RE: Internet Scanner vs Nessus based on CVE hits

Tue, 20 Aug 2002 09:24:50 -0700 

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 20, 2002 11:23 AM
> To: [EMAIL PROTECTED]
> Subject: Internet Scanner vs Nessus based on CVE hits
> 
> 
> ISS is claiming to have attack signatures that cover 95% of 
> the high risk
> CVE's while they also claim that nessus only cover less than 
> 10% of the
> high risk CVE's.  I have been very happy with Nessus' 
> flexibility and would
> like some information on this claim.  Has anyone on this list 
> heard this
> before?  Are these results accurate, skewed, etc?  I would 
> like an opinion
> from the Nessus user community.

At best, I'd say their info is out of date:

[root@localhost plugins]# grep 1999-0176 *
webgais.nasl: script_cve_id("CVE-1999-0176");
[root@localhost plugins]# grep 1999-0006    *
qpopper.nasl: script_cve_id("CVE-1999-0006");
[root@localhost plugins]# grep 1999-0178   *
WebSite.nasl: script_cve_id("CVE-1999-0178");
[root@localhost plugins]# grep 1999-0262    *
faxsurvey.nasl: script_cve_id("CVE-1999-0262");
[root@localhost plugins]# grep 2000-1077   *
iws_shtml.nasl: script_cve_id("CVE-2000-1077");
[root@localhost plugins]# grep 1999-0002   *
[root@localhost plugins]# grep 1999-0003   *
rpc_tooltalk.nasl: script_cve_id("CVE-1999-0003");
[root@localhost plugins]# grep 1999-0005   *
imail_imapd_overflow.nasl: script_cve_id("CVE-1999-0005");
imap_overflow.nasl: script_cve_id("CVE-1999-0005");
[root@localhost plugins]# grep 1999-0021   *
count_cgi.nasl: script_cve_id("CVE-1999-0021");
[root@localhost plugins]# grep 1999-0042   *
uw_imap_overflow.nasl: script_cve_id("CVE-1999-0042");
[root@localhost plugins]# grep 1999-0047   *
sendmail_mime_overflow2.nasl:script_cve_id("CVE-1999-0047");
[root@localhost plugins]# grep 1999-0080   *
ftp_site_exec.nasl: script_cve_id("CVE-1999-0080");
[root@localhost plugins]# grep 1999-0083   *
[root@localhost plugins]# grep 1999-0088   *
[root@localhost plugins]# grep 1999-0095   *
sendmail_debug.nasl: script_cve_id("CVE-1999-0095");
[root@localhost plugins]# grep 1999-0102   *
[root@localhost plugins]# grep 1999-0149   *
wrap.nasl: script_cve_id("CVE-1999-0149");

Those are just the first page of CVE's that were supposedly not covered by
Nessus.  I'm using 1.2.4 with plugins updated 6:00AM CDT this morning.

Owen Crow
Systems Programmer (Unix)
BMC Software, Inc.
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.

Reply via email to