Hi team,
i got false positive using plugin secpod_ms_windows_sp_mult_vuln, on
Win2012 Server.
On Win2012 Server :
Register 'SMB/Windows/ServicePack' value is '0'
because there is no Service pack available for Windows Server 2012
(6.2), Windows Server 2012 R2 (6.3), Windows 8 (6.2),Windows 8.1(6.3).
This is not a lack of security, MS prefer using "Update Rollup" now.
Here is my suggested modification :
--- secpod_ms_windows_sp_mult_vuln.nasl.old 2014-07-22
08:25:04.832955947 +0200
+++ secpod_ms_windows_sp_mult_vuln.nasl 2014-07-22 08:25:41.657250718
+0200
@@ -103,11 +103,18 @@
}
## Check if service pack is installed or not
-No_SP = get_kb_item("SMB/Windows/ServicePack");
+## and Windows version < 6.2 : Instead of ServicePacks, MS are
releasing
+## an "Update Rollup" on a regular basis since Windows 2012 server
(6.2)
+
+No_SP = get_kb_item("SMB/Windows/ServicePack");
+Winver = get_kb_item("SMB/WindowsVersion");
if(No_SP == "0")
{
- security_hole(0);
- exit(0);
+ if (version_is_less(version:Winver, test_version:"6.2"))
+ {
+ security_hole(0);
+ exit(0);
+ }
}
--
Sébastien AUCOUTURIER | Research and Development Manager
Phone. +33(0)5.67.34.67.84| www.itrust.fr
IT Security Experts (Services & Solutions) | Keep Information Security
Simple
This e-mail is confidential (and any attachments) is intended to its
recipient(s).
_______________________________________________
Openvas-plugins mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins