Renaud Deraison wrote: > - 11890 "pings" the Messenger service and warns you if it is vulnerable to > the overflow (ie: if it responds because the patch disables Messenger > over RPC over UDP).
It seems that the operating system detection part of 11890 is somewhat broken. At least my manual translation to C++ first recognized a few *NIX machines (running DCE, probably for DFS) as Windows XP. The fix is to look at the error code in check_XP(); they are different, only the lengths (that the plugin checks) are the same.
