This NVT is run as part of the "Full and fast" suite, which, as per my understanding, should not include any destructive tests (e.g. ones that cause crashes on the target server).
However, I am observing 100% reproducibility when running this NVT against my mysql instance, version 5.6.32. Additionally, it appears that the NVT is not expecting the endpoint to crash. As a result, even though the target service crashes, OpenVas does NOT report any vulnerability! I just wanted to see if anyone else observed the same behavior, and if we can update the category on this NVT to prevent unexpected crashes on critical services. Thanks! Dan ½ PGP Key: 0x1EF05BE04E5674F9
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
