This issue has been resolved (msrpc_dcom.nasl). Please test and let us if there are any issues. Chandan Message: 2 Date: Fri, 24 Apr 2009 13:26:00 +0000 From: [email protected] Subject: Re: [Openvas-plugins] OpenVAS plugin 11808 Question Follow-up To: Chandrashekhar B <[email protected]>, Jan-Oliver Wagner <[email protected]>, [email protected], [email protected] Message-ID: <[email protected]> Content-Type: text/plain; charset="iso-8859-1" Fantastic! Keep me posted and let me know how/if I can lend a hand. -Kevin On Apr 24, 2009 5:40am, Chandrashekhar B <[email protected]> wrote:
> > We saw the same issue reporting in one of our scan. We'll resolve this. > > > Chandra. > > > -----Original Message----- > > > From: [email protected] > > > [mailto:[email protected]] On Behalf Of > > Jan-Oliver > > > Wagner > > > Sent: Friday, April 24, 2009 2:53 AM > > > To: [email protected] > > > Cc: [email protected] > > > Subject: Re: [Openvas-plugins] OpenVAS plugin 11808 Question Follow-up > > > Hello all, > > > anyone feels like digging into this issue reported by Kevin? > > > Best > > > Jan > > > On Thursday 23 April 2009 00:07:35 you wrote: > >> > > I found a response from you on the openvas-plugins mailing list archive >> >> > > regarding this plugin and was hoping to work with you to find the >> > > answer. > >> > > >> >> > > Here is a link to that message: >> >> > > http://marc.info/?l=openvas-plugins&m=121084160209010&w=2 >> >> > > >> >> > > In your response you mentioned a possible explanation. The >> > > msrpc_dcom2.nasl > >> > > script had to be removed from openVAS and thus a dependency for the >> >> > > msrpc_dcom.nasl script is missing. You then stated you might be able to >> >> > > reproduce the problem but didn't have that service running on your XPSP2 >> >> > > system. Here's where I can help. Just this morning while testing OpenVAS >> >> > > for the first time it reported the existence of this vulnerability on a >> >> > > computer I use. However I have verified the patch for the vulnerability >> > > and > >> > > tested that computer with another scanner which reported that the >> > > computer > >> > > is indeed not vulnerable. I can re-create the scenario as needed and >> > > offer > >> > > whatever help to debug or trace the issue. As this particular >> > > vulnerability > >> > > was associated with a widely known worm, I think it is very important >> > > for > >> > > OpenVAS to be accurate. I have an affinity for the efforts on this >> > > project > >> > > and may even lend my security and coding expertise in the future. >> > > -- > > > Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ > > > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B > > 18998 > > > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > > > _______________________________________________ > > > Openvas-plugins mailing list > > > [email protected] > > > http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-plugins/attachments/20090424/dfd345e3/attachment.html ------------------------------ Message: 3 Date: Fri, 24 Apr 2009 15:22:39 +0000 From: [email protected] Subject: Re: [Openvas-plugins] OpenVAS plugin 11808 Question Follow-up To: Chandrashekhar B <[email protected]>, [email protected], Jan-Oliver Wagner <[email protected]>, [email protected] Message-ID: <[email protected]> Content-Type: text/plain; charset="iso-8859-1" Ok, It will be later today or maybe Monday, but I will check it and respond. Do you have a specific version for me to check out? Or is it packaged? Kevin On Apr 24, 2009 9:24am, Chandrashekhar B <[email protected]> wrote: > > Committed now, please check it and let me know if you still find the > > issue. > > > Chandra. > > > ________________________________________ > > > From: [email protected] [mailto:[email protected]] > > > Sent: Friday, April 24, 2009 6:56 PM > > > To: Chandrashekhar B; Jan-Oliver Wagner; > > > [email protected]; [email protected] > > > Subject: Re: RE: [Openvas-plugins] OpenVAS plugin 11808 Question Follow-up > > > Fantastic! Keep me posted and let me know how/if I can lend a hand. > > > -Kevin > > > On Apr 24, 2009 5:40am, Chandrashekhar B [email protected]> wrote: > >> > > We saw the same issue reporting in one of our scan. We'll resolve this. >> >> > > >> >> > > >> >> > > >> >> > > Chandra. >> >> > > >> >> > > >> >> > > >> >> > > -----Original Message----- >> >> > > >> >> > > From: [email protected] >> >> > > >> >> > > [mailto:[email protected]] On Behalf Of >> > > Jan-Oliver > >> > > >> >> > > Wagner >> >> > > >> >> > > Sent: Friday, April 24, 2009 2:53 AM >> >> > > >> >> > > To: [email protected] >> >> > > >> >> > > Cc: [email protected] >> >> > > >> >> > > Subject: Re: [Openvas-plugins] OpenVAS plugin 11808 Question Follow-up >> >> > > >> >> > > >> >> > > >> >> > > Hello all, >> >> > > >> >> > > >> >> > > >> >> > > anyone feels like digging into this issue reported by Kevin? >> >> > > >> >> > > >> >> > > >> >> > > Best >> >> > > >> >> > > >> >> > > >> >> > > Jan >> >> > > >> >> > > >> >> > > >> >> > > On Thursday 23 April 2009 00:07:35 you wrote: >> >> > > >> >>> > > > I found a response from you on the openvas-plugins mailing list >>> > > archive > >> > > >> >>> > > > regarding this plugin and was hoping to work with you to find the >>> > > answer. > >> > > >> >>> > > > >>> >> > > >> >>> > > > Here is a link to that message: >>> >> > > >> >>> > > > http://marc.info/?l=openvas-plugins&m=121084160209010&w=2 >>> >> > > >> >>> > > > >>> >> > > >> >>> > > > In your response you mentioned a possible explanation. The >>> >> > > >> >> > > msrpc_dcom2.nasl >> >> > > >> >>> > > > script had to be removed from openVAS and thus a dependency for the >>> >> > > >> >>> > > > msrpc_dcom.nasl script is missing. You then stated you might be able >>> > > to > >> > > >> >>> > > > reproduce the problem but didn't have that service running on your >>> > > XPSP2 > >> > > >> >>> > > > system. Here's where I can help. Just this morning while testing >>> > > OpenVAS > >> > > >> >>> > > > for the first time it reported the existence of this vulnerability on >>> > > > >>> > > a > >> > > >> >>> > > > computer I use. However I have verified the patch for the >>> > > vulnerability > >> > > >> >> > > and >> >> > > >> >>> > > > tested that computer with another scanner which reported that the >>> > > computer > >> > > >> >>> > > > is indeed not vulnerable. I can re-create the scenario as needed and >>> > > offer > >> > > >> >>> > > > whatever help to debug or trace the issue. As this particular >>> >> > > >> >> > > vulnerability >> >> > > >> >>> > > > was associated with a widely known worm, I think it is very important >>> > > for > >> > > >> >>> > > > OpenVAS to be accurate. I have an affinity for the efforts on this >>> > > project > >> > > >> >>> > > > and may even lend my security and coding expertise in the future. >>> >> > > >> >> > > >> >> > > >> >> > > -- >> >> > > >> >> > > Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ >> >> > > >> >> > > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B >> > > 18998 > >> > > >> >> > > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner >> >> > > >> >> > > _______________________________________________ >> >> > > >> >> > > Openvas-plugins mailing list >> >> > > >> >> > > [email protected] >> >> > > >> >> > > http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins >> >> > > >> >> > > >> >> > > >> -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-plugins/attachments/20090424/6f4fbba5/attachment-0001.html ------------------------------ _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins End of Openvas-plugins Digest, Vol 17, Issue 16 *********************************************** _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
