Hello, Chandrashekhar B escribió: > Hello > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Michael > Wiegand > Sent: Friday, May 08, 2009 12:27 PM > To: David Corcuera > Cc: [email protected] > Subject: Re: [Openvas-discuss] Possible false positives with CUPS and MySQL? > > * David Corcuera [ 7. May 2009]: > >>> I am new with OpenVAS and still testing it. So perhaps, i am asking >>> something silly. >>> I've installed OpenVAS from debian package in etch and ran my first scan >>> against an internal host. >>> Results: 4 security holes. >>> Two of them are on mysql and other two on CUPS. >>> My debian etch has mysql 5.0.32-7etch10 and cupsys 1.2.7-4etch7 (last >>> official etch packages) >>> According to OpenVAS report, i should have installed mysql 5.0.66 and >>> cupsys 1.3.10, but my versions also fix all these vulnerabilities. >>> What is wrong with this? Any idea? >>> > > >> I'm not really sure since I'm not a plugin author, but my first guess is >> that the hole was fixed in MySQL 5.0.66, but Debian backported the >> changes to the version they packaged for etch. >> > > >> I assume you are doing a remote scan; the remote scan will probably not >> know that the hole has already been fixed in Debian despite the low >> version number. >> > > >> Plugin authors: Am I right? >> > > Michael, you are right. The plugin would be detecting based on the package > available in the open source but, individual OS vendors would have > backported. So, local checks are a better approach in this case. > > David: Please provide the Plugins that reported security holes, we'll verify > them. > > Thanks, > Chandra. > > > Yes, it was a remote scan. I will try local check. It´s my next step.
Here are the NVTs: "MySQL MyISAM Table Privileges Secuity Bypass Vulnerability" (1.3.6.1.4.1.25623.1.0.100156) "MySQL Empty Bit-String Literal Denial of Service Vulnerability" (1.3.6.1.4.1.25623.1.0.900221) "CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability" (1.3.6.1.4.1.25623.1.0.100150) "CUPS Multiple Vulnerabilities - Oct08" (1.3.6.1.4.1.25623.1.0.800111) Thanks for the help. dav _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
