[Openvas-devel] General handling of detection scripts

Thomas Reinke lists at securityspace.com
Fri May 7 16:42:36 CEST 2010


Not wanting to step on toes, but if the approach isn't objected
to, we have no problems going in to make these changes.

Thomas

Thomas Reinke wrote:
> We've been noticing for a while some issues w.r.t detection
> scripts that make for somewhat unfriendly remediation of
> security reports.  Specifically, the lack of version number
> reporting.
> 
> We recommend that detection scripts, as a policy, put out
> a security note
> 
>    "We discovered ProductX version Y running at location Z"
> 
> or similar, so that the results provide at least a hint of
> of info as to why scripts are tripping, and to help admins
> with the issues.
> 
> Scripts that are tripping many times without providing info
> include:
> 
>    800989: gb_dokuwiki_mult_csrf_vuln.nasl
>            Depends on gb_dokuwiki_detect.nasl
> 
>    900946: secpod_geoserver_detect.nasl
> 
>    100341: asterisk_36924.nasl
>            Depends on secpod_asterisk_detect.nasl
> 
> There's likely many more, but this is what we've bumped into
> this morning.
> _______________________________________________
> Openvas-devel mailing list
> Openvas-devel at wald.intevation.org
> http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
> 



More information about the Openvas-devel mailing list