On a July 17th safe scan using an updated version of the free plugin feed, I scanned our Exchange cluster and found few vunlerabilities. On a July 28th safe scan, after a series of patches were applied to said cluster, I scanned it again and found a whole host of new vulnerabilies - privelege escalation, several instances of the old "Arbitrary code can be executed" standby, holes in the web client and a variety of services. These holes appear only on the cluster alias, not on any of the physical servers.
Anyone else noticed such a thing? Are these probable false positives, as prior to the 7-28 scan they weren't showing up? Are these legitimate holes, that were detected by new plugins released to the free feed in that interim period? Does the latest round of Exchange patches open things up, and so they need to be re-closed? __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
