Hi, I had asked it in the main nessus mail-list and appear it were the wrong place, so posting here that I belive be the correct place, any help is welcome. :) 1) The line "if ( hotfix_check_sp(xp:3, win2k:5, win2003:1) <= 0 ) exit(0);" check the OS Version, so it check the Operation system and SP installed? In the case Windows XP with SP3 or Windows 2000 with SP5 or Windows 2003 with SP1 ? If I would like to check a machine with Windows 2003 without service pack, should I replace "win2003:1" by "win2003:0" ? Well, it check this versions and if the version is lower than this specified it call exit() with make me thing it skip this check (and doesn't report it vulnerable), I'm right? But if it's doesn't have the basic SP requeriments shouldn't it be reported as vulnerable? 2) This line " if ( hotfix_is_vulnerable (os:"5.2", sp:0, file:"Authz.dll", version:"5.2.3790.274", dir:"\system32") || hotfix_is_vulnerable (os:"5.1", sp:1, file:"Authz.dll", version:"5.1.2600.1634", dir:"\system32") || hotfix_is_vulnerable (os:"5.1", sp:2, file:"Authz.dll", version:"5.1.2600.2622", dir:"\system32") || hotfix_is_vulnerable (os:"5.0", file:"Authz.dll", version:"5.0.2195.7028", dir:"\system32") ) security_hole (get_kb_item("SMB/transport"));" The os: 5.0 mean Windows 2000? The os: 5.1 mean Windows XP? The os: 5.2 mean Windows 2003? And longhorn (os:5.3)? What make this security_hole() function, report it as vulnerable? what is the get_bk_item() 3) The line "if ( hotfix_missing(name:"890859") > 0 )" check for a hotfix missing. Why not check only with hotfix_is_vulnerable() or hotfix_missing()? Why test with both? Only one should be enought to detect if the system is vulnerable? Thank you and sorry for amount of questions, Cheers _______________________________________________________ Yahoo! Acesso Grátis - Internet rápida e grátis. Instale o discador agora! http://br.acesso.yahoo.com _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Mon Aug 21 2006 - 12:35:46 PDT