Mailing List Archive: Nessus: devel

False positive for hotfix_missing method?

Index | Next | Previous | View Threaded

erik at edgeos

Aug 3, 2004, 10:20 AM

Post #1 of 2 (562 views)
Permalink

False positive for hotfix_missing method?

Greetings,

Against dead IPs, the "Cumulative Security Update for Outlook Express
(823353)" plugin is raising a security note that the hotfix could not
be verified. In the hotfix_missing function defined in
smb_hotfixes.inc, there is this chunk of code:

if ( report_verbosity > 0 )
{
note = "The presence of the hotfix " + name + " could not be verified.";
security_note(port:get_kb_item("SMB/transport"), data:note);
return -1;
}

The report_verbosity is set to whatever the default is. Regardless of
report_verbosity, should this method actually raise a security note if
the IP is dead? I don't know of a good solution other than removing
these lines from smb_hotfixes.inc.

Best regards,
Erik Stephens www.edgeos.com
Managed Vulnerability Assessment Services

deraison at nessus

Aug 3, 2004, 10:29 AM

Post #2 of 2 (526 views)
Permalink

Re: False positive for hotfix_missing method? [In reply to]

On Tue, Aug 03, 2004 at 10:20:00AM -0700, Erik wrote:
> Greetings,
>
> Against dead IPs, the "Cumulative Security Update for Outlook Express
> (823353)" plugin is raising a security note that the hotfix could not
> be verified. In the hotfix_missing function defined in
> smb_hotfixes.inc, there is this chunk of code:

I removed these lines because the way the system is currently set up,
they're nearly always useless. However your config is wrong -
report_verbosity is a NULL value by default, and optimize_test was also
set to false on your side.

-- Renaud

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads