Hi,
I have a question regarding the use of Nessus for patch checking on Windows
64bit systems with credentials. Having tried this I've discovered that Nessus
does an architecture check to determine if the target systems are 32bit and
silently fails to run any of the patch checking plugins if the architecture is
not x86. (Note: The Nessus scanner is not being run from the target).
The architecture check happens on lines 261-279 in smb_hotfixes.nasl:
# Make sure it is a 32bits system
arch = '';
key_h = RegOpenKey(handle:handle,
key:"SYSTEM\CurrentControlSet\Control\Session Manager\Environment",
mode:MAXIMUM_ALLOWED);
if (!isnull(key_h))
{
item = RegQueryValue(handle:key_h, item:"PROCESSOR_ARCHITECTURE");
if (!isnull(item))
arch = item[1];
RegCloseKey(handle:key_h);
}
if ("x86" >!< arch && vers !~ "^[6-9]\." )
{
RegCloseKey(handle:handle);
NetUseDel();
exit(1);
}
And the remaining patch checking plugins all fail to run with the following
message:
Not launching smb_nt_ms05-040.nasl against 207.169.232.113 because the
key SMB/Registry/Enumerated is missing (this is not an error)
On disabling the architecture check everything appears to work fine.
My question(s) is this:
What code is the architecture test protecting?
Is there something used by the patch checking plugins that does not run
correctly or gives incorrect responses if run against a 64bit system?
Can Nessus be safe and reliable when used for patch checking against 64bit
Windows targets?
Any response gratefully received,
Regards,
Ian
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
