lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: Dallas_LaRose at s2systems.com (LaRose, Dallas)
Subject: MS03-039 has been released - critical

Paul Schmehl (pauls@...allas.edu) Wrote:
>> I downloaded the MS scanner today and ran it against one 24.  It reports
>> the computers as "patched with KB823980", so it doesn't look like it's
>> testing for the new stuff yet.

The results of the scan are a bit misleading.  What you have to look for is
the line with:

  Patched with KB824146 and KB823980 .... 0



Here is a sample output of a _patched_ installation:

Microsoft (R) KB824146 Scanner Version 1.00.0249 for 80x86
Copyright (c) Microsoft Corporation 2003. All rights reserved.

<+> Starting scan (timeout = 5000 ms)

Checking x.x.x.100
x.x.x.100: patched with KB824146 and KB823980

<-> Scan completed

Statistics:

  Patched with KB824146 and KB823980 .... 1
  Patched with KB823980 ................. 0
  Unpatched ............................. 0
  TOTAL HOSTS SCANNED ................... 1

  DCOM Disabled ......................... 0
  Needs Investigation ................... 0
  Connection refused .................... 0
  Host unreachable ...................... 0
  Other Errors .......................... 0
  TOTAL HOSTS SKIPPED ................... 0

  TOTAL ADDRESSES SCANNED ............... 1


Here is the sample output of an _unpatched_ installation:

Microsoft (R) KB824146 Scanner Version 1.00.0249 for 80x86
Copyright (c) Microsoft Corporation 2003. All rights reserved.

<+> Starting scan (timeout = 5000 ms)

Checking x.x.x.4
x.x.x.4: patched with KB823980

<-> Scan completed

Statistics:

  Patched with KB824146 and KB823980 .... 0
  Patched with KB823980 ................. 1
  Unpatched ............................. 0
  TOTAL HOSTS SCANNED ................... 1

  DCOM Disabled ......................... 0
  Needs Investigation ................... 0
  Connection refused .................... 0
  Host unreachable ...................... 0
  Other Errors .......................... 0
  TOTAL HOSTS SKIPPED ................... 0

  TOTAL ADDRESSES SCANNED ............... 1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ