Hi For --Log microsoft-ds (445/tcp) I got NVT: Vulnerability in Server Service Could Allow Remote Code Execution (958644) and references: CVE-2008-4250 but without CVSS score which on NVD website is rated 10.0 HIGH. I'm using very simple scan configuration for now, to understand how program is working. I tried "Full and fast" base with default configuration but I didn't try any credentials. I couldn't see any reasons why I should use it. My problem is that I can't find good documentation about scanner so do not know what I'm doing wrong and how to get exactly what I want.
Thanks, Gosia On Thu, Jul 12, 2012 at 12:50 AM, Sebastien Aucouturier < [email protected]> wrote: > Hi, > for us to help, > can you tell about the scan config you use ? > do you provide Credentials to openvas (lsc) ? > > Can you please tell us which CVSS score differ and for which vulnerability > and plugin ? > > BR > Seb > > Le 12/07/2012 01:16, capture Win a écrit : > > Hello, >> >> I installed OpenVAS on VirtualBox Debian distribution. It looks like >> everything works ok. However I have some problems with understanding >> scan configuration. I would like to scan only my host machine, I need >> to know installed software, version and possible CVE name (NVD), >> description of vulnerability (pre- and post-condition). Everything >> what I can get from my scan is ports check. I ran NeXpose to compare >> my results and they look similar. However in my NeXpose report I got >> CVE names of vulnerability for the same machine and in OpenVAS I got >> only one. >> Also I found that one of CVSS score in my OpenVAS report is different >> then on NVD website. >> >> Could please someone help me? >> >> Thanks, >> >> Gosia >> > > -- > | Sébastien AUCOUTURIER | Software Design Engineer Lead > | ITrust | 55 rue l'Occitane BP 67303 31673 LABEGE CEDEX > | Email: [email protected] > | Fixe Sdt. 05.67.34.67.80 | Fax. 09.80.08.37.23 > | IT Security Services & SaaS Editor >
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
