MS03-039 Plugin and WinXP SP2
Jason Haar
Jason.Haar at trimble.co.nz
Tue Aug 10 20:52:25 EDT 2004
On Tue, Aug 10, 2004 at 11:59:30AM +0200, Renaud Deraison wrote:
> On Tue, Aug 10, 2004 at 08:24:39PM +1200, Jason Haar wrote:
> > I am seeing XP-SP2 machines showing up these old holes too:
> >
> > Nessus ID : 12205 (ms04-011.mspx)
> > Nessus ID : 12206 (ms04-012.mspx)
> > Nessus ID : 11888 (MS03-043)
>
> Could you give us the version of each plugin ? The latest version of
> 11888 should definitely work properly, unless SP2 is not registered
> properly in the KB.
>
script_id(11888);
script_bugtraq_id(8826);
script_version("$Revision: 1.10 $");
script_cve_id("CAN-2003-0717");
> > BTW: should Nessus state there's a "security hole" on a host when a
> > "registry" style check shows it's vulnerable, but the service is disabled?
>
> It's a tough issue. My stand on this really is to denote potential
> security holes as well - a service is disabled during the time of a
> scan, but maybe it will be put back up sometime in the future.
What about changing disabled services to a "Warning" catagory instead of
leaving them as "Hole"? That way you're still reporting their presense, but
not jumping up and down about it :-)
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the Nessus
mailing list