Hi guys, after a scan on many win2000 SP4 servers I get many missing patches form 2006. the account used to scan is local admin on the server. I manualy verified that the file version is exactly the one that the update from microsoft list. for example:
Nessus ID 21692 check for mrxsmb.sys version the file version on the server is 5.0.2195.7097 but the server is reported as being vulnerable Nessus ID 20389 check for fontsub.dll version the file version on the server is 5.0.2195.7071 but the server is reported as being vulnerable Nessus ID 20382 check for gdi32.dll version the file version on the server is 5.0.2195.7073 but the server is reported as being vulnerable Nessus ID 22182 check for netapi32.dll version the file version on the server is 5.0.2195.7108 but the server is reported as being vulnerable this one I see why it's reported. The ms update list it as 5.0.2195.7105 Nessus ID 22192 check for hlink.dll version the file version on the server is 5.2.3790.2748 but the server is reported as being vulnerable Nessus ID 21694 check for tcpip.sys version the file version on the server is 5.0.2195.7087 but the server is reported as being vulnerable Nessus ID 22183 check for dnsapi.dll version the file version on the server is 5.0.2195.7100 but the server is reported as being vulnerable Nessus ID 18215 check for webvw.dll version the file version on the server is 5.0.3900.7069 as per ms05-49 http://www.microsoft.com/technet/security/Bulletin/MS05-049.mspx any sugestions on what I should try ? Thanks Mihai Petre
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
