Cve returned seems wrong for Windows services #13
Comments
|
Hi, thank you for reaching out to me. I think this is a limitation of nmap, the script uses the values set by nmap for |
|
Hi, thank you for your reply. You can find the log at https://pastebin.com/8g0d1k8Z The link will expire in one week If you wan that I test something, tell me it Anthony |
|
Is the trace from the same machine? The output from nmap here is |
|
No, it's not the same machine but I have the same problem. The build release 12.00.6329 is nearly uptodate and cvescannverv2 returns CVE of 2014, 2015, 2016 |
|
Mmmm, the only solution I see here is creating a pseudo database with the relation between build numbers and each service pack (still lot of CVEs). The information from the database is retrieved from NVD, and it's very simple and sometimes inconsistent e.g. |
Hi,
for Windows services, after nmap scan, CVEs returns are false in somes cases.
For Example :
Nmap scan a Windows server with Ms-SQL.
The version detected by nmap is : 1433/tcp open ms-sql-s Microsoft SQL Server 2014 12.00.4100; SP1
Then cvescannerV2 scan like this:
| cvescannerv2:
| product: sql_server
| version: 2014
| vupdate: *
| cves: 18
So cvescannerv2 analyze the MS-SQL service with version 2014 but it doesn't take the build release. So, the cve returns are often wrong or inexacts?
this issue appears with Windows and rarely with Linux .
Is there a solution to avoid theses falses positives?
Best regards
Anthony
The text was updated successfully, but these errors were encountered: