My company produces an embedded product. A customer support person ran a Nessus scan and had the following vulnerability in their report(see bottom of email). He's using a Nessus 2.0.6 daemon and a windows client(not sure of version). I just downloaded a new version of Nessus daemoon(v2.0.6) and windows client(v1.4.4) last week. I've selected all the plug-ins. I can't get my scans to report this vulnerability. Please help.
My setup is a Netgear 4 port hub(DS108) connected to the device being scan, the Nessus daemon, and to my company's network. Service: general/udp Severity: High It is possible to by-pass the rules of the remote firewall by sending UDP packets with a source port equal to 53. An attacker may use this flaw to inject UDP packets to the remote hosts, in spite of the presence of a firewall. Solution : Review your firewall rules policy Risk Factor : High BID : 7436 Thanks, Sherwin ===== Best Regards, Sherwin Lu __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com
