Here is the link to the previous discussion... http://lists.wald.intevation.org/pipermail/openvas-plugins/2008-October/0001 85.html
If you add a security_note() it appears in a separate report. Instead we could add a statement with the description, "This may be a False Positive...". Chandra. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Michael Meyer Sent: Friday, May 08, 2009 5:00 PM To: [email protected] Subject: Re: [Openvas-discuss] Possible false positives with CUPS and MySQL? *** Chandrashekhar B <[email protected]> wrote: > We had discussed this sometimes back about remote checks for the > open source based packages since each Linux vendor will have their > own version management. It was decided that we'll wait for each > vendor to release the respective security advisory and develop only > local checks based on that. I do not agree with that. Only develop local checks for such security problems is IMHO not the best way. We don't know how many users have ever configured local checks. A lot of users will perhaps only do remote checks. We shouln't ignore such users. I think it is better to have a few "false positives" (of course we have to tell the user that this could be a false positive because we only check the banner) than not detecting some security problems. > However, for some important package vulnerabilities, we could go ahead and > produce the check based on the open source package version and then add a > note as suggested here. Which are the "important" packages? Who define which packages are "important" and which are not? ;-) We should come to an agreement about the note we would add to the report. All plugin-developer should then use this text in their plugins. Micha _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
