OpenVAS is identifying all of our iLO cards (HP Lights-Out 100) as having Adobe Reader. The cards are very dumb, and do not even support installing software, let alone something like Adobe Reader. They’re not really even “modern” devices, although we do provide OpenVAS with SSH credentials to them.
They’re hardware version 1.0, firmware version 4.26, and list their description as DL160 G6, if that helps anyone somehow.
We show many medium and high Adobe vulnerabilities on these devices, with obviously bungled “Location” tags, making me think a parsing error has occurred in some CPE lister somewhere.
I know that …800108 is not an oid that carries risk, but I thought its output (two different firings of 800108 in the same scan) might be helpful in diagnosing why this is happening. Its output is below, and the descriptions are given exactly as they appear - mismatched quotes, trailing periods, and all (although indented for this forum):
port: general/tcp oid: 18.104.22.168.4.1.25622.214.171.1240108 qod value: 80 qod type: executable version description: Detected Adobe Reader Version: 7 Location: /bin/sh -c 'LANG=C; LC_ALL=C; find "/" -maxdepth 7 -mindepth 1 \( -path "*/proc" CPE: cpe:/a:adobe:acrobat_reader:7 Concluded from version/product identification result: 7
port: general/tcp oid: 126.96.36.199.4.1.256188.8.131.520108 qod value: 80 qod type: executable version description: Detected Adobe Reader Version: . Location: -o -path "/run" -o -path "/dev" -o -path "/sys" -o -path "/media" -o -path "/tm CPE: cpe:/a:adobe:acrobat_reader:. Concluded from version/product identification result: .
Does anyone have the faintest clue how to address this issue? Thanks in advance!