scan with nessus 2.08

Fri, 03 Oct 2003 17:25:40 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi, i did a scan with latest nessus and it reported 2 security holes and one 
warning that sounds like false positives to me...

Hole #1

Vulnerability found on port general/icmp
 The remote host is vulnerable to an 'icmp leak' -
 when it receive a packet that raise an ICMP error packet
 (except ICMP destination unreachable), the ICMP packet is
 supposed to contain the original message.
 Due to a bug in the remote TCP/IP stack, it will also contain fragments
 of the content of the remote kernel memory.
 An attacker may use this flaw to remotely sniff what is going on into
 the host's memory, especially network packets that it sees, and
 obtain useful information such as POP passwords, HTTP authentication
 fields, and so on.

 Solution : Contact your vendor for a fix. If the remote host is running
 Linux 2.0, upgrade to Linux 2.0.40.

but i am running linux 2.4.22 (plain vanilla kernel compiled from sources)

Hole #2

Vulnerability found on port cvspserver (2401/tcp)
 The remote CVS server, according to its version number,
 is vulnerable to a double free() bug which may allow an
 attacker to gain a shell on this host.
 
 Solution : Upgrade to CVS 1.11.5

but i am running cvs 1.11.5

Warning #1

Warning found on port https (443/tcp)
 Your webserver supports the TRACE and/or TRACK methods. It has been
 shown that servers supporting this method are subject
 to cross-site-scripting attacks, dubbed XST for
 'Cross-Site-Tracing', when used in conjunction with
 various weaknesses in browsers. 
 An attacker may use this flaw to trick your
 legitimate web users to give him their 
 credentials.
 
 Solution: Disable these methods.
 If you are using Apache, add the following lines for each virtual
 host in your configuration file :
 
 RewriteEngine on
 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
 RewriteRule .* - [F]
 
but i do have those lines in my httpd.conf file (running apache 2.0.47)

what should i do to avoid these warnings? 
cos they are false positives arent they????

thanks

- -- 
Francesco Lamonica: f DOT lamonica AT tin DOT it

PGP Fingerprint: 5870 92BA 8DFF 1ACF DE2E  B94D 46EC 5505 7C64 4EF1
Favourite quote: There's no spoon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/fhN6RuxVBXxkTvERAomtAJoCvFCpK0w5dPPUJdoroj+WvSZj5QCfRcJK
PvEXbpSj8BYpC+i07GJ/UYw=
=OFAl
-----END PGP SIGNATURE-----

Reply via email to