AM
To: nessus@list.nessus.org
Subject: Problem with plugin 18502 reporting Windows SMB flaw
Hello,
I recently scanned a windows 2003 server (SP1) with Nessus and it
reported it was vulnerable to the Server Message
Block (SMB) implementation flaw as described in MS05-027 and tested for
by plugin 18502.
On checking with the system adminstrator, he confirmed the system had
the patch (896422) described in MS05-027 applied and that the Mircrosoft
Baseline security analyser confirmed the system was not vulnerable.
My conclusion - either the patch doesn't resolve the vulnerability
(unlikely) or the plugin has reported a false positive for some reason
(more likely)?
Has anyone else come across this problem?
How do we report this to someone to check and fix?
Thanks,
Brevan Miles
Information and Systems Security Co-ordinator,
Information Systems Services,
The University of Southampton,
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
