Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: nessus scan - epmap (135/tcp)
From: Volker Tanger <vtlists () wyae de>
Date: Thu, 18 Dec 2008 23:07:48 +0100

On Thu, 18 Dec 2008 14:43:41 +0100
m sesser <security () sesser eu> wrote:

some nessus scans have the following result:
Vulnerability found on port epmap (135/tcp)
[...]
C:KB824146Scan.exe <hostname>
hostname: patched with both KB824146 (MS03-039) and KB823980 (MS03-0
[...]
which tool is right?
is there a 3rd-party tool to test?

Some suggestions:
- Use a third scanner.
- Try some exploits (they are easy enough to find).
- Look into the nessus plugin source and the bug description.


is nessus (2.2.9 ubuntu) state of the art?

You use an old Nessus, even with respect to the 2.2.x-line: "current" 
is 2.2.11 (for the older one) or 3.2.1 (for the newest one) - see
http://www.tenablesecurity.com/download/

Do you use the Tenable professional feed? For commercial pentesting you
quite probably will want to use the continuously updated patterns.

Bye

Volker



-- 

Volker Tanger    http://www.wyae.de/volker.tanger/
--------------------------------------------------
vtlists () wyae de                    PGP Fingerprint
378A 7DA7 4F20 C2F3 5BCC  8340 7424 6122 BB83 B8CB

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]