Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Chronic Threats that Repeat

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI 2.0 Beta

This thread has been marked as locked.
claw Chronic Threats that Repeat
Member 23rd Sep, 2010 18:12
Ranking: 0
Posts: 26
User Since: 31st May, 2010
System Score: N/A
Location: N/A
I have downloaded and installed "solutions" for Sun Java JRE 1.5x/5.x and Adobe Flash Player 10.x. Both keep showing up as threats after a scan. And, the dialogue box that pops up after a scan says I have only 1 threat found. I suspect the problem is with Secunia. I'm using Firefox.

mogs RE: Chronic Threats that Repeat
Expert Contributor 23rd Sep, 2010 18:25
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
What is the filepath to the vulnerability ? Click on Results and the + sign alongside the entry.....double click again to expand for further info......regards.


--
Was this reply relevant?
+0
-0
claw RE: Chronic Threats that Repeat
Member 23rd Sep, 2010 19:03
Score: 0
Posts: 26
User Since: 31st May 2010
System Score: N/A
Location: N/A
Hi,
Thanks. I can't find any "Results" to click on. I think I'm using PSI v1.5.0.2 if that makes any difference.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Chronic Threats that Repeat
Handling Contributor 23rd Sep, 2010 19:08
Score: 11786
Posts: 9,035
User Since: 4th Jan 2009
System Score: N/A
Location: UK
FINDING A FILE PATH - ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)

To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V) the Installation Path of the file back to the Forum if U are unsure what to do next.

PSI VERSION 2 (BETA)

From the DASHBOARD page click on RESULTS.

1. This will show U the file that is vulnerable.
2. Click the + sign next to the file.
3. This will reveal the path.
4. Highlight it then copy (CTRL+C) & then paste (CTRL+V) that path back to the Forum if U do not know what to do next.


Update 4 20:22 03/09/2010

























--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
claw RE: Chronic Threats that Repeat
Member 23rd Sep, 2010 19:53
Score: 0
Posts: 26
User Since: 31st May 2010
System Score: N/A
Location: N/A




Thanks again. Here are the 2 paths. Hope this is what you need.
Technical details


Technical details about this installation of Sun Java JRE 1.5.x / 5.x, you can use this information to determine why the Secunia PSI detected the program and the security state of it.

Version Detected:
1.5.0.0

Installation Path:
C:\Program Files\Java\jre1.5.0\bin\java.exe

Last Inspection of Program:
23rd Sep. 2010, 18:52 CET

Technical details


Technical details about this installation of Adobe Flash Player 10.x, you can use this information to determine why the Secunia PSI detected the program and the security state of it.

Version Detected:
10.1.82.76 (NPAPI)

Installation Path:
C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

Last Inspection of Program:
23rd Sep. 2010, 18:52 CET

Was this reply relevant?
+0
-0
Maurice Joyce RE: Chronic Threats that Repeat
Handling Contributor 23rd Sep, 2010 21:42
Score: 11786
Posts: 9,035
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 23rd Sep, 2010 21:48
OK- go to Control Panel>add/remove.

Uninstall ALL versions os JSE or JRE or JDK or JAVA (TM) EXCEPT for JAVA(TM) 6 update 21.

FLASH PLAYER

Use the open folder option in the PSI toolbox. Find that file - RIGHT click & delete it.

Before doing this make sure U COMPLETELY EXIT THE USE OF THESE PROGRAMMES - PSI, ALL BROWSERS, INCREDIMAIL & MESSENGER.

Do a full rescan. They should be history.



--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
claw RE: Chronic Threats that Repeat
Member 23rd Sep, 2010 23:10
Score: 0
Posts: 26
User Since: 31st May 2010
System Score: N/A
Location: N/A
Thanks for your help. I'm clean now if I ignore a couple of threats that the Open Folder says don't exist. Should I denote those as to be Ignored in future? Also, I left about 7 other Adobe Flash programs in the folder; only deleted the ones that were found in the scan. Can I delete those too? They included 2 install prog's and a Plugin all with Flash in their names.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Chronic Threats that Repeat
Handling Contributor 23rd Sep, 2010 23:23
Score: 11786
Posts: 9,035
User Since: 4th Jan 2009
System Score: N/A
Location: UK
U should not ignore anything if it is showing as vulnerable. Have U just completed a full rescan after the JAVA & Flash issue?

If so what paths are now still showing as vulnerable?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0
claw RE: Chronic Threats that Repeat
Member 24th Sep, 2010 00:35
Score: 0
Posts: 26
User Since: 31st May 2010
System Score: N/A
Location: N/A
Sorry, they do exist. Macromedia and Norton. Two others (Windvd gold 5 and PC Doctor are end-of-life no threats. Can those be ignored?) How about the Adobe Flash folders mentioned in my last reply -- should they be deleted? Here are the Macro & Norton paths:
Thanks

Technical details


Technical details about this installation of Symantec Norton AntiVirus 2005, you can use this information to determine why the Secunia PSI detected the program and the security state of it.

Version Detected:
11.0.2.4

Installation Path:
D:\I386\Apps\APP01705\src\NAV\EXTERNAL\NORTON\APP\ NAVAPSVC.EXE

Last Inspection of Program:
24th Sep. 2010, 0:11 CET


Technical details


Technical details about this installation of Macromedia Flash Player 5.x, you can use this information to determine why the Secunia PSI detected the program and the security state of it.

Version Detected:
5.0.44.0 (ActiveX)

Installation Path:
D:\I386\Apps\APP13118\src\SWFLASH.OCX

Last Inspection of Program:
24th Sep. 2010, 0:11 CET
Was this reply relevant?
+0
-0
Maurice Joyce RE: Chronic Threats that Repeat
Handling Contributor 24th Sep, 2010 00:49
Score: 11786
Posts: 9,035
User Since: 4th Jan 2009
System Score: N/A
Location: UK
FLASH

Flash should have files there. Provided PSI is showing Flash as secure leave them alone.

END OF LIFE

ALL vendor support for these programmes has ended. U have 3 basic options:

1. Uninstall them via Control Panel>add/remove
2. Upgrade them (if paid for items)
3. Ignore them & carry on regardless. There is an obvious risk by doing this as U will have no way of telling U if it/they ever become vulnerable in the future.

YOUR D DRIVE

This is a REINSTALLATION partition. It has no exposure & is therefore safe to ignore. This action will prevent further "false positives" & unnecessary alarm.

CREATING A GLOBAL IGNORE RULE - ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)

1.Click on the SETTINGS tab>scroll to the bottom & click on CREATE IGNORE RULE

2.In the RULE NAME BOX insert the Drive detail - My Backup Drive for example.

3.In the RULE BOX type D:\.

4.Click SAVE IGNORE RULE>CLOSE

5.Carry out a full PSI rescan & all should be in order.

All hard drives will continue to be scanned by default but the result from the drives ignored will not be published.


Update 5 16:45 02/09/2010

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer