On Fri, Aug 04, 2006 at 11:11:58AM -0700, James Yarrison wrote: > On a July 17th safe scan using an updated version of > the free plugin feed, I scanned our Exchange cluster > and found few vunlerabilities. On a July 28th safe > scan, after a series of patches were applied to said > cluster, I scanned it again and found a whole host of > new vulnerabilies - privelege escalation, several > instances of the old "Arbitrary code can be executed" > standby, holes in the web client and a variety of > services. These holes appear only on the cluster > alias, not on any of the physical servers. > > Anyone else noticed such a thing? Are these probable > false positives,
Have you looked at the plugins involved in the second report to see if they use, say, banner checks? Or perhaps you supplied valid credentials the second time so that Nessus was able to run local checks. Without any details, though, it's impossible to say. George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
