[Openvas-plugins] SANS Top 20 coverage

Goran Ličina goran.licina at lss.hr
Thu Nov 5 14:46:31 CET 2009


Hi all!

We've looked into SANS Top 20 2007 (http://www.sans.org/top20/) coverage
of OpenVAS plugins and found that a lot of vulnerabilities don't
have NVTs that test them.

Most of these vulnerabilities require local checks for detection, but there
are lots of them that are remotely exploitable. I'm not sure whether it 
makes sense to write local checks for these vulnerabilities, but it would
be good to have those that are remotely exploitable covered, so we decided
to work on them.

If anyone wants to join please notify us to avoid double work.

Any advices/comments/opinions are welcome! :)

Best regards,

Goran Licina
--
Laboratory for Systems and Signals
Department of Electronic Systems and Information Processing
Faculty of Electrical Engineering and Computing
University of Zagreb


More information about the Openvas-plugins mailing list