Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: New VA Modules: OpenVAS: 63, MSF: 1, Nessus: 18
From: Fyodor <fyodor () insecure org>
Date: Mon, 24 Jan 2011 13:21:37 -0800

On Mon, Jan 24, 2011 at 10:04:14AM -0800, New VA Module Alert Service wrote:

== Nessus plugins (18) ==

51662 suse_nmap-7206.nasl
http://nessus.org/plugins/index.php?view=single&id=51662
SuSE Security Update: Security update for nmap (nmap-7206)

Just as a heads up, this was a mistake and the Nessus folks have
withdrawn the plugin.  To their credit, they discovered the problem
and removed the plugin before I even noticed it.

Some years ago, there was a vulnerability in LibPCRE.  Nmap (for
intentional security reasons) doesn't use LibPCRE in a way that was
vulnerable, but I guess SuSE just did an advisory for all of their
packages which link to LibPCRE.  We talked to SuSE, and they said they
would revoke the Nmap advisory.  And I believe Nessus took out their
plugin which checked for the SuSE patch.

Anyway, I guess someone (maybe an automated process) must have added
it back to Nessus yesterday, but they have already fixed the problem.
Good for them!

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]