I am scanning a server for a client with an older version of Adobe ColdFusion on it. When I used to scan the server with Nessus, a serious and several medium vulnerabilities would be reported. Now that I am scanning with OpenVAS, none of the vulnerabilities are reported with the exception of a Low indicating that ColdFusion has been found (see below).
Low (CVSS: 0.0) NVT: ColdFusion Detection (OID: 1.3.6.1.4.1.25623.1.0.100773) Overview: This host is running Adobe ColdFusion. See also: http://www.adobe.com/products/coldfusion/ I have other plugins for Adobe ColdFusion enabled (for example gb_adobe_coldfusion_http_resp_splitting_vuln.nasl) but the expected vulnerabilities are not reported. What could the problem be? Thank you, Darryl Candiff
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
