Why does the KB824146scan.exe toll show Cisco devices as "unpatched"

TheMSsForum.com: The Microsoft Software Forum

I ran the KB824146scan.exe tool against my domain to find
unpatched machines and it returned "unpatched" on several
Cisco devices. Does anyone know why this would happen?
My concern is that this utility may not be working
correctly.

Thanks
Kurt
Top

Re: Why does the KB824146scan.exe toll show Cisco devices as "unpatched" by Bill

Bill
Tue Sep 16 12:23:11 CDT 2003

This may not be a false positive--you need to ask in a forum related to
Cisco devices, I think, specifying the individual models involved.

There are alternative scanners from eEye and others to test with, if you
want a second opinion--google on eeye and rpc to find their tool.

"Kurt" <khinson@tucsonelectric.com> wrote in message
news:007b01c37c71$57cc6eb0$a401280a@phx.gbl...
> I ran the KB824146scan.exe tool against my domain to find
> unpatched machines and it returned "unpatched" on several
> Cisco devices. Does anyone know why this would happen?
> My concern is that this utility may not be working
> correctly.
>
> Thanks
> Kurt


Top

Re: Why does the KB824146scan.exe toll show Cisco devices as "unpatched" by Kent

Kent
Wed Sep 17 08:42:51 CDT 2003

The original scan tool returns "unpatched" on 9x systems, so it isn't
surprising that this tool would consider cisco's to be unpatched. If a
new tool comes out, it will likely detect 9x systems and not return a
false positive, but I don't know what it would do about ciscos. It
should read "needs investigation" rather than "unpatched" since KB826369
says that the tool detects Windows.

Why would a cisco device respond to this tool, I wonder? Is it a printer
server? Perhaps it spoofs itself as a version of Windows? Not much to be
done about that, except ask cisco what's going on.

--
Kent W. England, Microsoft MVP for Windows



"Bill Sanderson" <Bill_Sanderson@msn.com.plugh.org> wrote in message
news:emSu4cHfDHA.3616@TK2MSFTNGP11.phx.gbl...
> This may not be a false positive--you need to ask in a forum related
to
> Cisco devices, I think, specifying the individual models involved.
>
> There are alternative scanners from eEye and others to test with, if
you
> want a second opinion--google on eeye and rpc to find their tool.
>
> "Kurt" <khinson@tucsonelectric.com> wrote in message
> news:007b01c37c71$57cc6eb0$a401280a@phx.gbl...
> > I ran the KB824146scan.exe tool against my domain to find
> > unpatched machines and it returned "unpatched" on several
> > Cisco devices. Does anyone know why this would happen?
> > My concern is that this utility may not be working
> > correctly.
> >
> > Thanks
> > Kurt
>
>

Top

Re: Why does the KB824146scan.exe toll show Cisco devices as "unpatched" by Robert

Robert
Wed Sep 17 09:28:44 CDT 2003

Kent W. England [MVP] wrote:
> The original scan tool returns "unpatched" on 9x systems, so it isn't
> surprising that this tool would consider cisco's to be unpatched. If a
> new tool comes out, it will likely detect 9x systems and not return a
> false positive, but I don't know what it would do about ciscos. It
> should read "needs investigation" rather than "unpatched" since
> KB826369 says that the tool detects Windows.
>
> Why would a cisco device respond to this tool, I wonder? Is it a
> printer server? Perhaps it spoofs itself as a version of Windows? Not
> much to be done about that, except ask cisco what's going on.

Not to mention more than a few cisco devices use embedded versions of
Windows. So the tool could actually be accurate. *gulp*.

Rob


Top