Questions on product detections

antolik · April 14, 2025, 10:18am

Hello,

We are trying the Greenbone Enterprise Appliance Trial 24.10.1. We have a Windows server, which we would like to check for vulnerabilities.

For test purposes, we placed the vulnerable files openssl dll - libcrypto-1_1.dll and vulnerable 7-zip binary in directory d:\temp\vuln.

Then we tried Full and Fast scan. The scanner found vulnerable 7-zip binary under C:\Program Files\7-zip, but not in and d:\temp\vuln.

Also, the scanner didn’t find a vulnerable dll libcrypto-1_1.dll under d:\temp\vuln, which is obviously vulnerable.

It is standard behaviour, or should I do more fine-tuning of the scanner?

Thank you.

Best regards,

Vladislav

cfi · April 15, 2025, 9:22am

Hello,

and welcome to this community forums. Only two short hints:

OpenSSL: This is expected behavior, there is no support for detecting OpenSSL on Windows via such .dll files
7-Zip: Enabling the How to enable Detection of Portable Apps on Windows? option might help, please keep the notes recently added there on the limitations

antolik · April 16, 2025, 9:01am

Hi,

thank you very much for explaning.
Best regards,

V.