Symantec VERITAS vulnerability in HP/UNIX 11.23

[Hack_80]

vulnerabilities reported in HP/UNIX 11.23 for “Symantec VERITAS Enterprise Administrator Service (vxsvc) Multiple Integer Overflows”
Though applying required patch “PHCO_42173” Nessus scanner is reporting same vulnerability for the server again
Kindly let me know if any had faced such issues...

[ajohnson]

Try and determine what the signature is actually checking and see if the patch would have any impact on that.

[MaXe]

The Nessus plugin may not be updated to being able to identify whether the service is patched or not, in case e.g. version numbers / banners didn't change, etc.

But as ajohnson said, try to determine what Nessus specifically does to identify if the patch is installed or not 

[Hack_80]

Any way.. to check what nessus is doing to detect such vulnerability ?Also I am  only resposible for mitigations,Scanning is done by Separate team. How in technical terms i need to investigate the case or what question i need to do o the scanner team. should i ask for any logs....?

[3xban]

you can ask for the full dump of the nessus report.  I have a similar problem where scans are run but are uploaded to a reporting system which gives me a whopping 1 line item per vulnerability found and a link to the CVE but not what exactly was found or what triggered it.

When it doubt see if you can run your own scans.  I don't always take the word of the people doing our scans.  Mostly since they are just using the default safe scan plugins.  Not even doing authentication based scans.  So it is all just best guess.