Hi Veerendra, I found this NVT in my scan config. The strange thing is it didn't detect our web server this vulnerability. Our web server is using apache 1.3.42. It is detected by another scanning tool but not by OpenVAS.
Thanks, - xinhuan On 9/20/12 8:15 AM, "Veerendra Ganiger" <[email protected]> wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Hello Xinhuan, > >We already have the NVT for that >secpod_apache_http_srv_range_header_dos_vuln.nasl. > > >Thanks! >Veerendra > >On Wednesday 19 September 2012 09:38 PM, Xinhuan Zheng wrote: >> Hi, >> >> We use latest OpenVAS tool version 5 to do internal scan in our company. >> However, recently we found that there is one particular apache >> vulnerability not caught by this tool. This vulnerability is documented >>in >> this link: >> >> >>http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3C20 >>11 >> [email protected]%3E >> >> To make this tool more useful, can openvas community work on this issue >> and add appropriate plugin for this vulnerability? >> >> Thanks, >> Xinhuan Zheng >> >> _______________________________________________ >> Openvas-discuss mailing list >> [email protected] >> >>http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >> >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.4.10 (GNU/Linux) >Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ > >iQEcBAEBAgAGBQJQWwj2AAoJEFdbOg70fJia7XkH/3Yz5UQeJQhGE+ZIX01WT8rf >/CWTJd4/LhxtsGY3QCtgorjhc/LU1szY8+Vovw9K4z84VgXzaXH7dfGrplnGEg/a >wMdXlfsihg4U8DE+LERkEGDGt6haJZznXaZ8Di536xuU1EL1Fdho7tbph/GW7D00 >agjs9lRf3ZKwuynMHt9sefkv98Cn6QfulTcqW4eoQaFYutJEpRj9kUzvvJXJAWd7 >IfcUi18pRcDreeNlx2eLhAjr23uh9zQZUXVeMjRpSic6XXlWJq5CDYVygHhzejlq >cADIXS/MmFRiK8reAVRLaReOD24x57Zn6ve4CkmMmbupEXtenm4r47DgbXtu6cU= >=Desq >-----END PGP SIGNATURE----- _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
