On Fri, Apr 08, 2005 at 09:35:31AM -0700, Jim Coughenour wrote: > Nessus is reporting that Oracle (tnslis vulnerable based > on version number and follow Oracle alert 86 to remediate.
You mean alert 68, from plugin #14641, right? > The Oracle version we running is 9.2.0.6 - recently > upgraded to this version. ... > Is this a false positive? Why does Nessus think 9.2.0.6 > is vulnerable? For some reason, the plugin isn't seeing the Oracle tnslsnr version as 9.2.0.6 -- if it were, it wouldn't classify it as vulnerable. Can you locate the KB for one of the vulnerable machines -- it will be something like /usr/local/var/nessus/users/$user/kb/$target -- and do the following: grep "oracle_tnslsnr/" $kb Also, how long ago did you upgrade? Are you reusing the knowledge base when you do a scan? If so, what are your setings under the KB tab? George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
