I have a problem with a scan of a workstation that has Acrobat 6.0.5 installed. In my report I see:
----------------------------------------------------------------------------------------------------------------------------
Plugin output :
Version 6.0.1.1081 of the Adobe Acrobat distiller is installed as :
C:\Program Files\Adobe\Acrobat 6.0\Distillr\AcroDistDLL.dll
CVE : CVE-2006-3453, CVE-2006-3453, CVE-2006-3453
BID : 18943, 18943, 18943
Plugin ID : 22035
---------------------------------------------------------------------------------------------------------------------------
Looking at the source code for plugin 22035 I see that
Determine where it's installed.
key = "SOFTWARE\Classes\Software\Adobe\Acrobat\Distiller";
Then determines the version
# There's a problem if the version is < 6.0.5.
if (!isnull(ver))
{
if (
ver[0] < 6 ||
(ver[0] == 6 && ver[1] == 0 && ver[2] < 5)
)
{
if (report_verbosity < 1) report = desc;
else
{
version = string(ver[0], ".", ver[1], ".", ver[2], ".", ver[3]);
report = string(
desc,
"\n\n",
"Plugin output :\n",
"\n",
"Version ", version, " of the Adobe Acrobat distiller is installed as :\n",
" ", dll, "\n"
);
}
----------------------------------------------------------------------------------------------------------------------------
I've manually verified that the acrobat.exe is at version 6.0.5.399, the Solution : states to Upgrade to Adobe Acrobat 6.0.5 or later; which the workstation has installed.
The version of the AcroDistDLL.dll is 6.0.1.1081. Does the plug check the version of AcroDistDLL.dll or acrobat.exe?
Thank You in advance --John
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus