1 Copper

OMSA - wpoison (nasl version)

I've been running some vunlnerability assements using the Openvas tool.

After upgrading the OMSA on servers to, Openvas shows this for all 1311 tcp ports:

 NVT: wpoison (nasl version) (OID:

The following URLs seem to be vulnerable to BLIND SQL injection
techniques : 


An attacker may exploit this flaws to bypass authentication
or to take the control of the remote database.

Solution: Modify the relevant CGIs so that they properly escape arguments
See also : http://www.securitydocs.com/library/2651

Any clues as to a fix ?



Tags (2)
0 Kudos
2 Replies

RE: OMSA - wpoison (nasl version)


We thank you for your forum submission and  I have forwarded your information on and when we have updated information, it will be posted here.



Geoff P
Dell | Social Outreach Services - Enterprise

Download the Dell Quick Resource Locator app today to access PowerEdge support content on your mobile device!
(iOS, Android, Windows)

0 Kudos
1 Copper

RE: OMSA - wpoison (nasl version)


I'm a NVT Developer off the OpenVAS project and by chance I stumbled upon this article.  I did a quick check of the wpoison nasl and can say that this is a false positive because of a bug in this NVT. This NVT is updated as soon as possible in the feed.

Sorry for the inconvenience.

Michael Meyer

0 Kudos