Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. plugins
Plugin 23838 Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)
mike.sleeper at srs
Mar 28, 2007, 6:48 AM
Post #1 of 2 (2487 views)
Permalink
After applying the patch on a system and rebooting, a privileged scan is still reporting this vulnerability exists. The remote host is running Microsoft Windows 2000 Server (English) (Windows 5.0)The remote Windows 2000 system has Service Pack 4 applied.
The version of the dll files in question after applying the patch and reboot are as follows:wmvcore.dll - 7.0.0.1917
dxmasf.dll - 6.4.9.1133

Is there a problem with the script or can anyone suggest how I might determine what else might cause this signature to report? Thanks in advance for any help, ----------------------------------------------------
Mike Sleeper CISSP, CCSE, CCFS
Computer & Information Security
----------------------------------------------------
RE: Plugin 23838 Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689) [ In reply to ]
daryl.chambers at hdsupply
Mar 28, 2007, 7:32 AM
Post #2 of 2 (2262 views)
Permalink
You very likely have an old version of Windows Media Player. This You
should be able to migrate to WMP version 9, but you are probably at
version 6, which will show as being fully patched, even though newer
versions are available. I had this same issue on several servers.

________________________________

From: plugins-writers-bounces@list.nessus.org
[mailto:plugins-writers-bounces@list.nessus.org] On Behalf Of
mike.sleeper@srs.gov
Sent: Wednesday, March 28, 2007 9:48 AM
To: plugins-writers@list.nessus.org
Subject: [Plugins-writers] Plugin 23838 Vulnerability in Windows Media
Format Could Allow Remote Code Execution (923689)



After applying the patch on a system and rebooting, a privileged scan is
still reporting this vulnerability exists.

The remote host is running Microsoft Windows 2000 Server (English)
(Windows 5.0)
The remote Windows 2000 system has Service Pack 4 applied.

The version of the dll files in question after applying the patch and
reboot are as follows:
wmvcore.dll - 7.0.0.1917
dxmasf.dll - 6.4.9.1133

Is there a problem with the script or can anyone suggest how I might
determine what else might cause this signature to report?


Thanks in advance for any help,


----------------------------------------------------
Mike Sleeper CISSP, CCSE, CCFS
Computer & Information Security
----------------------------------------------------

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal