Hi there
Nessus does that timestamp test on ICMP packets and reports it as a flaw. It
would be really nice if the report *showed* the uptime calculated by the
plugin - it would really show SA's what information is being lost.
...Of course NetCraft would hate us all if we started block timestamps :-)
Secondly, I'm running nessus 1.1.13 and just found that it returns a false
positive on my ftp server.
I'm running vsftpd-1.0.1 and nessus reported:
There is a bug in the FTP server;which allows anyone who issues the
following commands;to be logged as root :;
USER ftp;
CWD ~root;
PASS nessus@;
Solution : Upgrade your FTP server to a newer version.;;
Risk factor : High
The problem is in ftp_cwd_root.nasl:
data = string("STOR .nessus_test_2\n");
send(socket:soc, data:data);
r = recv_line(socket:soc, length:3);
if(r == "425")
{
data = string("DELE .nessus_test_2\n");
vsftp returns 425 after the STOR attempt - even though it's:
PASS sda
230 Login successful. Have fun.
CWD /
250 Directory successfully changed.
STOR .nessus_test_2
425 Use PORT or PASV first.
DELE .nessus_test_2
500 Unknown command.
QUIT
It expects the client to formally state what transfer mechanism will be used
before doing anything else. It actually IGNORES transfer commands (such as
STOR) until the client decides. If you choose (say) PASV, then it'll return
a "553 Could not create file." when you try the STOR - as you'd hope. So, no
hole.
--
Cheers
Jason Haar
Information Security Manager
Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
