[Openvas-plugins] SANS Top 20 coverage

Jan-Oliver Wagner Jan-Oliver.Wagner at greenbone.net
Mon Nov 9 08:09:15 CET 2009


Hi Goran,

On Thursday 05 November 2009 14:46:31 Goran Ličina wrote:
> We've looked into SANS Top 20 2007 (http://www.sans.org/top20/) coverage
> of OpenVAS plugins and found that a lot of vulnerabilities don't
> have NVTs that test them.
> 
> Most of these vulnerabilities require local checks for detection, but there
> are lots of them that are remotely exploitable. I'm not sure whether it 
> makes sense to write local checks for these vulnerabilities, but it would
> be good to have those that are remotely exploitable covered, so we decided
> to work on them.
> 
> If anyone wants to join please notify us to avoid double work.
> 
> Any advices/comments/opinions are welcome! :)

thanks for taking this task!

It would be good if you would check in a list of missing NVTs
into openvas-plugins and alwys indiciate on which one you are currently working on.

Also, a "sans20-2007.nasl" with just the single NVTs as dependencies might be
helpful.

Best

	Jan

-- 
Dr. Jan-Oliver Wagner |  ++49-541-335084-0  |  http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück
AG Osnabrück, HR B 202460 | Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner


More information about the Openvas-plugins mailing list