Currently there's possiblity to make "one-liner scan" of system using curl (https://vuls.io/docs/en/usage-server.html). Issue is, that received JSON can't be displayed nicely with application, because application always want's to get the data from vulnerability DB (even there's everything needed in the JSON returned by vul

I'm using OpenNTPD instead of the default ntp on my FreeBSD server - when lynis analyses the ntp settings it tries to query information with ntpq which is (to my knowledge) is not possible with OpenNTPD.

Lynis will slow down as ntpq takes a while fail.

OS: FreeBSD 10.4
Lynis: 2.6.1 (768446e4)

[ Lynis 2.6.1 ]

####################################################################

The code should look readable and manageable. Separate folders, split views, a separate folder for the scanners plugin and parsers. Need improvement in Models file.

What would you like added?

Further develop Testing for Vertical Bypassing Authorization Schema and ensure it meets the article standard.

show how many commands ran
show pretty pictures on how many hosts/ports/paths are in the db
show the actual db output for ports/paths/hosts/etc

Elastic comes with quite a few security-related settings which seem easy enough to check for

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html

This is a follow-up of #390 and the PR #397 solving it:

There is another edge/corner case where a NVT is using the script_tag(name:"vuldetect", value:"" tag but is only sending a log_message() (0.0 severity).

Once this is happening instead of the static and already correctly formatted Vulnerability Detection Method a Log Method (static as well) without the formatting is shown