Thanks Micha! Chandra.
-----Original Message----- From: openvas-devel-boun...@wald.intevation.org [mailto:openvas-devel-boun...@wald.intevation.org] On Behalf Of Michael Meyer Sent: Thursday, September 17, 2009 8:04 PM To: openvas-devel@wald.intevation.org Subject: Re: [Openvas-devel] Multiple? issuesin secpod_oxid_eshop_priv_escalation_vuln.nasl Hi Thomas, *** Thomas Reinke <li...@securityspace.com> wrote: > This test is tripping false on every system we run it against that > has a web server, presumably because of the security_note that > displays the version without checking if eship was installed. I have fixed that yesterday by removing "security_note(data:"VERSION:"+eshopVer);". Fixed version is available via openvas-nvt-sync. > Also, I'm not sure if the line > > if(eshopVer[1] = "^4\.") > > is doing what was intended. No. ;) I have overlooked this yesterday. IMO this should be "if(eshopVer[1] =~ "^4\.")". I have fixed that and the fixed version is now available via svn. Micha _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
