mailing list archives
Re: New VA Modules: OpenVAS: 63, MSF: 1, Nessus: 18
From: Fyodor <fyodor () insecure org>
Date: Mon, 24 Jan 2011 13:21:37 -0800
On Mon, Jan 24, 2011 at 10:04:14AM -0800, New VA Module Alert Service wrote:
== Nessus plugins (18) ==
SuSE Security Update: Security update for nmap (nmap-7206)
Just as a heads up, this was a mistake and the Nessus folks have
withdrawn the plugin. To their credit, they discovered the problem
and removed the plugin before I even noticed it.
Some years ago, there was a vulnerability in LibPCRE. Nmap (for
intentional security reasons) doesn't use LibPCRE in a way that was
vulnerable, but I guess SuSE just did an advisory for all of their
packages which link to LibPCRE. We talked to SuSE, and they said they
would revoke the Nmap advisory. And I believe Nessus took out their
plugin which checked for the SuSE patch.
Anyway, I guess someone (maybe an automated process) must have added
it back to Nessus yesterday, but they have already fixed the problem.
Good for them!
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/