[prev in list] [next in list] [prev in thread] [next in thread]
List: openvas-plugins
Subject: Re: [Openvas-plugins] OpenVAS plugin for ldap
From: "Chandrashekhar B" <bchandra () secpod ! com>
Date: 2009-03-20 7:13:24
Message-ID: BF78FA6C71244B018F5041DA849BFC73 () bchandra
[Download RAW message or body]
We have updated ldapsearch.nasl to fix the false reporting and also
downgraded the severity. General response might change according to the ldap
server used, any testing feedback is appreciated.
Thanks,
Chandra.
-----Original Message-----
From: openvas-plugins-bounces@wald.intevation.org
[mailto:openvas-plugins-bounces@wald.intevation.org] On Behalf Of Michael
Meyer
Sent: Monday, March 16, 2009 8:51 PM
To: openvas-plugins@wald.intevation.org
Subject: Re: [Openvas-plugins] OpenVAS plugin for ldap
*** Jan-Oliver Wagner <jan-oliver.wagner@intevation.de> wrote:
> On Freitag, 13. März 2009, Michael Meyer wrote:
> > *** Jan-Oliver Wagner <jan-oliver.wagner@intevation.de> wrote:
> > > The script is not deocumented in the way that it
> > > explains why it is an Security Hole.
> > > The text says, it shows the information that can be pulled from the
ldap,
> > > but in fact it is truncated and only the first couple of bytes are
shown in the
> > > report.
> > >
> > > Any LDAP experts around? ;-)
> >
> > http://markmail.org/message/ry5kkd6mrpzgzj42
> > http://www.openldap.org/lists/openldap-software/200605/msg00191.html
> > http://kuerzer.de/hf3OS3QpP
> > http://kuerzer.de/gR18v5O9j
> > http://www.mail-archive.com/nessus@list.nessus.org/msg17819.html
>
> seems we should downgrade the severity of this finding ?
IMHO, yes.
Moreover, this plugin should be revised that it produces fewer
false positives. Currently, the plugin only determine if there is
*any* output from ldapsearch. If so, the plugin reports a security
problem. Also if there came messages like "Could not Connect".
Micha
_______________________________________________
Openvas-plugins mailing list
Openvas-plugins@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
_______________________________________________
Openvas-plugins mailing list
Openvas-plugins@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic