Hi, > Its detect script issue. I am looking at this how to improve the > detect script.
any updates on this? I think the following improvements: 1.) Detect "TYPO3 Login" and "TYPO3 CMS Login" in the <title> of the login page 2.) Get the major version out of the "<meta name="generator" content="TYPO3 4.5" 3.) Get the minor version out of the http://example.com/typo3_src/ChangeLog and use it if its the same or higher than detected in 2.) could really improve the detection rate of vulnerable TYPO3 installations. Especially as most of the existing 51 NVTs are currently only useful if you have an valid login into the TYPO3 backend. Thanks again. _______________________________________________ Openvas-plugins mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
