Hi, On 18.07.2017 21:16, Matt Koivisto wrote: > Hi, > > I am running openvas-9 on centos 7, all the feeds up to date. I have > seen some windows 7 hosts with SP1 installed and fully patched that are > being detected as windows 8 machines and thus get flagged as “OS End of > Life Detection” (http://plugins.openvas.org/nasl.php?oid=103674). > > Specifically, for verified windows 7 machines I get the false positive: > >> The "Windows 8" Operating System on the remote host has reached the > end of life. > >> CPE: cpe:/o:microsoft:windows_8 > >> Installed version: > >> EOL date: 2016-01-12 > >> EOL info: > https://support.microsoft.com/en-us/lifecycle/search?sort=PN&alpha=Windows%208&Filter=FilterNO > > Is anyone else seeing this on their network as well? Any suggestions? > > I tried to trace through a bit to verify what’s coming back from the > remote registry using openvas-nasl directly, but without any success.
thanks for your report. Could you post the output of the following NVT: OS Detection Consolidation and Reporting (OID: 1.3.6.1.4.1.25623.1.0.105937) This might give more info where the Windows 8 detection is coming from. Regards, -- Christian Fischer | PGP Key: 0x54F3CE5B76C597AD Greenbone Networks GmbH | http://greenbone.net Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
