Hi,
Is it CVE-2014-6271 detection available now?
yes since yesterday:
http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-September/000693.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
Ah, forgot to mention. There are way more attack possibilities which are
collected in:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
Am 26.09.2014 um 09:09 schrieb Chris fisch@gmx.de:
Is it CVE-2014-6271 detection available now?
yes since yesterday:
http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-September/000693.html
Does it really work? If I let it run against a webserver:
openvas-nasl -d
Hi all,
After running all synchronisations, am still don't have the shellshock
detection, any hints as to what could be wrong with my system?
Regards,
Christiaan de Vries
w: +353 1 526 7736 | m: +353 860 234 384 | e: christiaan.devries @hetg.ie |
www.DigitalPlanet.ie | www.hetg.ie
HIBERNIA
Am 26.09.2014 um 11:49 schrieb Christiaan DeVries christiaan.devr...@hetg.ie:
After running all synchronisations, am still don't have the shellshock
detection, any hints as to what could be wrong with my system?
Same here. I grabbed it directly from
It should be available at Web application abuses and cgi scanning needs to be
enabled.
Also check the older heartbleed mailing list thread for some hints when missing
a NVT.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
Am 26.09.2014 um 11:44 schrieb Rainer Sokoll open...@sokoll.com:
Am 26.09.2014 um 09:09 schrieb Chris fisch@gmx.de:
Is it CVE-2014-6271 detection available now?
yes since yesterday:
http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-September/000693.html
Hi Rainer,
What exactly do you mean by the NVT needs a script to test? Basically, I'm
trying to come up with a way I can (mass) scan our networks but as I'm quite
new to OpenVAS I feel I'm missing something here.
When I run the check, I get the following output:
[root@openvas openvas]#
Hi,
as far as i can see the default:
/test-cgi
needs to be in your cgi folder for a successful running test with this NVT.
On 26. September 2014 14:05:22 MESZ, Christiaan DeVries
christiaan.devr...@hetg.ie wrote:
Hi Rainer,
What exactly do you mean by the NVT needs a script to test?
*** Christiaan DeVries wrote:
What exactly do you mean by the NVT needs a script to test?
Basically, I'm trying to come up with a way I can (mass) scan our
networks but as I'm quite new to OpenVAS I feel I'm missing
something here.
When I run the check, I get the following output:
Am 26.09.2014 um 14:05 schrieb Christiaan DeVries christiaan.devr...@hetg.ie:
I’m new as well, so take all cum grano salis ;-)
What exactly do you mean by the NVT needs a script to test? Basically, I'm
trying to come up with a way I can (mass) scan our networks but as I'm quite
new to
Hi
Is there any way we can run a test like the example
[root@openvas openvas]# openvas-nasl -d -t 172.26.128.0/24 -X -T out
/var/lib/openvas/plugins/gb_bash_shellshock_remote_cmd_exec_vuln.nasl
set key www/80/keepalive - yes
But have it use credentials and actually run a bash shell
Hey,
what does the report say when you are using only UDP? It could be that the
server isn’t answering on the UDP ports, so the scan thinks the host is down.
You can try some different options for the NVT „Ping Host“ in the family „Port
Scanner“.
If you are scanning both, UDP and TCP, it can
Hello,
Today I am trying to get the latest bash shellshock vulnerability plugin
via openvas rsync feed but I don¹t see it in my system.
# ls -l *bash*
-rw-r--r-- 1 root root 2579 Nov 14 2013 account_bash.nasl
-rw-r--r-- 1 root root 198 Nov 14 2013 account_bash.nasl.asc
-rw-r--r-- 1 root root
Am 26.09.2014 um 16:34 schrieb Xinhuan Zheng xzh...@christianbook.com:
Today I am trying to get the latest bash shellshock vulnerability plugin
via openvas rsync feed but I don¹t see it in my system.
[…]
I ran /usr/local/scripts/openvas-nvt-sync.sh. How do I get this plugin?
By reading
15 matches
Mail list logo