About Nessus issue
George A. Theall
theall at tenablesecurity.com
Mon Apr 4 09:54:32 EDT 2005
On Mon, Apr 04, 2005 at 04:11:14PM +0800, Wayne.Lai wrote:
> Does the Nessus scan and check the
> Package version for the security warning?
Generally speaking, Nessus can check for security issues in
several different ways: actually exploiting a vulnerability,
checking the product's banner, and looking in the registry
or list of installed packages (when using local security
checks). Different plugins use different methods, and each
method has its advantages and disadvantages.
Without further knowledge about which plugins are reporting
vulnerabilities in your case, it's impossible to say whether
you're seeing a false positive. You could look at the source
of the plugin or you can post here with more details.
George
--
theall at tenablesecurity.com
More information about the Nessus
mailing list