Hello, Thanks for reporting. We will fix the issue.
Regards, Antu Sanadi On Wednesday 25 May 2016 07:18 PM, Bruckner, Simone wrote:
Hi all, I am testing “CentOS Update for kernel CESA-2016:0494 centos6” (1.3.6.1.4.1.25623.1.0.882433) and receive false/postives on some systems. I guess isrpmvuln gets the first match for installed packages, but does not consider any order. So when "rpm -qa kernel" comes with e.g. kernel-2.6.32-573.8.1.el6.x86_64 kernel-2.6.32-573.12.1.el6.x86_64 kernel-2.6.32-573.18.1.el6.x86_64 kernel-2.6.32-573.22.1.el6.x86_64 kernel-2.6.32-573.26.1.el6.x86_64 isrpmvuln will take the first one (kernel-2.6.32-573.8.1.el6.x86_64) and report as vulnerable, although a newer version is installed. All the best, Simone _______________________________________________ Openvas-plugins mailing list Openvas-plugins@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
-- Saner Personal A free vulnerability mitigation software. Build strong defense. http://www.secpod.com/saner-personal.html _______________________________________________ Openvas-plugins mailing list Openvas-plugins@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
