Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.100509
Categoría:Settings
Título:Options for Local Security Checks
Resumen:This script allows users to set some Options for Local Security Checks which; are stored in the knowledge base and used by other tests. Description of the options:;; - Also use 'find' command to search for Applications:;; Setting this option to 'no' disables the use of the 'find' command via SSH against Unixoide targets. This reduces scan; time but might reduce detection coverage of e.g. local installed applications.;; - Descend directories on other filesystem (don't add -xdev to find):;; During the scan 'find' is used to detect e.g. local installed applications via SSH on Unixoide targets. This command is descending on; special (network-)filesystems like NFS, SMB or similar mounted on the target host by default. Setting this option to 'no' might reduce the; scan time if network based filesystems are not searched for installed applications.;; - Enable Detection of Portable Apps on Windows:;; Setting this option to 'yes' enables the Detection of Portable Apps on Windows via WMI. Enabling this option might increase scan time; as well as the load on the target host.;; - Disable the usage of win_cmd_exec for remote commands on Windows:;; Some AV solutions might block remote commands called on the remote host via a scanner internal 'win_cmd_exe' function. Setting; this option to 'yes' disables the usage of this function (as a workaround for issues during the scan) with the risk of lower; scan coverage against Windows targets.;; - Disable file search via WMI on Windows:;; Various VTs are using WMI to search for files on Windows targets. Depending on the attached storage and its size this routine might; put high load on the target and could slow down the scan. Setting this option to 'yes' disables the usage of this search with the; risk of lower scan coverage against Windows targets.;; - Report vulnerabilities of inactive Linux Kernel(s) separately:;; All current package manager based Local Security Checks are reporting the same severity for active and inactive Linux Kernel(s). If this; setting is enabled the reporting for inactive Linux Kernel(s) is done separately in the VT 'Report Vulnerabilities in inactive Linux Kernel(s)'; (OID: 1.3.6.1.4.1.25623.1.0.108545).;; Please note that this functionality is currently only available for Debian (and Derivates using apt-get) and RPM based Distributions and needs; to be considered as 'experimental'.;; - Integer that sets the directory depth when using 'find' on unixoide systems:;; A non-negative integer added as '-maxdepth' parameter to all 'find' calls used during a scan of unixoide systems.;; - Use 'su - USER' option on SSH commands:;; For each ssh_cmd, use 'su - USER' option to not use root, but user for ssh command.;; - Use this user for 'su - USER' option on SSH commands:;; Specify the user to use for 'su - USER' option on SSH commands.;; - Folder exclusion regex for file search on Unixoide targets:;; During the scan 'find' and/or 'locate' is used to detect e.g. local installed applications via SSH on Unixoide targets.; This option allows to pass a regex to define which folders should be excluded / not searched when searching for files; on such a target. Please pass 'None' to the option if you don't want to exclude any folders.
Descripción:Summary:
This script allows users to set some Options for Local Security Checks which
are stored in the knowledge base and used by other tests. Description of the options:

- Also use 'find' command to search for Applications:

Setting this option to 'no' disables the use of the 'find' command via SSH against Unixoide targets. This reduces scan
time but might reduce detection coverage of e.g. local installed applications.

- Descend directories on other filesystem (don't add -xdev to find):

During the scan 'find' is used to detect e.g. local installed applications via SSH on Unixoide targets. This command is descending on
special (network-)filesystems like NFS, SMB or similar mounted on the target host by default. Setting this option to 'no' might reduce the
scan time if network based filesystems are not searched for installed applications.

- Enable Detection of Portable Apps on Windows:

Setting this option to 'yes' enables the Detection of Portable Apps on Windows via WMI. Enabling this option might increase scan time
as well as the load on the target host.

- Disable the usage of win_cmd_exec for remote commands on Windows:

Some AV solutions might block remote commands called on the remote host via a scanner internal 'win_cmd_exe' function. Setting
this option to 'yes' disables the usage of this function (as a workaround for issues during the scan) with the risk of lower
scan coverage against Windows targets.

- Disable file search via WMI on Windows:

Various VTs are using WMI to search for files on Windows targets. Depending on the attached storage and its size this routine might
put high load on the target and could slow down the scan. Setting this option to 'yes' disables the usage of this search with the
risk of lower scan coverage against Windows targets.

- Report vulnerabilities of inactive Linux Kernel(s) separately:

All current package manager based Local Security Checks are reporting the same severity for active and inactive Linux Kernel(s). If this
setting is enabled the reporting for inactive Linux Kernel(s) is done separately in the VT 'Report Vulnerabilities in inactive Linux Kernel(s)'
(OID: 1.3.6.1.4.1.25623.1.0.108545).

Please note that this functionality is currently only available for Debian (and Derivates using apt-get) and RPM based Distributions and needs
to be considered as 'experimental'.

- Integer that sets the directory depth when using 'find' on unixoide systems:

A non-negative integer added as '-maxdepth' parameter to all 'find' calls used during a scan of unixoide systems.

- Use 'su - USER' option on SSH commands:

For each ssh_cmd, use 'su - USER' option to not use root, but user for ssh command.

- Use this user for 'su - USER' option on SSH commands:

Specify the user to use for 'su - USER' option on SSH commands.

- Folder exclusion regex for file search on Unixoide targets:

During the scan 'find' and/or 'locate' is used to detect e.g. local installed applications via SSH on Unixoide targets.
This option allows to pass a regex to define which folders should be excluded / not searched when searching for files
on such a target. Please pass 'None' to the option if you don't want to exclude any folders.

CVSS Score:
0.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:N

CopyrightCopyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.