On 09/26/07 19:56, [EMAIL PROTECTED] wrote: > I'm reviewing reports, and have noted that (in particular with Flash and > Adobe reader plugins) there is inconsistency on when a file/version/path > is included in the plugin output. For remediation -- I *love* that > info. Clears up lots of questions. > > Case in point: 2 plugins: adobe_reader_709.nasl, and > adobe_pdf_plugin_80.nasl -- the former: no file location output, the > latter includes it. > > Is there a technical reason? Or just something that wasn't gotten > around to? On a "to do" list?
We've been making plugins more verbose for the past several months: version info from banner checks, version / path info for local Windows checks, contents of files and output of commands when exploiting vulnerabilities, etc. As you note, it greatly helps in terms of remediation. In cases where the info is available via another plugin, though, we've tended to not include it to avoid redundancy and minimize code complexity. For example, adobe_reader_installed.nasl reports the installation path and version info of Adobe Reader on Windows systems whereas there isn't another plugin that does this for Adobe's PDF plugin. That said, I'd welcome feedback from you or others about the current report format. George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
