Hi OpenVas support, Does OpenVas has plugins to detect openvswitch, qemu-kvm vulnerabilities for RHEL 7.0? When executed a scan using Nessus and OpenVas, I could observed less overlap between their findings. The major difference I could figured out that Nessus has detected openvSwitch & qemu-kvm vulnerabilities and the reason why these vulnerabilities are not detected by OpenVas is because nonexistent of the plugins in OpenVas for RHEL.
For example, CVE-2017-9263 is detected for RHEL by Nessus but the RHEL plugin for this CVE doesn't exist in OpenVas though OpenVas has plugin for Fedora, below is the link for reference: http://plugins.openvas.org/nasl.php?oid=873506 Other major vulnerabilities undetected by OpenVas are: * RHEL7: qemu-kvm-rhev (RHSA-2017:2418) * RHEL7: qemu-kvm-rhev (RHSA-2017:2390) * RHEL7: qemu-kvm-rhev (RHSA-2017:2392) * RHEL7: qemu-kvm-rhev (RHSA-2017:2628) Could you please let us know the reason why these plugins are not available for RHEL or any future plan to support the same. Thanks, Nitin "DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
