I didn't see anyone respond to this question. Is this an issue or normal
behavior. It seems like several of the plugins are written similar to
this and may be generating a lot of false positives.
Danny Mallory wrote:
Have version 1.7 of this plugin. In section that checks Tapisrv.dll
file version is triggering a security_warning. Should this just exit
if it matches or is this saying that this particular version of the
file is vulnerable?
if ( hotfix_is_vulnerable (os:"5.2", sp:0, file:"Tapisrv.dll",
version:"5.2.3790.366", dir:"\system32") ||
hotfix_is_vulnerable (os:"5.2", sp:1, file:"Tapisrv.dll",
version:"5.2.3790.2483", dir:"\system32") ||
hotfix_is_vulnerable (os:"5.1", sp:1, file:"Tapisrv.dll",
version:"5.1.2600.1715", dir:"\system32") ||
hotfix_is_vulnerable (os:"5.1", sp:2, file:"Tapisrv.dll",
version:"5.1.2600.2716", dir:"\system32") ||
hotfix_is_vulnerable (os:"5.0", sp:4, file:"Tapisrv.dll",
version:"5.0.2195.7057", dir:"\system32") )
security_warning (get_kb_item("SMB/transport"));
hotfix_check_fversion_end();
exit (0);
}
else if ( hotfix_missing(name:"893756") > 0 )
security_warning(get_kb_item("SMB/transport"));
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
