Hi, > OpenVAS did not find this insecure key on the SSL port and as far as I > can guess from a recursive search on the plugin directory there is no > remote check for this vulnerability:
yes it seems you're right. Instead of grepping through your files you could also check the CVE-Numbers on: http://plugins.openvas.org > * Can somebody give me pointers on how to start to write a plugin for > this (e.g. a similar plugin doing checks on SSH/SSL key fingerprints as > an example? Have a look at the NVT http://plugins.openvas.org/nasl.php?oid=100259 which seems to already doing some fingerpriting for SSH keys. _______________________________________________ Openvas-plugins mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
