Jason Haar wrote: > Ron Gula wrote: >> Did you confirm which version of Symantec AV is running on the computer? >> What did plugin 16193 say? It's possible an odler version of Symantec is >> there, but a different AV is running just as well. >> >> > > The remote host has the Symantec Antivirus Corporate installed. It has > been fingerprinted as : > > Symantec Antivirus Corporate 10.1.0.394 > DAT version : 20080825 > > > Your link to > http://www.symantec.com/avcenter/security/Content/2006.05.25.html told > me I had to look at the non-English link (sigh! Why do these people have > separate products for different languages! [I know, I know...]) and that > says the host is indeed running a vulnerable version. > > So nessus was right - but 16193 was still wrong. Shouldn't it check the > engine number?
Plugin 16193 just checks to see if your system has an antivirus product installed, if it is running (it might be installed but disabled) and if the signatures are up to date. It does not check if the actual anti-virus software is vulnerable. Many other plugins check for those types of issues. Ron Gula Tenable Network Security _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
