Hello, this is a feature request.
Is it possible to add some kind of exception list?
I have been using Flan for scanning a bunch of servers, but there are many false-positive results, ie:
Flan results the following:
OpenSSH 7.4 (cpe:/a:openbsd:openssh:7.4)
CVE-2017-15906 Medium (5.0)
Summary:The process open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
But Redhat says this server isnt affected ( https://access.redhat.com/security/cve/cve-2019-16905 ).
So, it would be nice if there was a, exception list. Adding that server IP and CVE code to an exception list would avoid reporting that false-positive again.
Hello, this is a feature request.
Is it possible to add some kind of exception list?
I have been using Flan for scanning a bunch of servers, but there are many false-positive results, ie:
Flan results the following:
OpenSSH 7.4 (cpe:/a:openbsd:openssh:7.4)
CVE-2017-15906 Medium (5.0)
Summary:The process open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
But Redhat says this server isnt affected ( https://access.redhat.com/security/cve/cve-2019-16905 ).
So, it would be nice if there was a, exception list. Adding that server IP and CVE code to an exception list would avoid reporting that false-positive again.