From 28c491c744ebe71f39caf59b902ac62661442f07 Mon Sep 17 00:00:00 2001
From: fyodor <fyodor@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Thu, 2 Apr 2009 03:51:30 +0000
Subject: [PATCH] Improve wording

---
 CHANGELOG | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index aa5462f29..78272fb02 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,12 +3,11 @@
 Nmap 4.85BETA7 [2009-04-1]
 
 o Improvements to the Conficker detection script (smb-check-vulns):
-  o Treat any NetPathCanonicalize()return code of 0x57 as indicative
-    of a vulnerable machine. We (and all the other scanners) used to
-    require the 0x57 return code as well as a canonicalized path
-    string including 0x5c450000.  Tenable confirmed an infected
-    system which returned a 0x00000000 path, so we now treat any
-    return code of 0x57 as indicative of an infection. [Ron]
+  o Reduce false negative rate.  We (and all the other scanners) used
+    to require the 0x57 return code as well as a canonicalized path
+    string including 0x5c450000.  Tenable confirmed an infected system
+    which returned a 0x00000000 path, so we now treat any hosting
+    returning code 0x57 as likely infected. [Ron]
   o Add workaround for crash in older versions of OpenSSL which would
     occur when we received a blank authentication challenge string
     from the server.  The error looked like: evp_enc.c(282): OpenSSL