[prev in list] [next in list] [prev in thread] [next in thread]
List: nessus
Subject: Re: Nessus reports patches as missing
From: "Gus Fritschie" <gfritschie () hotmail ! com>
Date: 2006-09-22 14:24:19
Message-ID: BAY118-F34F7A67C71425E69F991C5D5210 () phx ! gbl
[Download RAW message or body]
For example Add/Remove patches shows this patch installed on the
workstation:
Windowsxp-kb893066
Nessus reported this vulnerability:
Synopsis :
Arbitrary code can be executed on the remote host due to a flaw in the
TCP/IP stack.
Description :
The remote host runs a version of Windows which has a flaw in its TCP/IP
stack.
The flaw may allow an attacker to execute arbitrary code with SYSTEM
privileges on the remote host, or to perform a denial of service attack
against the remote host.
Proof of concept code is available to perform a Denial of Service against
a vulnerable system.
Solution :
Microsoft has released a set of patches for Windows 2000, XP and 2003 :
http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx
Risk factor :
High / CVSS Base Score : 9
(AV:R/AC:L/Au:NR/C:P/A:C/I:P/B:A)
CVE : CVE-2005-0048, CVE-2004-0790, CVE-2004-1060, CVE-2004-0230,
CVE-2005-0688
BID : 13124, 13116
Other references : IAVA:2005-B-0011, IAVA:2005-B-0012
Nessus ID : 18023
If our patching process is not working correctly I want to notify
operations, however, I want to be sure that this is not a false-positive.
Thanks!
>From: Renaud Deraison <deraison@nessus.org>
>To: Nessus List <nessus@list.nessus.org>
>Subject: Re: Nessus reports patches as missing
>Date: Fri, 22 Sep 2006 10:06:15 -0400
>
>
>On Sep 22, 2006, at 9:26 AM, Gus Fritschie wrote:
>
>>We ran Nessus with local Administrator rights on a Windows XP SP1 system.
>> It reports several patches as missing. When looking at add/remove
>>programs the patch appears to be installed. Is this a false-positive?
>>The patches are pushed out using Patchlink.
>
>Which patches are showing up exactly ?
>
>
> -- Renaud
>
>
>_______________________________________________
>Nessus mailing list
>Nessus@list.nessus.org
>http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic