[Openvas-plugins] SANS Top 20 coverage
goran.licina at lss.hr
Thu Nov 5 14:46:31 CET 2009
We've looked into SANS Top 20 2007 (http://www.sans.org/top20/) coverage
of OpenVAS plugins and found that a lot of vulnerabilities don't
have NVTs that test them.
Most of these vulnerabilities require local checks for detection, but there
are lots of them that are remotely exploitable. I'm not sure whether it
makes sense to write local checks for these vulnerabilities, but it would
be good to have those that are remotely exploitable covered, so we decided
to work on them.
If anyone wants to join please notify us to avoid double work.
Any advices/comments/opinions are welcome! :)
Laboratory for Systems and Signals
Department of Electronic Systems and Information Processing
Faculty of Electrical Engineering and Computing
University of Zagreb
More information about the Openvas-plugins