Hi. Running OV8 on Ubuntu from M.Ravazi PPA, and everything seems to work well, but there are definitely some CVE’s that are definitely a problem on the Windows SBS2011 server, but are not being picked up on Openvas.
The Specifics are that CVE-2014-1812 requires the gppref.dll to be between 6.1.7601.22000 -> 22604 ( for server 2008 R2) which is what SBS2011 is built on. The Actual file version or gppref.dll on the machine is 6.1.7601.17514 ( ie should be reporting this as a problem) My Scan config is Network Vulnerability Test Families : Windows : all selected Windows : Microsoft Bulletins : all selected, and 'Microsoft Group Policy Preferences Privilege Elevation Vulnerability (2962486)' is located in this list. This is an authenticated scan with a valid domain account, and the 'Login configurations' - NTLMSSP - yes The Actual reported operating system version is OS Name: Microsoft Windows® Small Business Server 2011 Standard OS Version: 6.1.7601 Service Pack 1 Build 7601 Does anyone have any thoughts as to why this is not being picked up, or is there something I have not selected ? Many Thanks Chris --------------------------------------------------------------------- RFEL : SIGNAL PROCESSING IQ : FPGA EXPERTISE Chris Bridges , Head of IT & Engineering Support , DDI +44 (0)1983 216631 M +44 (0)7776 234533 RFEL Ltd, Unit B, The Apex, St Cross Business Park, Newport, Isle of Wight, PO30 5XW,UK T +44 1983 216600 F +44 1983 216611 E [email protected] W www.rfel.com --------------------------------------------------------------------- Company No : 2389307 : This e-mail is for the intended addressee only. If you have received it in error then you must not use, retain, disseminate or otherwise deal with it. Please notify the sender by return email and then delete the e-mail. The views of the author may not necessarily constitute the views of RFEL Ltd. _____________________________________________ This email has been scanned by the MessageLabs _____________________________________________ _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
