I think I may have found a false positive condition in plugin 25371 (FLEXnet Connect DWUpdateService ActiveX Control Buffer Overflow Vulnerability). This vulnerability, according to all of the documentation I've found, is fixed with the Update agent version 6.0.100.65101, but there is no agent version checking performed in the Plugin. There are two other FLEXnet connect plugins that do perform the version checking (Plugin IDs 27599 and 24712). Can anyone confirm that this is indeed a flase positive for systems with agent version 6.0.100.65101?
Thanks, Andrew Brannan, CISSP USDA OCIO/ITS/IDB/IOLab Infrastructure Deployment Branch - IO Lab 5601 Sunnyside Avenue Rm 2-1174B Beltsville, Maryland 20705-5740 301-504-4173 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
