[Openvas-plugins] Mac OS X Local Security Checks
goran.licina at lss.hr
Tue Apr 6 10:43:45 CEST 2010
> -----Original Message-----
> From: Chandrashekhar B [mailto:bchandra at secpod.com]
> Sent: Wednesday, March 31, 2010 11:12 AM
> To: Goran Ličina; openvas-plugins at wald.intevation.org
> Subject: RE: [Openvas-plugins] Mac OS X Local Security Checks
> Hello Goran,
> > -----Original Message-----
> > From: openvas-plugins-bounces at wald.intevation.org
> > [mailto:openvas-plugins-bounces at wald.intevation.org] On
> > Behalf Of Goran Licina
> > Sent: Thursday, March 25, 2010 9:30 PM
> > To: openvas-plugins at wald.intevation.org
> > Subject: [Openvas-plugins] Mac OS X Local Security Checks
> > Hi all,
> > we've been working for some time now on local security checks
> > for Mac OS X.
> > As result of our testing and research we developed a script
> > for automated generation of LSC's from HTML advisory page. Of
> > course script is still not perfect and generated plugins
> > still need some manual improvement.
> > However, we've done enough research and testing to start
> > commiting these plugins. I've put in attach some example
> > plugins to demonstrate how will these plugins look like. Also
> > there is small include file with some helper functions for LSC's.
> Looks good, if they are tested, please commit.
Just did :)
> > I would love to hear your suggestions for improvement and
> > comments before I start to commit these.
> I just had one comment, instead of setting vuln=1 status, you can
> security_hole there itself and exit. That will ensure that further
> aren't necessary when you have already found an unpatched system.
Fixed that. Thanks for the tip!
> > P.S. Another thing we noticed is "typo" in family name for
> > Mac OS X LSC's.
> > Mac OS X is spelled "MacOS X" (notice there is no space
> > between Mac and OS) which is incorrect according to Wikipedia
> > (http://en.wikipedia.org/wiki/Mac_OS)
> > and official Apple web (http://www.apple.com/macosx/). Does
> > anyone have anything against correcting this?
> > Is actually demands modifying only one plugin
> > (apple-sa-2004-08-09.nasl) and probably CR #23
> > (http://www.openvas.org/openvas-cr-23.html) which defines
> > plugin families. apple-sa-2004-08-09.nasl actually doesn't
> > work at the moment, but we'll fix that.
> You should be able to modify the family name and update CR #23. The
> concern would be if someone has already created their policy files
> (openvasrc) selecting these, they need to modify. Since there's only
> plugin, it shouldn't be a problem. Please go ahead.
More information about the Openvas-plugins