The other way to do it might be to have a single plugin called 'apache_latest_version.nasl' (and 'apache2_latest_version.nasl') and amend that each time a new Apache[2] is released. Doing that would let us do away with the current 'apache_1_3_2[789].nasl' approach. Or for Renaud to delete apache_1_3_[current_version-1].nasl each time a new plugin is created.
-----Original Message----- From: Erik Stephens [mailto:[EMAIL PROTECTED] Sent: 08 March 2004 15:57 To: [EMAIL PROTECTED] Subject: Re: Question about "chained" results On Mon, 8 Mar 2004 [EMAIL PROTECTED] wrote: > I wonder if anyone has been bothered by proclivity for Nessus to > produce pseudo-duplicate results. For example, if I enable all of > the "Apache < some_version" plugins, I get several results for many > systems... > > Apache older than 1.3.29 > Apache older than 1.3.28 > Apache older than 1.3.27 > > It would be nice if the scanning engine was clever enough to realize > that the least of these was the most important, and also implied the > remaining issues. > > Is there some tweak I have missed, or am I doing somthing obviously > silly? I don't think there is any simple configuration tweak you could make to pull this off. I think you'd have to modify the plugins so that the latest version ones depended on the older version ones plus look for a kb key before raising the hole. I'd guess that this is not generally desirable enough to warrant the changes because each of those plugins should describe what that specific version is vulnerable to. I think that is kinda useful to see. Best regards, Erik Stephens www.edgeos.com Managed Vulnerability Assessment Services _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
