Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: bad detection

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Shockwave Player 11.x

This thread has been marked as locked.
pygocentrus bad detection
Member 10th Oct, 2010 04:09
Ranking: 1
Posts: 9
User Since: 20th Sep, 2010
System Score: 98%
Location: CA
i update adobe shockwave but PSI dont detect it even after a reboot. Why ?



weird

mogs RE: bad detection
Expert Contributor 10th Oct, 2010 09:30
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
What is your Operating System?
What version of psi are you using ?
What is the file path to the vulnerability or what version( Shockwave), have you installed that is not being detected ?
You need to be using psi versions with the Advanced interface to gain more information....see Simple/Advanced top right of psi panel; or psi 2.0 Beta.
If you then click on the + sign alongside, it will expand to reveal a file path, which will be confirmed by clicking on Tech Details. Similarly so, with 2.0 Beta....+sign...once for file path and twice for more info.
Post that info together with details asked for, back to the forum.
As a generality, tho' you update a prog., the older/previous file/version is often left behind, and continues to be detected even if still in the Recycle bin.
Hope this helps........regards,

--
Was this reply relevant?
+1
-0
pygocentrus RE: bad detection
Member 11th Oct, 2010 05:10
Score: 1
Posts: 9
User Since: 20th Sep 2010
System Score: 98%
Location: CA
Last edited on 11th Oct, 2010 05:15
Sorry.....

Windows XP Home SP3
Secunia PSI 1.5.0.2 with Advanced interface (in French)

http://www.adobe.com/shockwave/welcome/ well detected my new update shockwave version (11.5.8r612). But PSI detected the old one.... v11.5.7.609 (NAPI & ActiveX)

Not sure what you mean by file path....
May be it is this...... c:\i386\np32dsw.dll and c:\i386\SwDir.dll

Seems that PSI is the problem because Shockwave is well installed and detected by Adobe web site.

I am not a newbie but, as many users, i didnt uninstalled old version of this file kind type before updating
Was this reply relevant?
+0
-0
This user no longer exists RE: bad detection
Member 11th Oct, 2010 09:08
Hi,

Please try the Shockwave uninstaller first: http://kb2.adobe.com/cps/142/tn_14224.html

And then try installing the newest version: http://get.adobe.com/shockwave/otherversions/

which is the procedure recommended by Adobe.
Has this resolved the problem?
Was this reply relevant?
+0
-0
TiMow RE: bad detection
Dedicated Contributor 11th Oct, 2010 09:24
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
The file paths you have given, refer to Default Windows restore/backup folder (C:\i386\), whose contents receive no exposure, and therefore do not pose a threat - although PSI still detects them.

You can safely create an ignore rule for this folder (C:\i386\), so PSI doesn't report it every time you scan - although it will continue to detect it.

In PSI Advanced, go to Settings (Configuration) tab; scroll down to bottom line, where it is written "Secunia PSI Status:" (État de Secunia PSI:) - if this is followed by: "Suggested Ignore Rule 1", click on the "1"; otherwise you can create it manually as follows:

Click on Create Ignore Rule (Créer une règle d'exception);
then for Rule name (Nom de la règle) type (or copy and paste) the following: Default Windows restore/backup folder
and for rule (Règle), type this: C:\i386\
and finally click Save Ignore Rule (Enregistrer la règle)

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
pygocentrus RE: bad detection
Member 11th Oct, 2010 19:26
Score: 1
Posts: 9
User Since: 20th Sep 2010
System Score: 98%
Location: CA
on 11th Oct, 2010 09:08, wrote:
Hi,

Please try the Shockwave uninstaller first: http://kb2.adobe.com/cps/142/tn_14224.html

And then try installing the newest version: http://get.adobe.com/shockwave/otherversions/

which is the procedure recommended by Adobe.
Has this resolved the problem?


after uninstall, NO !
after a reboot, NO !!
Was this reply relevant?
+0
-0
pygocentrus RE: bad detection
Member 11th Oct, 2010 19:29
Score: 1
Posts: 9
User Since: 20th Sep 2010
System Score: 98%
Location: CA
Last edited on 11th Oct, 2010 19:30
on 11th Oct, 2010 09:24, TiMow wrote:
The file paths you have given, refer to Default Windows restore/backup folder (C:\i386\), whose contents receive no exposure, and therefore do not pose a threat - although PSI still detects them.

You can safely create an ignore rule for this folder (C:\i386\), so PSI doesn't report it every time you scan - although it will continue to detect it.


(.....)

TiMow


if the file path is no good, PSI must be write to ignore it instead that user must create an ignore rule !!!!
Was this reply relevant?
+0
-0
TiMow RE: bad detection
Dedicated Contributor 11th Oct, 2010 19:51
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH

I appreciate that English isn't your first language - but it's better than my French.

It's not that the file path is no good - it's that any sub-file within the C:\i386\ folder does not receive exposure to the wide world (via the internet) on a daily basis. This folder contains files that were installed at time of purchase and might be needed if ever you have to restore after a hard disk problem.

As a rule, some files become out-of-date as they don't update when an update to a program is made. This is why you have the option to create an ignore rule - it is your choice - the actual status of any insecure file doesn't change, but is considered in a "safe" location, and therefore continual reporting by PSI may not be necessary or required.

on 11th Oct, 2010 19:29, pygocentrus wrote:
if the file path is no good, PSI must be write to ignore it instead that user must create an ignore rule !!!!


When I had an insecurity in C:\i386\ , PSI did suggest an ignore rule (as I wrote above):

Quote:
"In PSI Advanced, go to Settings (Configuration) tab; scroll down to bottom line, where it is written "Secunia PSI Status:" (État de Secunia PSI:) - if this is followed by: "Suggested Ignore Rule 1", click on the "1"" Unquote.

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
pygocentrus RE: bad detection
Member 11th Oct, 2010 20:07
Score: 1
Posts: 9
User Since: 20th Sep 2010
System Score: 98%
Location: CA
Last edited on 11th Oct, 2010 20:09
lol my english is average but it is useful in many forum with no french

i did create an ignore file but still thinking that PSI must not see in i386 file if informations is not good and/or cant be trusted
Was this reply relevant?
+0
-0
This user no longer exists RE: bad detection
Member 12th Oct, 2010 08:49
Hi,

on 11th Oct, 2010 20:07, pygocentrus wrote:

i did create an ignore file but still thinking that PSI must not see in i386 file if informations is not good and/or cant be trusted


That is not the problem. The files present in this folder can be as 'good' or 'bad' as any other files on the machine.

The problem in your case is that 'certain' vendors often fail to remove old versions of their software when upgrading, which in the end can rather clutter one's harddrive.

The PSI will not ignore any important folder by default, as this would be omitting programs that are actually present on your machine.

hope this helps.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer