sorry to reply to my own message but I have found a little more info.
in solaris.inc we have the following :
function solaris_check_patch(release, arch, patch, package, obsoleted_by)
notice package, then obsoleted_by.
In the nasl for solaris9_110938.nasl there is :
e = solaris_check_patch(release:"5.9", arch:"sparc", patch:"110938-22",
obsoleted_by:"", package:"SUNWed SUNWedag SUNWedagx SUNWedcom SUNWesae
SUNWesaem SUNWesagt SUNWesamn SUNWesasc SUNWescaa SUNWescam SUNWescix
SUNWescli SUNWesclt SUNWescom SUNWescon SUNWesdb SUNWesjp SUNWesjrm
SUNWesmcp SUNWesmod SUNWesmsg SUNWesora SUNWessa SUNWessdk SUNWessmn
SUNWessrv SUNWessta SUNWessts SUNWessvc SUNWesweb SUNWeswga SUNWeswgs
SUNWmeta SUNWsycfd");
basically it has obsoleted_by , then package.
This would be a problem right ? Or am I looking in the wrong areas ?
I updated to 3.0.5 to make sure and updated my pluginsmanually.
On 2/1/07, Zate Berg <zate75@gmail.com> wrote:
Hi All,
i am having a few issues with regards to false positives, and false
negatives with the Solaris Local Checks.
Specifically the nessus scan is finding missing patches for patches that
are not even installed, let alone at the wrong revision level.
For instance, it is telling me that Patch # 110938 is missing. that patch
is not installed on this machine (confirmed with showrev -p) and the patch
is for
http://sunsolve.sun.com/search/document.do?assetkey=1-21-110938-22-1 which
is Sun Management Center 3.0, not installed on this server.
I am also seeing it report things like 112904-08 missing, but this is
obsoleted by an installed patch, 112233-12.
What should I be doing to find out why this is occuring ? Is there more
detailed logging I can be doing to find out exactly why nessus is missing
these or thinking they are installed ?
Thanks
--
Zate
--
Zate
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
