Out of curiosity, how can we find that out ourselves? I mean if we see a published vulnerability is there a way to find out which NVT can be used to perform that type of scan?
Olly On 20 September 2012 08:14, Michael Meyer <[email protected]>wrote: > Hello, > > *** Xinhuan Zheng wrote: > > > We use latest OpenVAS tool version 5 to do internal scan in our company. > > However, recently we found that there is one particular apache > > vulnerability not caught by this tool. This vulnerability is documented > in > > this link: > > > > > http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3C2011 > > [email protected]%3E > > > > To make this tool more useful, can openvas community work on this issue > > and add appropriate plugin for this vulnerability? > > this is covered by 'secpod_apache_http_srv_range_header_dos_vuln.nasl'. > > If this NVT doesn't work for you, please let us know your apache version > and what the response of the following request is: > > HEAD / HTTP/1.1 > Host: <hostname> > User-Agent: Apache Range Header Agent > Accept-Encoding: gzip > Range: > > bytes=5-0,5-1,5-2,5-3,5-4,5-5,5-6,5-7,5-8,5-9,5-10,5-11,5-12,5-13,5-14,5-15,5-16,5-17,5-18,5-19,5-20,5-21,5-22,5-23,5-24,5-25,5-26,5-27,5-28,5-29 > Connection: close > > Micha > > -- > Michael Meyer OpenPGP Key: 52A6EFA6 > http://www.greenbone.net/ > Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG > Osnabrück, HR B 202460 > Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > [email protected] > http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > -- Network Support Online Backups Server Management Tel: 0845 307 3443 Web: http://www.g2support.com Twitter: g2support <http://twitter.com/home?status=@g2support> Google+: http://www.g2support.com/plus Facebook: http://www.facebook.com/g2support Mail: Unit H, Hove Technology Centre, Hove, Sussex, BN3 7ES Have you said something nice about us to a friend or colleague ? Let us say thanks. Find out more at www.g2support.com/referral G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE BN3 7LE. Our registered company number is OC316341.
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
