Hi, some more updates to this:
> It seems Nessus reported vulnerable servers where the OpenVAS NVT, the > test scripts and the Metasploit module shows a not vulnerable server. It seems that this is connected to the used TLS version (1.0, 1.1 and 1.2). Both test scripts and OpenVAS are not detecting the vulnerable server where Nessus and now also Metasploit (when testing all three TLS versions) are detecting a vulnerable server. The OpenVAS NVT got some updates yesterday which now tests all three TLS versions if i understand this commit correctly: http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-April/000357.html As soon as those updates hits the feed i will do some further tests. _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
