[Openvas-devel] General handling of detection scripts

Thomas Reinke lists at securityspace.com
Fri May 7 16:41:32 CEST 2010


We've been noticing for a while some issues w.r.t detection
scripts that make for somewhat unfriendly remediation of
security reports.  Specifically, the lack of version number
reporting.

We recommend that detection scripts, as a policy, put out
a security note

   "We discovered ProductX version Y running at location Z"

or similar, so that the results provide at least a hint of
of info as to why scripts are tripping, and to help admins
with the issues.

Scripts that are tripping many times without providing info
include:

   800989: gb_dokuwiki_mult_csrf_vuln.nasl
           Depends on gb_dokuwiki_detect.nasl

   900946: secpod_geoserver_detect.nasl

   100341: asterisk_36924.nasl
           Depends on secpod_asterisk_detect.nasl

There's likely many more, but this is what we've bumped into
this morning.


More information about the Openvas-devel mailing list