On Mon, Jul 04, 2005 at 07:54:08PM +0530, Jayesh KS wrote: > I was just going through some of the plugins and noticed that many of > them were not having any CVE IDs at the time of writing but later got > assigned, which are not updated in the plugins. > I have made a partial list of such scripts and their CVE ID's . I > think there are many other such scripts that do not have CVE ID's. I > thought it would be beneficial for all. Is this exercise worth > carrying out? This is one of the tasks I've been working on, time permitting. Unfortunately, it's a tedious process as each change needs to be reviewed manually. Not only do people make mistakes (eg, the CVEs you claim are for delegate_overflow2.nasl are really for ImageMagick), but even Mitre and Security Focus sometimes do too. In short, someone's already looking into the omissions / errors, but if you want to do so too, feel free -- four eyes are better than two. George -- theall@private _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Mon Jul 04 2005 - 11:09:20 PDT