the test above has an bug,
it will report an newer package as an older one.
CentOS Update for iwl1000-firmware CESA-2018:0094 centos7 OID: 18.104.22.168.4.1.25622.214.171.1242829
Vulnerable package: iwl5000-firmware
Installed version: iwl5000-firmware-126.96.36.199_1-69.el7
Fixed version: iwl5000-firmware-188.8.131.52_1-58.el7_4
Using openvas scanner 6.0.0
Thanks for reporting a bug.
Which iwl5000-firmware version do you actually have? And did you use an authenticated scan?
As you can see, I have package version iwl5000-firmware-184.108.40.206_1-69.el7 installed,
I have logged in the system an verified the rpm package version.
Package version 69.el7 is newer than 58.el7_4.
Oh dear, I have overlooked this myself as well.
The issue has been given to out developers, I will get back to you as son as it’s solved.
I have also have this false positive with the same versions on Centos 7.
@Tino Any news? Still getting this on my scans. TIA
We’re still working on solving the enumeration parsing issue and have, in a first step, lowered the QoD. I’ll suggest applying an over ride to this result for now, and will report back if the issue is fixed.
I believe this is fixed as of 2nd July update. Thanks for that