Folks,
We have a few SQL servers here, all protected behind firewalls,
so they were no problem to us or anyone else. However, we've been
running nessus against them to find out if they need to be patched.
Well, the various nessus scripts showed that *all* the machines
were vulnerable, when, in fact, they were not. Is there some
definitive way to check?
If you mean that previously patched machines showed up as vulnerable I believe Renaud said there was a change made to the plugin after its initial release - make sure that you have the most up to date one.
On Mon, Jan 27, 2003 at 03:31:38PM -0000, Hemsley, Trevor wrote: > I downloaded the new mssql_version.nasl this morning. I had to hack it around a little to make it work on 1.0.10 which is the version I am still running. However, it appears to have a flaw - not so much in the script itself, more the fact that it appears that all versions of SQL Server 2000 return a version string of 8.00.194 in response to the SQL ping. Even those that the admins swear blind are patched with SP3.This is now patched - do /usr/local/sbin/nessus-update-plugins to get the new plugin.
