CVE-2019-0708 plugins


#1

Hi openvas team,
Have you updated this rule recently, remote check?I want to write according to other people’s, but because of the limited level, I can’t write it with nasl.
reference:
https://github.com/zerosum0x0/CVE-2019-0708/blob/master/cve_2019_0708.rb


#2

Hi,

a remote/active VT for this specific RDP vulnerability is currently in the works and should arrive in the feed soon.


#3

okay,understand


#4

Hi,
Haven’t updated yet?


#5

I updated feed on sunday, and find information CVE-2019-0708, but i can’t scan our windows servers and don’t show any vulnerability about CVE-2019-0708 .
I 'm waiting the update. Thanks.


#6

Thanks for your reply.But,where is the information about CVE-2019-0708?


#7

Are you using the community or GSF feed ? It might only come up on the GSF, the GCE does not give you any SLA on timing or availability.

If you look at the SecInfo it´s already part of the GSF:

https://secinfo.greenbone.net/cve/CVE-2019-0708

Last updated: Fri, May 24, 2019 10:29 PM


#8

Sorry, i’ m not openvas team. CVE-2019-0708 can find on Secinfo->CVE and search.


#9

I mean the remote check.


#10

okay,The remote rdp check policy haven’t updated.


#11

Scan Authenticated …


#12

Hi,

I scanned a few Windows hosts which I know are vulnerable to CVE-2019-0708; however, OpenVAS did not detect it.

I ran greenbone-nvt-sync without issues.

Can you assist?
Thank you!


#13

Openvas detection CVE-2019-0708 method is authorized to scan


#14

How can i check it?Thanks.


#15

As already explained twice the VTs covering that specific CVE currently requires an authenticated scan. See the following documentation on how to configure such an authenticated scan:

https://docs.greenbone.net/GSM-Manual/gos-4/en/vulnerabilitymanagement.html#authenticated-scan-using-local-security-checks