I have seen the plugin, it is not doing error checking before calling to report. Even if the pread or ldapsearch fails, it reports. We don't have LDAP setup right now, if you can give me the error response string for a failed ldapsearch, we could update the plugin.
Thanks, Chandra. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Jan-Oliver Wagner Sent: Friday, March 13, 2009 4:40 PM To: [email protected] Subject: Re: [Openvas-plugins] OpenVAS plugin for ldap Hello Bernd, On Dienstag, 10. März 2009, [email protected] wrote: > Hi Tarik, unfortunately Tarik is not active for OpenVAS since quite a while. > Since your plugin was added to OpenVAS, all the hosts in our network (more > than 700) suddenly show up a security hole for ldap. It should have been part of OpenVAS for a very long time. Actually it should not have happened suddenly. Or did you just executed the first scan with OpenVAS? > here is the output from an html page: >... > I assume "Can't con" means "Cannot connect." The broken string comes from ldapsearch I guess. > If the plugin cannot connect > than there should not be any vulnerability present. Even hosts that are > firewalled and do not allow acces to port 389/tcp and hosts that have port > 389/tcp closed (because an ldap server is not running) show up as having this > ldap vulnerability. > > What am I doing wrong? How can I avoid all these false positives? I would > very much appreciate your help in this matter. We will look into this. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
