[Openvas-discuss] NVT with error severity level

tatooin at free.fr tatooin at free.fr
Mon Jan 23 19:12:06 CET 2017


Hello,

I'm trying to get a list of hosts vulnerable to a particular NVT. In this case, 1.3.6.1.4.1.25623.1.0.100610 (JBoss Enterprise Application Platform Multiple Vulnerabilities). Looking at this particular NVT in GSA, and clicking on the "Show scan results for this NVT" menu, takes me to the list of hosts vulnerable to this NVT, as expected.

However, on the listing, the vulnerability appears with a severity set to "Error" on all vulnerable hosts (see attached screenshot if it goes through), while on the NVT page detail, the severity score is set to 5.0 (Medium). I also notice that the location is set to "General/TCP", while I would expect here to see the application port (8080). Is this a bug or am I missing something ? And in that particular case, are the results reliable ?

Thank you

System Info:
openvas-manager-6.0.9-0kali1
openvas-scanner-5.0.7-3

On Kali Linux Rolling. All packages up to date.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openvas.png
Type: image/png
Size: 178751 bytes
Desc: not available
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20170123/5edbd34b/attachment.png>


More information about the Openvas-discuss mailing list