Hi, On 04.06.2018 16:02, Uğur ÇİL wrote: > Thank you very much. I have been dealing with this issue for a long time. > Is there any reference document for this kind of tricky points. I mean, if > didn't explain 'ver' argument I would never understand that it should be > fixed version number.. > > Thanks again..
there is no real documentation about things like this available. It might change in the future but for now mostly the following: > The best start is to learn from existing NASL scripts. from http://openvas.org/nvt-dev.html#how_to_start applies here. Regards, > On Sun, Jun 3, 2018 at 3:54 PM, Christian Fischer < > christian.fisc...@greenbone.net> wrote: > >> Hi, >> >> On 29.05.2018 14:13, Uğur ÇİL wrote: >>> That server includes *"openjdk-7-jre:amd64 >>> 7u171-2.6.13-1~deb8u1 amd64 OpenJDK Java >> >> *snip* >> >>> if ((res = isdpkgvuln(pkg:"openjdk-7-jre", >>> ver:"7u171-2.6.13-1~deb8u1", rls_regex:"DEB8\.[0-9]+", remove_arch:TRUE >> >> the "ver" argument of the isdpkgvuln() function takes the version of the >> package containing a fix for the specific vulnerability. >> >> If you have version 7u171-2.6.13-1~deb8u1 of openjdk-7-jre installed at >> the target then it is expected that no vulnerability is showing up with >> your current NVT. >> >> As the https://security-tracker.debian.org/tracker/CVE-2018-2814 seems >> to be "unfixed" in Debian 8/Jessie you need to assume a higher version >> like 7u171-2.6.13-1~deb8u2 in isdpkgvuln until a fixed package is >> available. >> >> Regards, >> >> -- >> >> Christian Fischer | PGP Key: 0x54F3CE5B76C597AD >> Greenbone Networks GmbH | http://greenbone.net >> Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 >> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner >> > -- Christian Fischer | PGP Key: 0x54F3CE5B76C597AD Greenbone Networks GmbH | https://www.greenbone.net Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list Openvas-plugins@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
