Re: Plugin Dependency Not Working...

On Thu, Jan 11, 2007 at 08:33:47PM -0500, Lad, Amit wrote:

> Althought Microsoft categorized MS07-004 as a CRITICAL (High Priority), 
> Nessus Plugin ID 24000 only detects it as a Medium Warning.  

We use CVSS base scores as a measure of risk; Microsoft uses its own 
system. And sometimes there will be discrepancies.

That said, we score vulnerabilities initially by ourselves and then sync 
with those reported in NIST's National Vulnerability Database, 
http://nvd.nist.gov/nvd.cfm. As part of today's sync, the score on the 
plugin has been updated to High.

> According to the nessusd logs, the scan was successful and there were no 
> errors.  

First, make sure that nessusd is logging the whole attack (ie, 
"log_whole_attack = yes" in nessusd.conf). Then, look in the 
nessusd.messages log file for lines involving smb_nt_ms07-004.nasl.

> I am just trying to look for causes in which my Nessus client would skip 
> looking at the plugins, maybe because of authentication (which i 
> double-checked), or some other dependency...

Are you doing anything with KB saving that would prevent the plugin from 
running?

George
--
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus