[prev in list] [next in list] [prev in thread] [next in thread]
List: openvas-discuss
Subject: Re: [Openvas-discuss] CVE-2017-5638
From: "Ebert, Christian" <Christian.Ebert () qsc ! de>
Date: 2017-03-17 14:31:16
Message-ID: C5205DC44C97FA48B566C193FC0B2BFE6508A9E2 () QSCDEMXP01a ! ONE4ALL ! LAN
[Download RAW message or body]
Hello,
thanks for the hint.
But I can't find the file in my NVT directory. The NVT sync says: feed is c=
urrent.
And the newest NVTs are dated March, 6th.
What's going wrong?
Best regards
Christian Ebert
Chief Security Analyst, CISM, T.I.S.P.
Head of Penetration Testing
QSC AG
Mathias-Br=FCggen-Stra=DFe 55
50829 K=F6ln
T +49 221 669-8950
F +49 221 669-85950
M +49 163 6698950
Christian.Ebert@qsc.de<mailto:Christian.Ebert@qsc.de>
http://www.qsc.de
Besuchen Sie unsere Blogs:
Corporate Blog unter http://blog.qsc.de<http://blog.qsc.de/>
Themen-Blog zur Digitalisierung unter http://digitales-wirtschaftswunder.de=
<http://digitales-wirtschaftswunder.de/>
Bitte finden Sie hier die handelsrechtlichen Pflichtangaben:
http://www.qsc.de/pflichtangaben
Von: Antu Sanadi [mailto:santu@secpod.com]
Gesendet: Freitag, 17. M=E4rz 2017 13:05
An: Ebert, Christian <Christian.Ebert@qsc.de>; openvas-discuss@wald.intevat=
ion.org
Betreff: Re: [Openvas-discuss] CVE-2017-5638
Hi,
Already NVT (gb_apache_struts_CVE_2017_5638.nasl) is available is OpenVAS =
feed.
It should detect the mentioned CVE vulnerability .
Thanks
Antu Sanadi
On Wednesday 15 March 2017 09:49 PM, Ebert, Christian wrote:
Hi everyone,
is there any possibility to use OpenVAS to check against the Apache Struts2=
vulnerability CVE-2017-5638?
There is an NMAP NSE: https://nmap.org/nsedoc/scripts/http-vuln-cve2017-56=
38.html
Does anybody have experience with this NSE? Is it reliable?
Best regards
Christian Ebert
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org<mailto:Openvas-discuss@wald.intevation.=
org>
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"Trebuchet MS";
panose-1:2 11 6 3 2 2 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;
mso-fareast-language:EN-US;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Vorformatiert Zchn";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;
mso-fareast-language:DE;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;
mso-fareast-language:DE;}
span.E-MailFormatvorlage19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.HTMLVorformatiertZchn
{mso-style-name:"HTML Vorformatiert Zchn";
mso-style-priority:99;
mso-style-link:"HTML Vorformatiert";
font-family:Consolas;
color:black;
mso-fareast-language:EN-US;}
span.E-MailFormatvorlage22
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor="white" lang="DE" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Hello,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">thanks for the \
hint.<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="color:#1F497D"><o:p> </o:p></span></p> <p class="MsoNormal"><span \
style="color:#1F497D">But I can’t find the file in my NVT directory. The NVT \
sync says: feed is current. <o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">And the newest NVTs are dated March, \
6th.<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="color:#1F497D"><o:p> </o:p></span></p> <p class="MsoNormal"><span \
style="color:#1F497D">What’s going wrong?<o:p></o:p></span></p> <p \
class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p> <p \
class="MsoNormal"><span style="color:#1F497D">Best regards<o:p></o:p></span></p> <p \
class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p> <div>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">Christian \
Ebert<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">Chief Security Analyst, \
CISM, T.I.S.P.<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">Head of Penetration \
Testing<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">QSC \
AG<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">Mathias-Brüggen-Straße \
55<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">50829 \
Köln<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">T \
+49 221 669-8950<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">F \
+49 221 669-85950<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">M \
+49 163 6698950<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE"><a \
href="mailto:Christian.Ebert@qsc.de"><span \
style="color:blue">Christian.Ebert@qsc.de</span></a><o:p></o:p></span></p> <p \
class="MsoNormal"><span style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE"><a \
href="http://www.qsc.de"><span \
style="color:blue">http://www.qsc.de</span></a> <o:p></o:p></span></p> <p \
class="MsoNormal"><span style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">Besuchen Sie unsere \
Blogs:<br> Corporate Blog unter <u><a href="http://blog.qsc.de/"><span \
style="color:blue">http://blog.qsc.de</span></a></u> <br> Themen-Blog zur \
Digitalisierung unter <u><a href="http://digitales-wirtschaftswunder.de/"><span \
style="color:blue">http://digitales-wirtschaftswunder.de</span></a></u><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE">Bitte finden Sie hier die \
handelsrechtlichen Pflichtangaben:<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Trebuchet \
MS",sans-serif;color:#1F497D;mso-fareast-language:DE"><a \
href="http://www.qsc.de/pflichtangaben"><span \
style="color:blue">http://www.qsc.de/pflichtangaben</span></a><o:p></o:p></span></p> \
</div> <p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span \
style="color:windowtext;mso-fareast-language:DE">Von:</span></b><span \
style="color:windowtext;mso-fareast-language:DE"> Antu Sanadi \
[mailto:santu@secpod.com] <br>
<b>Gesendet:</b> Freitag, 17. März 2017 13:05<br>
<b>An:</b> Ebert, Christian <Christian.Ebert@qsc.de>; \
openvas-discuss@wald.intevation.org<br> <b>Betreff:</b> Re: [Openvas-discuss] \
CVE-2017-5638<o:p></o:p></span></p> </div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p>Hi,<span style="font-size:12.0pt;mso-fareast-language:DE"><o:p></o:p></span></p>
<p>Already NVT (gb_apache_struts_CVE_2017_5638.nasl) is available is OpenVAS \
feed.<br> It should detect the mentioned CVE vulnerability .<o:p></o:p></p>
<p>Thanks<br>
Antu Sanadi<o:p></o:p></p>
<div>
<p class="MsoNormal">On Wednesday 15 March 2017 09:49 PM, Ebert, Christian \
wrote:<o:p></o:p></p> </div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal">Hi everyone,<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">is there any possibility to use OpenVAS to check against the \
Apache Struts2 vulnerability CVE-2017-5638?<o:p></o:p></p> <p \
class="MsoNormal"> <o:p></o:p></p> <p class="MsoNormal">There is an NMAP NSE: \
<a href="https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html">https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html</a><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Does anybody have experience with this NSE? Is it \
reliable?<o:p></o:p></p> <p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Best regards<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Christian Ebert<o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New \
Roman",serif;mso-fareast-language:DE"><br> <br>
<br>
<o:p></o:p></span></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>Openvas-discuss mailing list<o:p></o:p></pre>
<pre><a href="mailto:Openvas-discuss@wald.intevation.org">Openvas-discuss@wald.intevation.org</a><o:p></o:p></pre>
<pre><a href="https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-disc \
uss">https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New \
Roman",serif;mso-fareast-language:DE"><o:p> </o:p></span></p> </div>
</body>
</html>
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
--===============0776368715==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic