[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nessus
Subject:    Re: two scripts generating uninformative messages
From:       Pavel Kankovsky <peak () argo ! troja ! mff ! cuni ! cz>
Date:       2002-01-31 22:30:22
[Download RAW message or body]

On Thu, 31 Jan 2002, Hugo van der Kooij wrote:

> On Thu, 31 Jan 2002, Pavel Kankovsky wrote:
> 
> > ftpglob.nasl:
> > when it cannot verify the vuln but sees a suspicious banner, it announces
> > "We weren't able to login into the ftp server but the banner indicates
> > that you might be running a vulnerable version: [BANNER]" and nothing
> > else
> 
> What do you want added? And how will you obtain that information?
> I think the message is crystal clear and right on target. There is simmply 
> no more information to be obtained.

It does not mention what kind of vulnerability it talks about. I don't
think people are expected to look up scripts by their id and deteremine
what was really tested (on a regular basis). :)


On Thu, 31 Jan 2002, Renaud Deraison wrote:

> These two plugins have already been modified in the CVS tree (a while
> ago) to actually report interesting messages.

Are you sure?

kazaa_morpheus_detect.nasl (CVS version 1.4):
    report = string(desc["english"], "\n\n", buf);
    security_hole(data:buf, port:port);
                       ^^^

OTOH, ftpglob.nasl appears to be fixed. I'd say I checked the CVS
version. Must have been one of those days when I see things that
don't exist and vice versa... :)

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."


[prev in list] [next in list] [prev in thread] [next in thread]