Danny Mallory wrote: > The script looks like it calls security_warning if the file does match > the parameter version. When we check on the box the file version was > exactly what was in the parameter list. Note the security_warning at the > end of the parameter list test. I would think that each parameter in the > list would call an exit but doesn't. >
That's not how it works. hotfix_is_vulnerable (os:"5.2", sp:0, file:"Tapisrv.dll", version:"5.2.3790.366", dir:"\system32") this function will return 1 (vulnerable) if : 1) the os is Windows 2003 (5.2) 2) the service pack is 0 (no service pack) 3) it can reads the file "Tapisrv.dll" in the path %systemroot%\system32 4) the file version is inferior to 5.2.3790.366. Could you do a scan by enabling only this plugin, "enable kb saving", and "enable dependencies and send me the KB so I can check why it does not work as expected ? Thanks, Nicolas _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
