POSSIBLE MS FALSE-POSITIVE

To:	<nessus@list.nessus.org>
Subject:	POSSIBLE MS FALSE-POSITIVE
From:	"John Scherff" <JScherff@24hourfit.com>
Date:	Thu, 8 Feb 2007 13:06:15 -0800
Cc:	IT Security <ITSecurity@24hourfit.com>, Mark Liedtke <MLiedtke@24hourfit.com>
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	nessus-list1@securepoint.com
Delivered-to:	nessus@list.nessus.org
List-archive:	<http://mail.nessus.org/pipermail/nessus>
List-help:	<mailto:nessus-request@list.nessus.org?subject=help>
List-id:	Discussion of Nessus software <nessus.list.nessus.org>
List-post:	<mailto:nessus@list.nessus.org>
List-subscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=subscribe>
List-unsubscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=unsubscribe>
Sender:	nessus-bounces@list.nessus.org
Thread-index:	AcdLxPh1qiWBbDLkQCuM4hjAFS32MQ==
Thread-topic:	POSSIBLE MS FALSE-POSITIVE

To:

<nessus@list.nessus.org>

Subject:

POSSIBLE MS FALSE-POSITIVE

From:

"John Scherff" <JScherff@24hourfit.com>

Date:

Thu, 8 Feb 2007 13:06:15 -0800

Cc:

IT Security <ITSecurity@24hourfit.com>, Mark Liedtke <MLiedtke@24hourfit.com>

Delivered-to:

sp-com-lists@consult.net

Delivered-to:

nessus-list1@securepoint.com

Delivered-to:

nessus@list.nessus.org

List-archive:

<http://mail.nessus.org/pipermail/nessus>

List-help:

<mailto:nessus-request@list.nessus.org?subject=help>

List-id:

Discussion of Nessus software <nessus.list.nessus.org>

List-post:

<mailto:nessus@list.nessus.org>

List-subscribe:

<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=subscribe>

List-unsubscribe:

<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=unsubscribe>

Sender:

nessus-bounces@list.nessus.org

Thread-index:

AcdLxPh1qiWBbDLkQCuM4hjAFS32MQ==

Thread-topic:

POSSIBLE MS FALSE-POSITIVE

Our Windows 2003 Server systems were recently patched with MS06-057 (KB923191). Nessus continues to report the patch missing (NID 22530). Patch installation verified with command "wmic qfe | find 923191."

I also manually checked the version of c:\windows\system32\comctl32.dll. It is the correct version for Windows 2003 Standard Edition with SP1: 5.82.3790.2778 (per http://www.microsoft.com/technet/security/Bulletin/MS06-057.mspx), which matches the check in plugin smb_nt_ms06-057.nasl for Windows 2003 SE SP1 (os:"5.2", sp:1).

I also manually verified that SP1 is, indeed, installed.

Nessus authenticates to the server with a Domain Admin account.

John Scherff

Sr. IT Security Analyst

24 Hour Fitness

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

<Prev in Thread]	Current Thread	[Next in Thread>
POSSIBLE MS FALSE-POSITIVE, John Scherff <= Re: POSSIBLE MS FALSE-POSITIVE, Nicolas Pouvesle

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	No plugins in Nessus window, ikov
Next by Date:	Re: POSSIBLE MS FALSE-POSITIVE, Nicolas Pouvesle
Previous by Thread:	RE: Nessus Digest, Vol 40, Issue 7, Chambers, Daryl [HDS]
Next by Thread:	Re: POSSIBLE MS FALSE-POSITIVE, Nicolas Pouvesle
Indexes:	[Date] [Thread] [Top] [All Lists]