Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.100509
Category:Settings
Title:Options for Local Security Checks
Summary:This script allows users to set some Options for Local Security; Checks which are stored in the knowledge base and used by other tests. Description of the options:;; - Also use 'find' command to search for Applications:;; Setting this option to 'no' disables the use of the 'find' command via SSH against Unixoide; targets. This reduces scan time but might reduce detection coverage of e.g. local installed; applications.;; - Descend directories on other filesystem (don't add -xdev to find):;; During the scan 'find' is used to detect e.g. local installed applications via SSH on Unixoide; targets. This command is descending on special (network-)filesystems like NFS, SMB or similar; mounted on the target host by default. Setting this option to 'no' might reduce the scan time if; network based filesystems are not searched for installed applications.;; - Enable Detection of Portable Apps on Windows:;; Setting this option to 'yes' enables the Detection of Portable Apps on Windows via WMI. Enabling; this option might increase scan time as well as the load on the target host.;; - Disable the usage of win_cmd_exec for remote commands on Windows:;; Some AV solutions might block remote commands called on the remote host via a scanner internal; 'win_cmd_exe' function. Setting this option to 'yes' disables the usage of this function (as a; workaround for issues during the scan) with the risk of lower scan coverage against Windows; targets.;; - Disable file search via WMI on Windows:;; Various VTs are using WMI to search for files on Windows targets. Depending on the attached; storage and its size this routine might put high load on the target and could slow down the scan.; Setting this option to 'yes' disables the usage of this search with the risk of lower scan; coverage against Windows targets.;; - Report vulnerabilities of inactive Linux Kernel(s) separately:;; All current package manager based Local Security Checks are reporting the same severity for active; and inactive Linux Kernel(s). If this setting is enabled the reporting for inactive Linux; Kernel(s) is done separately in the VT 'Report Vulnerabilities in inactive Linux Kernel(s)'; (OID: 1.3.6.1.4.1.25623.1.0.108545).;; Please note that this functionality is currently only available for Debian (and Derivates using; apt-get) and RPM based Distributions and needs to be considered as 'experimental'.;; - Integer that sets the directory depth when using 'find' on unixoide systems:;; A non-negative integer added as '-maxdepth' parameter to all 'find' calls used during a scan of; unixoide systems.;; - Use 'su - USER' option on SSH commands and Use this user for 'su - USER' option on SSH commands:;; Deprecated preferences / options which will be removed in the future. Please migrate to the new; 'Elevate Privileges' feature introduced in GOS/GVM 21.04.5. See the references for more; information.;; - Folder exclusion regex for file search on Unixoide targets:;; During the scan 'find' and/or 'locate' is used to detect e.g. local installed applications via SSH; on Unixoide targets. This option allows to pass a regex to define which folders should be excluded; / not searched when searching for files on such a target. Please pass 'None' to the option if you; don't want to exclude any folders.
Description:Summary:
This script allows users to set some Options for Local Security
Checks which are stored in the knowledge base and used by other tests. Description of the options:

- Also use 'find' command to search for Applications:

Setting this option to 'no' disables the use of the 'find' command via SSH against Unixoide
targets. This reduces scan time but might reduce detection coverage of e.g. local installed
applications.

- Descend directories on other filesystem (don't add -xdev to find):

During the scan 'find' is used to detect e.g. local installed applications via SSH on Unixoide
targets. This command is descending on special (network-)filesystems like NFS, SMB or similar
mounted on the target host by default. Setting this option to 'no' might reduce the scan time if
network based filesystems are not searched for installed applications.

- Enable Detection of Portable Apps on Windows:

Setting this option to 'yes' enables the Detection of Portable Apps on Windows via WMI. Enabling
this option might increase scan time as well as the load on the target host.

- Disable the usage of win_cmd_exec for remote commands on Windows:

Some AV solutions might block remote commands called on the remote host via a scanner internal
'win_cmd_exe' function. Setting this option to 'yes' disables the usage of this function (as a
workaround for issues during the scan) with the risk of lower scan coverage against Windows
targets.

- Disable file search via WMI on Windows:

Various VTs are using WMI to search for files on Windows targets. Depending on the attached
storage and its size this routine might put high load on the target and could slow down the scan.
Setting this option to 'yes' disables the usage of this search with the risk of lower scan
coverage against Windows targets.

- Report vulnerabilities of inactive Linux Kernel(s) separately:

All current package manager based Local Security Checks are reporting the same severity for active
and inactive Linux Kernel(s). If this setting is enabled the reporting for inactive Linux
Kernel(s) is done separately in the VT 'Report Vulnerabilities in inactive Linux Kernel(s)'
(OID: 1.3.6.1.4.1.25623.1.0.108545).

Please note that this functionality is currently only available for Debian (and Derivates using
apt-get) and RPM based Distributions and needs to be considered as 'experimental'.

- Integer that sets the directory depth when using 'find' on unixoide systems:

A non-negative integer added as '-maxdepth' parameter to all 'find' calls used during a scan of
unixoide systems.

- Use 'su - USER' option on SSH commands and Use this user for 'su - USER' option on SSH commands:

Deprecated preferences / options which will be removed in the future. Please migrate to the new
'Elevate Privileges' feature introduced in GOS/GVM 21.04.5. See the references for more
information.

- Folder exclusion regex for file search on Unixoide targets:

During the scan 'find' and/or 'locate' is used to detect e.g. local installed applications via SSH
on Unixoide targets. This option allows to pass a regex to define which folders should be excluded
/ not searched when searching for files on such a target. Please pass 'None' to the option if you
don't want to exclude any folders.

CVSS Score:
0.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:N

CopyrightCopyright (C) 2010 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.