search

vulnersCom / nmap-vulners

NSE script based on Vulners.com API
GNU General Public License v3.0
3.22k stars 547 forks source link

script detect false positive vulnerabilites #32

Closed kalkir closed 4 years ago

kalkir commented 4 years ago

We are daily scan servers with nmap matching vulners.nse, have found that recently its getting lot of false positive alerts on httpd. As we have installed httpd latest version, still it's showing 1999, 2000 vulnerabilities. Any method to bypass these?

Example Output |_http-server-header: Apache/2.4.46 (codeit) OpenSSL/1.1.1g PHP/7.2.32 mod_wsgi/3.4 Python/2.7.5 | vulners: | cpe:/a:apache:httpserver:2.4.46: | CVE-2010-0425 10.0 https://vulners.com/cve/CVE-2010-0425 | CVE-1999-1412 10.0 https://vulners.com/cve/CVE-1999-1412 | CVE-1999-1237 10.0 https://vulners.com/cve/CVE-1999-1237 | CVE-1999-0236 10.0 https://vulners.com/cve/CVE-1999-0236 | CVE-2009-1955 7.8 https://vulners.com/cve/CVE-2009-1955 | CVE-2007-6423 7.8 https://vulners.com/cve/CVE-2007-6423 | CVE-2007-0086 7.8 https://vulners.com/cve/CVE-2007-0086 | CVE-2009-3095 7.5 https://vulners.com/cve/CVE-2009-3095 | CVE-2007-4723 7.5 https://vulners.com/cve/CVE-2007-4723 | CVE-2009-1891 7.1 https://vulners.com/cve/CVE-2009-1891 | CVE-2009-1890 7.1 https://vulners.com/cve/CVE-2009-1890 | CVE-2008-2579 6.8 https://vulners.com/cve/CVE-2008-2579 | CVE-2007-5156 6.8 https://vulners.com/cve/CVE-2007-5156 | CVE-2014-0231 5.0 https://vulners.com/cve/CVE-2014-0231 | CVE-2011-1752 5.0 https://vulners.com/cve/CVE-2011-1752 | CVE-2010-1452 5.0 https://vulners.com/cve/CVE-2010-1452 | CVE-2010-0408 5.0 https://vulners.com/cve/CVE-2010-0408 | CVE-2009-2699 5.0 https://vulners.com/cve/CVE-2009-2699 | CVE-2007-0450 5.0 https://vulners.com/cve/CVE-2007-0450 | CVE-2005-1268 5.0 https://vulners.com/cve/CVE-2005-1268 | CVE-2003-0020 5.0 https://vulners.com/cve/CVE-2003-0020 | CVE-2001-1556 5.0 https://vulners.com/cve/CVE-2001-1556 | CVE-1999-0678 5.0 https://vulners.com/cve/CVE-1999-0678 | CVE-1999-0289 5.0 https://vulners.com/cve/CVE-1999-0289 | CVE-1999-0070 5.0 https://vulners.com/cve/CVE-1999-0070 | CVE-2009-1195 4.9 https://vulners.com/cve/CVE-2009-1195 | CVE-2011-1783 4.3 https://vulners.com/cve/CVE-2011-1783 | CVE-2010-0434 4.3 https://vulners.com/cve/CVE-2010-0434 | CVE-2008-2939 4.3 https://vulners.com/cve/CVE-2008-2939 | CVE-2008-2168 4.3 https://vulners.com/cve/CVE-2008-2168 | CVE-2008-0455 4.3 https://vulners.com/cve/CVE-2008-0455 | CVE-2007-6420 4.3 https://vulners.com/cve/CVE-2007-6420 | CVE-2007-6388 4.3 https://vulners.com/cve/CVE-2007-6388 | CVE-2007-5000 4.3 https://vulners.com/cve/CVE-2007-5000 | CVE-2007-4465 4.3 https://vulners.com/cve/CVE-2007-4465 | CVE-2007-1349 4.3 https://vulners.com/cve/CVE-2007-1349 | CVE-2007-6422 4.0 https://vulners.com/cve/CVE-2007-6422 | CVE-2007-6421 3.5 https://vulners.com/cve/CVE-2007-6421

kozmic commented 4 years ago

Can confirm that we also see this same behaviour, it was not like this some weeks ago.

vulnersCom commented 4 years ago

Got it, fixed. Please, take a look in 30 min.

alexanderkjall commented 4 years ago

I can confirm that I no longer see a lot of false positives, thanks for the fix.

kalkir commented 4 years ago

Thanks, this is fixed.