Well, I think the problem there is twofold: 1) It'll still show up as loaded and a user may think they're checking for something they're not actually checking for.
2) If it has a plugin ID that's in use by another plugin (of which there appear to be 5 duplicate ID sets in the current distro) you may end up loading an outdated plugin over top an active one and OpenVAS will try to execute the outdated one rather than the real one. I'm assuming that's the case since it appears to manage plugins via plugin ID. I was proposing putting some sort of tag in a plugin that indicates that it should no longer be used. It would require some tweaking of the OpenVAS server code but only a minor tweak. If the deprecated tag is present, don't load the plugin and move on. It would also help in easily searching through existing plugins for ones that are outdated. Shawn Thomas Reinke wrote: > The simple technique, ugly, but safe technique that probably ought > to be adopted is anytime a script is removed to simply NOT remove > it, but to make the contents be simply "exit(0)"; > > That way, the script is effectively made impotent without > worrying about how to manage removal in a safe way. > > Shawn Duffy wrote: >> Will these be taken out of the core distribution? I'm assuming that >> since there are duplicate IDs, OpenVAS will use the last one it loads >> regardless of whether or not it should be there. >> >> I'm wondering if there's a way to denote when a script should not be >> used anymore. Perhaps adding some sort of flag within the script that >> can be checked by OpenVAS or by any plugin manager. It would then be >> synced once and effectively deactivated whether or not it's actually >> removed on the end system. >> >> I understand not wanting to remove them via the NVT sync because you >> risk removing custom plugins people might add. But I was wondering if >> there is a way to manage plugins that should be removed so they don't >> get loaded on top of valid plugins. >> >> FYI, there are a few other duplicates that come in openvas-plugins-1.0.5 >> as of a couple days ago: >> >> /usr/local/lib/openvas/plugins/secpod_libpng_detect_lin.nasl: >> script_id(900070); >> /usr/local/lib/openvas/plugins/secpod_winftp_server_dos_vuln.nasl: >> script_id(900070); >> >> /usr/local/lib/openvas/plugins/secpod_libpng_null_pntr_vuln.nasl: >> script_id(900071); >> /usr/local/lib/openvas/plugins/secpod_opera_mult_vuln_dec08_win.nasl: >> script_id(900071); >> >> /usr/local/lib/openvas/plugins/secpod_ms09-001.nasl: script_id(900069); >> /usr/local/lib/openvas/plugins/secpod_wsftp_server_sec_bypass_vuln.nasl: >> script_id(900069); >> >> /usr/local/lib/openvas/plugins/secpod_openoffice_detect_win.nasl: >> script_id(900072); >> /usr/local/lib/openvas/plugins/secpod_opera_mult_vuln_dec08_lin.nasl: >> script_id(900072); >> >> Can anyone tell me which of these are deprecated and should be removed? >> >> Thanks, >> Shawn >> >> Chandrashekhar B wrote: >>> Shawn, >>> >>> secpod_nms_dvd_sdk_actvex_vuln_900132.nasl is not there in the plugin >>> repository now, it was deleted long back. Do you have the latest >>> plugin set? >>> Please remove that plugin manually. >>> Thanks, >>> Chandra. >>> >>> -----Original Message----- >>> From: [email protected] >>> [mailto:[email protected]] On Behalf Of Shawn >>> Duffy >>> Sent: Thursday, March 05, 2009 4:57 PM >>> To: [email protected] >>> Subject: [Openvas-discuss] Duplicate plugin IDs >>> >>> Hi all, >>> >>> I'm currently working on a database for managing OpenVAS plugins. It's >>> only in its very early stages. But as I was working on importing plugin >>> information into the database, I noticed that there are two plugins with >>> the same plugin ID: >>> >>> secpod_nms_dvd_burning_sdk_actvx_vuln_900132.nasl >>> secpod_nms_dvd_sdk_actvex_vuln_900132.nasl >>> >>> They are both using the ID 900132. Apart from being a problem for my >>> database, I would imagine that one of these is not being run by OpenVAS >>> since it references plugins by ID. Is this something that can be fixed >>> in the next plugin update? >>> >>> Thanks! >>> Shawn >>> _______________________________________________ >>> Openvas-discuss mailing list >>> [email protected] >>> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >>> >>> >> _______________________________________________ >> Openvas-discuss mailing list >> [email protected] >> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >> > > _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
