Security Review: openVAS

For more information:
from the bug logs:
There seems to me a consistant misuse of autoconf “localstatedir” variable. It is traditionally seen that localstatedir be $prefix/var if not supplied. In the following example from there are two issues. One being that if $localstate dir was $prefix/var then this would create $prefix/var/lib/nesuss. And the second being that is broken. If in this case the auth type is “pass” and MD5 is not present, it will make an auth password in an entirely different tree then if it did have MD5

Plug in count seems low or maybe I’m reading this wrong. Check out the nikto plugin.

The SSH DSA fingerprint is: 08:e9:69:cb:d6:42:9f:24:7d:40:de:12:ee:9e:92:23. The SSH RSA fingerprint is: 48:5f:a5:1c:7e:1c:b4:ef:53:b9:08:49:2d:c0:cb:1b.

Post a Comment

You must be logged in to post a comment.