msrpc_dcom.nasl falsely reports HP-SUX machines as being vulnerable to the MS03-026
vulnerability. Following patch appears to correct this by adding the stub value to the
"ignore list".
--- msrpc_dcom.old 2003-07-30 14:30:12.000000000 +0100
+++ msrpc_dcom.nasl 2003-08-06 11:12:31.000000000 +0100
@@ -73,6 +73,7 @@
chk[0] = raw_string (0x00,0x04,0x00,0x08);
chk[1] = raw_string (0x00,0x05,0x00,0x07);
+chk[2] = raw_string (0x00,0x00,0x20,0x00);
report = "";
@@ -100,7 +101,7 @@
display('len = ', len, '\n');
display('stub = ', hexstr(stub), '\n');
}
- if ((stub >!< chk[0]) && (stub >!< chk[1]))
+ if ((stub >!< chk[0]) && (stub >!< chk[1]) && (stub >!< chk[2]))
{
if (debug) display("Warning: Vulnerable MSRPC host found!\n");
security_hole(port:port);
