Hello,

I have three Linux servers which I have run the Nessus Vulnerability scanner against. All servers have the same kernel version installed and this is confirmed by doing uname -r.

Version = 2.6.9-67.0.1.ELsmp

Against one of these servers Nessus is saying I have 14 holes because the kernel is running at lower versions. See below -

Remote package installed : kernel-2.6.9-5.EL
Should be : kernel-2.6.9-67.0.1.EL
Remote package installed : kernel-2.6.9-67.EL
Should be : kernel-2.6.9-67.0.1.EL
Remote package installed : kernel-2.6.9-55.0.6.EL
Should be : kernel-2.6.9-67.0.1.EL
Remote package installed : kernel-2.6.9-55.0.9.EL
Should be : kernel-2.6.9-67.0.1.EL
Remote package installed : kernel-devel-2.6.9-5.EL
Should be : kernel-devel-2.6.9-67.0.1.EL
Remote package installed : kernel-devel-2.6.9-67.EL
Should be : kernel-devel-2.6.9-67.0.1.EL
Remote package installed : kernel-devel-2.6.9-55.0.9.EL
Should be : kernel-devel-2.6.9-67.0.1.EL
Remote package installed : kernel-devel-2.6.9-55.0.6.EL
Should be : kernel-devel-2.6.9-67.0.1.EL
Remote package installed : kernel-hugemem-devel-2.6.9-5.EL
Should be : kernel-hugemem-devel-2.6.9-67.0.1.EL

In Nessus I am using the same policy, so I'm scanning using the same security plugins.

Does anybody know why Nessus would be mis-reporting the kernel version?

Thanks

PJ