MS03-039 Plugin and WinXP SP2
Renaud Deraison
deraison at nessus.org
Tue Aug 10 05:59:30 EDT 2004
On Tue, Aug 10, 2004 at 08:24:39PM +1200, Jason Haar wrote:
> I am seeing XP-SP2 machines showing up these old holes too:
>
> Nessus ID : 12205 (ms04-011.mspx)
> Nessus ID : 12206 (ms04-012.mspx)
> Nessus ID : 11888 (MS03-043)
Could you give us the version of each plugin ? The latest version of
11888 should definitely work properly, unless SP2 is not registered
properly in the KB.
> BTW: should Nessus state there's a "security hole" on a host when a
> "registry" style check shows it's vulnerable, but the service is disabled?
It's a tough issue. My stand on this really is to denote potential
security holes as well - a service is disabled during the time of a
scan, but maybe it will be put back up sometime in the future.
> I
> mean, I might be aware it's vulnerable, and that's why I disabled the
> service? Or does it require the "dangerous" scans to confirm such findings?
For some high profile vulnerabilities (ie: MSRPC), we have non-intrusive
checks which will confirm/infirm such findings.
-- Renaud
More information about the Nessus
mailing list