For example Add/Remove patches shows this patch installed on the
workstation:
Windowsxp-kb893066
Nessus reported this vulnerability:
Synopsis :
Arbitrary code can be executed on the remote host due to a flaw in the
TCP/IP stack.
Description :
The remote host runs a version of Windows which has a flaw in its TCP/IP
stack.
The flaw may allow an attacker to execute arbitrary code with SYSTEM
privileges on the remote host, or to perform a denial of service attack
against the remote host.
Proof of concept code is available to perform a Denial of Service against
a vulnerable system.
Solution :
Microsoft has released a set of patches for Windows 2000, XP and 2003 :
http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx
Risk factor :
High / CVSS Base Score : 9
(AV:R/AC:L/Au:NR/C:P/A:C/I:P/B:A)
CVE : CVE-2005-0048, CVE-2004-0790, CVE-2004-1060, CVE-2004-0230,
CVE-2005-0688
BID : 13124, 13116
Other references : IAVA:2005-B-0011, IAVA:2005-B-0012
Nessus ID : 18023
If our patching process is not working correctly I want to notify
operations, however, I want to be sure that this is not a false-positive.
Thanks!
From: Renaud Deraison <[EMAIL PROTECTED]>
To: Nessus List <[email protected]>
Subject: Re: Nessus reports patches as missing
Date: Fri, 22 Sep 2006 10:06:15 -0400
On Sep 22, 2006, at 9:26 AM, Gus Fritschie wrote:
We ran Nessus with local Administrator rights on a Windows XP SP1 system.
It reports several patches as missing. When looking at add/remove
programs the patch appears to be installed. Is this a false-positive?
The patches are pushed out using Patchlink.
Which patches are showing up exactly ?
-- Renaud
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
