Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: http-userdir-enum script name
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Tue, 12 Jun 2012 14:50:35 +0300

Sounds sensible. Could we support some kind of alias names? They do
not need to be functional. It may be enough to create an entry with
name http-vuln-cve2001-1013 in nsedoc with the text "see
http-userdir-enum".

On Mon, Jun 11, 2012 at 11:19 PM, David Fifield <david () bamsoftware com> wrote:
On Mon, Jun 11, 2012 at 02:03:43PM +0300, Toni Ruottu wrote:
  People,

I almost filed http-vuln-cve2001-1013 to the script idea page, but
then I noticed that it already exists under name http-userdir-enum.
See http://nmap.org/nsedoc/scripts/http-userdir-enum.html Is there a
reason why some vulnerability scripts are named after a cve while
others are named by the task they perform?

I had the impression that we used the vuln-cve names when we couldn't
think of a more meaningful name. This is sort of a different case,
because it is doign user name enumeration, and happens to be using this
vulnerability to do it.

I agree that the script should use the vulns library to store
information in any case.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]