+1 on Confidentiality is Partial. The whole point is an extremely low likelihood of providing information that someone could use to exploit. But THAT is a judgement call we shouldn't be making (it is dependent on the type and quality of s/w running on the remote system).
As such, it is information disclosure that most admins can safely ignore, but it is nevertheless information disclosure, and should be flagged as such. Think using timestamps to differentiate betweeen multiple systems served by load balancing hardware and being able to use the clock error from a accurate clock to make a determination of the size of the load balanced network, without ever seeing the hardware in question. This applies to any protocol that provides clock values (same of HTTP server protocol), and has been shown to be of practical value in identifying customers running said load balanced networks that are otherwise remotely not detectable. Thomas On 30/03/13 09:06 AM, Jan-Oliver Wagner wrote: > Hi, > > I wonder about tcp_timestamps.nasl (1.3.6.1.4.1.25623.1.0.80091): > > It has CVSS=0, but reports security_note. > So, one is wrong. > > According to http://www.openvas.org/nvt-dev.html#scoring_guidelines > does it make sense to apply the rule for Information disclosure vulnerability: > > 1. Confidentiality is Partial(P) or Complete(C) > 2. Integrity is None(N) > 3. Availability is None(N) > > ? > > Or is it more sensible to send a log_message as there as there is only > a very vague vulnerability? > > There are probably other similar NVTs, so any insights and thoughts are > welcome. > > Best > > Jan > _______________________________________________ Openvas-plugins mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
