Login or Register

Recent searches

No recent searches

Search options

Only available when logged in.
Vivaldi Social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Vivaldi Social is part of the Mastodon network and is hosted in Iceland by the makers of Vivaldi Browser. Everyone is welcome to join.

Administered by:

Server stats:

11K
active users

Vivaldi Social: AboutStatusProfiles directoryPrivacy policy

Mastodon: About · Keyboard shortcutsView source codev4.3.7+vivaldimod

Public
Olivier Forget

Uh, is it normal for an automated #security scanner to be unaware of #debian patched packages?

Like how OpenSSH 9.2p1 is vulnerable to CVE-2023-38408 but the Debian version 1:9.2p1-2+deb12u5 is patched. But the security scanner sees the "9.2p1" string and sounds the alarm.

security-tracker.debian.org/tr

Is this a common problem for people running Debian servers?

security-tracker.debian.orgCVE-2023-38408
Peter Krefting

@teleclimber Yes. Most security scanners (Pentesters) are that stupid.

I speak from experience, trying to tell customers that just because it said the server they installed have a vulnerable version of something or other installed, that's not actually the case.

The ones that *actually* try to break stuff (like using known issues, fuzzing input and such) are great, though. Use those.

Mar 25, 2025, 09:16 PM·Public·Web
1boost·1favorite
ExploreLive feeds
About