2 Replies Latest reply: Mar 24, 2010 1:26 PM by Rob33872 RSS

Nessus and Symantec Endpoint Protection


Has anyone run into the following issue? I am scanning with Nessus, and Symantec Endpoint Protection thinks it has found some problems. I have listed the Symantec findings below:


P2P Fasttrack Network Ping Messages detected.
HTTP BD BugBear detected.
HTTP IIS ISAPI Extension (Code Red) detected.
MSRPC Server Service Buffer Overflow 2 detected.

MS SMB2 Validate Provider Callback RCE detected.

SMB Request BO detected.

All of them happened while scanning with Nessus, and the Symantec log lists Nessus as the program that was executing when these alerts happened. Note especially Bugbear, Code Red, and the Buffer Overflows above.

Are these false positives and Symantec thinks they're problems, or is something worse going on here?  I scanned my computer after the Nessus scan, and Symantec did not find any of the problems I listed above.


Thanks for any assistance you can provide.