[Openvas-devel] Multiple? issuesin secpod_oxid_eshop_priv_escalation_vuln.nasl

Chandrashekhar B bchandra at secpod.com
Fri Sep 18 06:44:26 CEST 2009

Thanks Micha!


-----Original Message-----
From: openvas-devel-bounces at wald.intevation.org
[mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Michael
Sent: Thursday, September 17, 2009 8:04 PM
To: openvas-devel at wald.intevation.org
Subject: Re: [Openvas-devel] Multiple? issuesin

Hi Thomas,

*** Thomas Reinke <lists at securityspace.com> wrote:

> This test is tripping false on every system we run it against that
> has a web server, presumably because of the security_note that
> displays the version without checking if eship was installed.

I have fixed that yesterday by removing


Fixed version is available via openvas-nvt-sync.

> Also, I'm not sure if the line
>     if(eshopVer[1] = "^4\.")
> is doing what was intended.

No. ;) 

I have overlooked this yesterday. IMO this should be

"if(eshopVer[1] =~ "^4\.")".

I have fixed that and the fixed version is now available via svn.

Openvas-devel mailing list
Openvas-devel at wald.intevation.org

More information about the Openvas-devel mailing list