On Thu, Oct 03, 2002 at 01:57:09PM -0400, [EMAIL PROTECTED] wrote:
> When scanning a number of IIS servers with safe checks enabled I receive mod_ssl
>buffer overflow vulnerabilities. Why is nessus reporting this when IIS doesn't use
>the OpenSSL libraries. What is setting this off?
Because Nessus relies on the OpenSSL protocol to do the check. If safe
checks are disabled, it will really completely attempt to overflow the
remote host, which will allow the script to determine if the remote
host is vulnerable or not. If they are enabled, then it will just
overflow the first few bytes, and Microsoft's SSL does not care about it
and lets that go.
-- Renaud
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
