Ok, I'm in the process of filling the holes for the CVE vulns that
we should test for, and I have some problems.
Here is the list of the "TOP 20" of the CVE checks that Georges
Dagousset published on nessus@list.nessus.org. There is also the full
"not done by Nessus" CVE list published by Michel Arboi a while ago,
which I don't have the URL at hand. I may have added ~ 20 checks
recently, but this is not always easy, especially when it deals with
flaws that were popular 5 years ago.
> Needs be done :
>
> > 1999-0002 3 ISS SARA QUALYS
> > 1999-0113 2 ISS QUALYS
> > 1999-0186 2 ICAT ISS
> > 1999-0204 3 ICAT ISS SARA
All of these have been done.
> > 1999-0299 3 ICAT ISS
This one is a buffer overflow in the way lpd does a DNS resolution. I
have no idea on how this could be tested for apart from saying that port
515 is open. If anyone has a suggestion, let me know.
> > 1999-0722 3 ICAT ISS SARA
I did not find any clear detail on that one. Apparently, SARA checks for
a .htaccess, but I'm not sure.
> > 1999-0493 2 ISS QUALYS
Boring to test for. This flaw allows the execution of a command, without
any argument. Besides "halt" or "reboot", I don't know how we can
determine if it's successful or not (and yes, a patched version of this
daemon replies exactly the same way).
So, a little help would be welcome ;)
-- Renaud
we should test for, and I have some problems.
Here is the list of the "TOP 20" of the CVE checks that Georges
Dagousset published on nessus@list.nessus.org. There is also the full
"not done by Nessus" CVE list published by Michel Arboi a while ago,
which I don't have the URL at hand. I may have added ~ 20 checks
recently, but this is not always easy, especially when it deals with
flaws that were popular 5 years ago.
> Needs be done :
>
> > 1999-0002 3 ISS SARA QUALYS
> > 1999-0113 2 ISS QUALYS
> > 1999-0186 2 ICAT ISS
> > 1999-0204 3 ICAT ISS SARA
All of these have been done.
> > 1999-0299 3 ICAT ISS
This one is a buffer overflow in the way lpd does a DNS resolution. I
have no idea on how this could be tested for apart from saying that port
515 is open. If anyone has a suggestion, let me know.
> > 1999-0722 3 ICAT ISS SARA
I did not find any clear detail on that one. Apparently, SARA checks for
a .htaccess, but I'm not sure.
> > 1999-0493 2 ISS QUALYS
Boring to test for. This flaw allows the execution of a command, without
any argument. Besides "halt" or "reboot", I don't know how we can
determine if it's successful or not (and yes, a patched version of this
daemon replies exactly the same way).
So, a little help would be welcome ;)
-- Renaud