That forum convo says the Nessus one has reported considerable false positives.
If you are testing with 4 different scripts (openvas, nessus, metasploit, and ssltest.py) and only nessus is saying it is vulnerable, isn't that a 75% chance it is false positive? Do you believe it is vulnerable? Have you patched and nessus still claims it is vuln? On Wed, Apr 9, 2014 at 12:20 PM, Chris <[email protected]> wrote: > Hi, > i have seen grave differences between the OpenVAS NVT, some test > scripts, the Metasploit module and the Nessus plugin and have posted > them at the Nessus discussion forums: > > https://discussions.nessus.org/message/25363#25363 > > It seems Nessus reported vulnerable servers where the OpenVAS NVT, the > test scripts and the Metasploit module shows a not vulnerable server. > > Anyone have some time to do some tests about this? > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
