[Openvas-discuss] Adobe ColdFusion vulnerabilities not reported

Darryl Candiff darryl at ccservices.nl
Fri Aug 24 12:08:47 CEST 2012

I am scanning a server for a client with an older version of Adobe
ColdFusion on it. When I used to scan the server with Nessus, a serious and
several medium  vulnerabilities would be reported. Now that I am scanning
with OpenVAS, none of the vulnerabilities are reported with the exception of
a Low indicating that ColdFusion has been found (see below).


Low (CVSS: 0.0)

NVT: ColdFusion Detection (OID:


This host is running Adobe ColdFusion.

See also:



I have other plugins for Adobe ColdFusion enabled (for example
gb_adobe_coldfusion_http_resp_splitting_vuln.nasl) but the expected
vulnerabilities are not reported. What could the problem be?


Thank you,


Darryl Candiff 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20120824/0c925ce5/attachment.html>

More information about the Openvas-discuss mailing list