Hi, > Does somebody know if OpenVAS already detects the heartbleed OpenSSL bug. > Thanks for any hint!!
see: http://lists.wald.intevation.org/pipermail/openvas-plugins/2014-April/001045.html until the new plugin from this commit: http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-April/000355.html is included in one of the next feed updates. However both scripts are only testing SSL ports at the moment: script_mandatory_keys("Transport/SSL"); AFAIK smtp servers with STARTTLS support are also affected as there are some PoC available like: https://gist.github.com/takeshixx/10107280 _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
