seems to me there are a lot of false posititives....I am still proving to my security people that I installed the required Oracle patches that plugin 18034 checks for....In our case it seems that the code isn't smart enough to determine if the patch was applied. It only looks at the version number for the database....and the patches don't change the version number, so possibly your false positive is similar.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Miles B.L. Sent: Tuesday, June 28, 2005 8:52 AM To: [email protected] Subject: Problem with plugin 18502 reporting Windows SMB flaw Hello, I recently scanned a windows 2003 server (SP1) with Nessus and it reported it was vulnerable to the Server Message Block (SMB) implementation flaw as described in MS05-027 and tested for by plugin 18502. On checking with the system adminstrator, he confirmed the system had the patch (896422) described in MS05-027 applied and that the Mircrosoft Baseline security analyser confirmed the system was not vulnerable. My conclusion - either the patch doesn't resolve the vulnerability (unlikely) or the plugin has reported a false positive for some reason (more likely)? Has anyone else come across this problem? How do we report this to someone to check and fix? Thanks, Brevan Miles Information and Systems Security Co-ordinator, Information Systems Services, The University of Southampton, _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
