Comment by dizhn
3 years ago
You are probably misremembering the story. If the module was really not enabled it wouldn't come up in a security scan or be present in the banner.
3 years ago
You are probably misremembering the story. If the module was really not enabled it wouldn't come up in a security scan or be present in the banner.
If it's the kind of report I've seen, it could've been along the lines of Package version X.Y.Z comes with M module which has V vulnerability. Upgrade to X.Y.Z+1, which patched it. They don't actually look at the enabled modules.
I thought it might be that. Yeah.
Yes, it was exactly like that.