[Openvas-discuss] Severity overrides don't work in OpenVAS-Client

Stefan Schwarz Sun, 05 Sep 2010 04:40:11 -0700

I tried to increase severity from "Security Note" to "Security Hole" and added this override to global filter. So i got


~/.openvas/severity_overrides.xml:
<severity_filter name="Global Severity Overrides">
        <severity_override name="http TRACE XSS attack"
                host="wwwsrv"
                port="http (80/tcp)"
                OID="1.3.6.1.4.1.25623.1.0.11213"
                severity_from="Security Note"
                severity_to="Security Hole"
                active="true">
                <reason>
                see OTRS-ticket
                </reason>
        </severity_override>
</severity_filter>

Within Extras->Security overrides manager i can see this override, but it is never applied. I always get a security note of this severity instead of a security hole for new reports.

When testing gsad i couldn't even find a way to define overrides. The "overrides"-page doesn't seem to have a Create-Task.


Stefan

smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

[Openvas-discuss] Severity overrides don't work in OpenVAS-Client

Reply via email to