[Fed-Talk] Vulnerability Management (Repost)
[Fed-Talk] Vulnerability Management (Repost)
- Subject: [Fed-Talk] Vulnerability Management (Repost)
- From: David Downin <email@hidden>
- Date: Thu, 01 Apr 2010 11:28:28 -0400
- Thread-topic: Vulnerability Management (Repost)
Title: Vulnerability Management (Repost)
Does anyone know if there is somewhere that I can find out of a particular CVE applies to macs?
Basically, our site (NSWCCD) as well as the folks at NCDOC have been scanning our network for vulnerabilities using the Retina Network Security Scanner by eEye. I personally have been using it as well to scan the macs in our group and remediate them.
I’ve noticed a lot of times, that Retina will report a vulnerability simply because of the version of something. One example:
Audit ID: 8151
Samba Daemon DOS Filemode Override ACL Bypass
CVE-2009-1888
This is reported on a machine running 10.6.3 (client) simply because Retina is running “smbd –V” and is getting “3.0.25B-apple”. Retina does note that the audit is for versions of Samba obtained from samba.org and may be a false finding on vendor specific backports. So, is there any way for me verify that this is indeed a false positive or not?
I have managed to get rid of the Retina warning temporarily by changing the version number that is reported – but for some reason that I have yet to discover why it eventually reverts back to the original version (it’s not because of a software update). Below is what I am doing to change the reported version.
#!/bin/bash
sudo perl -pi.$TIME -e "s/3\.0\.28/4\.0\.28/" /usr/sbin/smbd
_______________________________________________________
Dave Downin
NSWC Carderock
Facility Engineering and Operations Department / Code 5104
9500 MacArthur Blvd.
West Bethesda, MD 20817-5000
(301) 227-4873 / Work
(301) 247-3520 / Cell
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden