> Yes, I ran the update this morning and rescanned the same computer and it
> still flags the RPC Endpoint Mapper vulnerability that Plugin ID 11485 tests
> for. However, I have installed the patch for this issue. I'm not very
> familiar with the NASL language yet, but in reading the source code for this
> plugin, the following code makes me think it is only looking for SP2 on Win
> XP:
>
>
>
> if ( hotfix_check_sp(nt:7, win2k:4, xp:2) <= 0 ) exit(0);
>
> else security_hole(get_kb_item("SMB/transport"));
>
>
>
> Am I interpreting this correctly or am I missing something?
Oh, sorry, it's my fault. I should have take coffee before look at it :)
In fact "hotfix_check_sp(nt:7, win2k:4, xp:2)" checks, for example, if
service pack 2 for XP is present and then quit.
But the check for the patch is missing in this plugin. I will fix it and
commit it to the cvs in few minutes.
Thanks,
Nicolas
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Wed Jan 19 2005 - 08:02:11 PST