.

Symantec VERITAS vulnerability in HP/UNIX 11.23

<<

manju_salian

User avatar

Jr. Member
Jr. Member

Posts: 89

Joined: Mon Apr 09, 2007 1:31 am

Post Thu Jun 07, 2012 5:50 am

Symantec VERITAS vulnerability in HP/UNIX 11.23

vulnerabilities reported in HP/UNIX 11.23 for “Symantec VERITAS Enterprise Administrator Service (vxsvc) Multiple Integer Overflows”
Though applying required patch “PHCO_42173” Nessus scanner is reporting same vulnerability for the server again
Kindly let me know if any had faced such issues...
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Thu Jun 07, 2012 9:11 pm

Re: Symantec VERITAS vulnerability in HP/UNIX 11.23

Try and determine what the signature is actually checking and see if the patch would have any impact on that.
The day you stop learning is the day you start becoming obsolete.
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Fri Jun 08, 2012 6:43 am

Re: Symantec VERITAS vulnerability in HP/UNIX 11.23

The Nessus plugin may not be updated to being able to identify whether the service is patched or not, in case e.g. version numbers / banners didn't change, etc.

But as ajohnson said, try to determine what Nessus specifically does to identify if the patch is installed or not  :)
I'm an InterN0T'er
<<

manju_salian

User avatar

Jr. Member
Jr. Member

Posts: 89

Joined: Mon Apr 09, 2007 1:31 am

Post Fri Jun 08, 2012 3:07 pm

Re: Symantec VERITAS vulnerability in HP/UNIX 11.23

Any way.. to check what nessus is doing to detect such vulnerability ?Also I am  only resposible for mitigations,Scanning is done by Separate team. How in technical terms i need to investigate the case or what question i need to do o the scanner team. should i ask for any logs....?
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Sat Jun 09, 2012 11:03 am

Re: Symantec VERITAS vulnerability in HP/UNIX 11.23

you can ask for the full dump of the nessus report.  I have a similar problem where scans are run but are uploaded to a reporting system which gives me a whopping 1 line item per vulnerability found and a link to the CVE but not what exactly was found or what triggered it.

When it doubt see if you can run your own scans.  I don't always take the word of the people doing our scans.  Mostly since they are just using the default safe scan plugins.  Not even doing authentication based scans.  So it is all just best guess.
Certs: GCWN
(@)Dewser

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software