PaulDotCom mailing list archives

Scanning of cumulative vulns/patches

From: abcampa at gmail.com (Albert R. Campa)
Date: Wed, 17 Feb 2010 13:17:08 -0600

What do you guys think of scanning and reporting of cumulative vulnerabilities?

For example. If you have vulnerability A that supercedes vulnerability
B. Nessus will report both A and B as vulnerable, but for patching
only Vulnerability A needs to be patched. So why report vulnerability
B? Should the scanner ingore superceded vulnerabilities? Is the only
plus to reporting both A and B is to have a history of old
vulnerabilities not patched?

What about metrics? A and B might be vulnerable but only patch A needs
to be installed.


If an admin gets a vuln report with both A and B, can they easily
figure out oh, this is cumulative, so I only need to install A, or are
they going to try to install both.


want to get more opinions on this.



__________________________________
Albert R. Campa

Current thread:

Scanning of cumulative vulns/patches Albert R. Campa (Feb 17)
- Scanning of cumulative vulns/patches Jamie Starkel (Feb 17)
- Scanning of cumulative vulns/patches Ron Gula (Feb 17)
- Scanning of cumulative vulns/patches Paul Asadoorian (Feb 17)
  - Scanning of cumulative vulns/patches Albert R. Campa (Feb 17)
- Scanning of cumulative vulns/patches Shane Kelly (Feb 18)