Hello I've found that some plugins produce false positives. If web server, in case of non existing webpage request, is giving a webpage with http code 200 in stead of 404, this will produce false positive for following plugins: 1. trunk/openvas-plugins/scripts/secpod_projectbutler_file_inc_vuln.nasl 2. trunk/openvas-plugins/scripts/secpod_geoserver_mem_corr_vuln.nasl 3. trunk/openvas-plugins/scripts/gb_e107_alternate_profiles_remote_sql_inj_vuln.nasl I'm not sure whether this problem is only connected with 200 code for geoserver, but I've confirmed that it produces also false positive, so maybe there are some problems with regexps.
This information have been send to openvas-plugins mailing list as well as authors of mentioned plugins. Hope this will help to improve plugins. -- Adam Smutnicki Wroclaw Centre for Networking and Supercomputing Wroclaw University of Technology, tel. +48 71 320 20 43 pl. Grunwaldzki 9, D2/101, 50-377 Wroclaw http://www.wcss.wroc.pl _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
