Hello everyone, I did a Full & Fast scan of our server which is running Apache and PHP 5.3.3, but OpenVAS (v8) couldn't detect that there was a PHP installed and didn't report any vulnerabilities (afaik there are several vulnerabilities in PHP 5.3.3).
I'm not sure how the php detection works, but I tried telnet and "GET / HTTP/1.0" and I noticed, that the returned header doesn't contain PHP version unless I do "GET /appfolder/ HTTP/1.0", could this be the reason why OpenVAS doesn't detect PHP on this server? If so, is there any way to tell it to try a specific path when doing PHP related tests? Thank you for any help. Best Regards, Jiri K. _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
