Hi all, Two students here (Keith Bessette and Lina Pezzella) have made changes to plugin #11808, msrpc_dcom.nasl, to make it more accurate when scanning for the vulnerability, especially when scanning Windows 95/98/ME computers (which the previous version had incorrectly returned as "vulnerable"). It is now roughly as accurate as v1.04 of EEye's free version of their Retina MS-RPC scanner.
The changed plugin is available through nessus-update-plugins. If anyone has any comments or critiques on the method they used send them my way and we will look into it. If you were relying on the previous version of this plugin to find vulnerable hosts we recommend you update and re-run your scan, especially if you have Windows 95/98/ME in your environment. Good luck, Phil ======================================= Philip A. Rodrigues Network Analyst, UITS University of Connecticut email: [EMAIL PROTECTED] phone: 860.486.3743 fax: 860.486.6580 web: http://www.security.uconn.edu =======================================
