Did you remove the old java versions? Java is happy to keep multiple
versions installed.
Tim Doty
-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org]
On Behalf Of Max Andersen
Sent: Thursday, April 19, 2007 2:07 PM
To: nessus@list.nessus.org List
Subject: Plugin ID 16226 (java)
Hi all,
I've just updated several windows-machines with the latest java, and nessus
reports it to be very old and shameful :) Any ideas on why it is so?
----------------------------------
Plugin ID: 16226
Nessus (with latest plugins) reports vulnerability:
Solution: Upgrade to JRE 1.4.2_06 or 1.3.1_13 Risk factor : High BID : 12317
Nessus ID : 16226
The nessusd version is:
[root@xxxxx ~]# /opt/nessus/sbin/nessusd -v nessusd (Nessus) 3.0.5. [build
258] for Linux
(C) 1998 - 2007 Tenable Network Security, Inc.
And the java version on the windows host is reported to be:
C:\Documents and Settings\xxxxx>java -version java version "1.6.0_01"
Java(TM) SE Runtime Environment (build 1.6.0_01-b06) Java HotSpot(TM) Client
VM (build 1.6.0_01-b06, mixed mode, sharing)
nessusd.messages shows the server being scanned.
The logs show it being launched(can't see exact time, but gues it's the
latest due to timestamp equal finished scan time in nessusd.messages):
[root@nessus logs]# cat
/opt/nessus//var/nessus/users/user/kbs/servername | grep 16226
1177005471 3 Success/16226=1
1177005471 3 Launched/16226=1
Any bids on what makes this Plugin report false data? I have provided smb
login for the host and everything else (I know of) works fine. I don't knoiw
if the latest patches from microsoft has plugins to identify them yet, but
none of them showed up on the scans performed. And last I checked I did have
subscription :)
Any help will be greatly appreciated.
Sincerely
Max
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
