Thanks for reporting. It is an extra unwanted check, got rid of it now. Please test it again and let me know.
Chandra. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Meyer Sent: Friday, September 26, 2008 4:57 PM To: [email protected] Subject: [Openvas-plugins] secpod_proftpd_cmd_handling_sec_vuln_900133.nasl Hello, today after a 'openvas-nvt-sync' i got the 'secpod_proftpd_cmd_handling_sec_vuln_900133.nasl'. I installed 'Proftp 1.3.0' on my localhost and start a scan. 'FTP Server type and version" (1.3.6.1.4.1.25623.1.0.10092)' found the running Proftp but there is no result from the 'secpod_proftpd_cmd_handling_sec_vuln_900133.nasl' I look into the 'secpod_proftpd_cmd_handling_sec_vuln_900133.nasl' and found this: ,---[ secpod_proftpd_cmd_handling_sec_vuln_900133.nasl | 86 if("Linux" >!< get_kb_item("ssh/login/uname")){ | 87 exit(0); | 88 } `---| So, if i understand it right, a vulnerable Proftpd will only found if i configure a ssh-login for the OpenVAS-Scan so OpenVAs can execute 'uname'. But i will not and can not configure a ssh-login for every host i want to scan. So i think the code above makes no sense. Without this code snippets there is a result from the 'secpod_proftpd_cmd_handling_sec_vuln_900133.nasl' If i remove the three lines, the next 'openvas-nvt-sync' will overide the Plugin. Is there any reason for the 'if("Linux" >!<get_kb_item("ssh/login/uname"))' or is this a bug? Many Greetings Michael _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
