I have 2 twin VMs.
ON 17 Jan I have done a scan on VM "A"and the result describes 2 vulnerabilities named
- “PHP Multiple Vulnerabilities - Dec19 (Linux)” and
- “PHP ‘CVE-2018-19935’ - ‘imap_mail’ Denial of Service Vulnerability (Linux)”
2 days ago I have updates my feed
and I have done a scan on VM “B” and magically vulnerabilities are not showed on this VM.
For double check I have done again a scan on VM “A” (with updated feeds) and vulnerabilities disappeared as well.
Checking on plugins, the nasl that do the check is gb_php_imap_mail_dos_vuln_lin.nasl saved in my path “/var/lib/openvas/plugins/2018/php”.
Launching this nasl with openvas_nasl it does nothing; putting some display(“Here”); in tyhe nasl to log something, I noticed that for example the variable port is not set.
Before the update it works, so my question is: anyone have noticed this?
Is there a problem in the new nasl updates?
Have I done some mistakes?
The command I used to launch manually the nasl is:
sudo openvas-nasl -i /var/lib/openvas/plugins/ -t XXX.XXX.XXX.XXX -X -d -s gb_php_imap_mail_dos_vuln_lin.nasl
Check your path, maybe it could be different