We are also seeing a large number of FPs on W2K3 with SP1and latest patches installed. I know of one machine that has been reloaded after the patches were installed. Will an ethereal trace be sufficient? On Tue, 28 Jun 2005 09:28:11 -0400 >On Jun 27, 2005, at 15:28, Apple Maggot wrote: > >> FYI. Plugin 18502 (aka. the Network check for MS05-027, >> smb_kb896422.nasl) revision 1.2 has a 100% false positive rate when >> scanning systems running Windows Server 2003. We have found this >> to be the case whilest scanning 200+ Win2K3 systems. In all cases >> this plugin reports that the Win2K3 systems are "unpatched", even >> when they are patched. However, the plugin *does* appear to be >> 100% accurate when scanning Win2K and WinXP systems. It just seems >> to falter with Win2K3. > >We've tested the plugin against several Windows 2003 boxes and have >not run into the issue. The patch released by Microsoft includes the >exact same fixes for both XP and Win2003, so having a FP on one side >and not on the other seems quite unlikely. > >Make sure that your Windows 2003 system has rebooted since the patch >has been applied. Otherwise send me network traces as well as your >Windows 2003 exact setup for a better diagnosis. > > > -- Renaud >_______________________________________________ >Plugins-writers mailing list >Plugins-writers@private >http://mail.nessus.org/mailman/listinfo/plugins-writers _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Tue Jun 28 2005 - 07:42:29 PDT