On Wed, Sep 18, 2002 at 01:11:19PM -0400, Datdamwuf of wolf wrote:
> To check for vulnerable systems I normally do the banner grab plugin,
> OpenSSL overflow. However, we think we may be missing systems that aren't
> advertising. I would like to use the plugin below, it is in the category:
> script_category(ACT_MIXED_ATTACK)
>
> OpenSSL overflow (generic test), Gain a shell remotely, Checks for the
> behavior of OpenSSL.
>
> What is the risk of breaking the server with this plugin??
None if you enable the safe checks (it overwrites one variable on the
stack, nothing crashes).
-- Renaud
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
