[Openvas-discuss] Adobe ColdFusion vulnerabilities not reported

Darryl Candiff darryl at ccservices.nl
Fri Aug 24 12:08:47 CEST 2012


I am scanning a server for a client with an older version of Adobe
ColdFusion on it. When I used to scan the server with Nessus, a serious and
several medium  vulnerabilities would be reported. Now that I am scanning
with OpenVAS, none of the vulnerabilities are reported with the exception of
a Low indicating that ColdFusion has been found (see below).

 

Low (CVSS: 0.0)

NVT: ColdFusion Detection (OID: 1.3.6.1.4.1.25623.1.0.100773)

Overview:

This host is running Adobe ColdFusion.

See also:

http://www.adobe.com/products/coldfusion/

 

I have other plugins for Adobe ColdFusion enabled (for example
gb_adobe_coldfusion_http_resp_splitting_vuln.nasl) but the expected
vulnerabilities are not reported. What could the problem be?

 

Thank you,

 

Darryl Candiff 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20120824/0c925ce5/attachment.html>


More information about the Openvas-discuss mailing list