I noticed that 2009/secpod_dangerous_activex_ctrl.nasl does not properly construct its security_message report. It appears to be using a comma instead of “+” to concatenate the detected clsid messages to the message header, giving the following output:
<description>The following CLSID(s) were found on the remote host, which are related to dangerous ActiveX controls:</description>
A sample diff that appears to generate the correct output is:
< security_message(data:"The following CLSID(s) were found on the remote host, which are related to dangerous ActiveX controls:" + actvxInfo);
---
> security_message(data:"The following CLSID(s) were found on the remote host, which are related to dangerous ActiveX controls:", actvxInfo);