I sent this out before, but didn't see any reply, so I thought I would stab at it again. I can't see any reason in the code for this to happen.
I'm running Nessus 1.2.0 on Redhat 7.2. > I was comparing the findings in an .nbe file with the information in the > knowlegebase and found vulnerabilities in the knowlegebase that were not > in the output file. > > For example: > > One host has the following 3 vulnerabilities in the knowledge base - kbs: > > (1) htimage.exe > 1019863608 1 SentData/10376/HOLE/1=\nThere may be ... > > (2) PROPFIND > 1019863622 1 SentData/10667/HOLE/1=\nThe PROPFIND ... > > (3) imagemap.exe > 1019863627 1 SentData/10122/HOLE/1=The 'imagemap.e ... > > yet the nbe output only had entries for: > > (1) htimage.exe > (2) PROPFIND > > This behavior was repeated without any real consistency or pattern for > several hosts. For example, a host that is configured in a similar manner > only had results for htimage.exe in the output but the kb listed all > three. > > I have verified the results by hand, and the systems did have the > referenced cgi's so I should have gotten notification of all of them. > > Has anyone else seen this? > > The nessus scan was run with the command: > > nohup nessus -c <nessusrc> -T nbe -q localhost 1241 <log> <pass> > <inputfilelist> <outputfile> > > The nessus is also built with --enable-debug, could this be part of the > problem? > > I also noticed recently that support for UNIX domain sockets is available. > If the server will never need networked client/server communications is > this a more reliable communication path? > > Any pointers for debugging this would be helpful. > > Dion >
