> > When scanning Blackboard servers, we get a ALOT (just about all I > expect) of cgi related exploits. We have found out, that it's because > the Blackboard servers respond with a "HTTP errocode 200" when Nessus > probes them, and then Nessus assumes the exploit is there. > > It would be very nice, if that could be fixed somehow? If the > scan-report is neede, then let me know and I'll make it available. >
I see a lot of similar false positives from the little appliance things on the network, running embedded web servers. Often, every request is redirected to, say, a login page. The scanner sees these as "hits" and marks them as vulnerable. > As a followup to my mail from the other day "Interscan 3.32 SMTP Denial > script bug", we have found some other false postivies, that pops up now > and then. > > When scanning Blackboard servers, we get a ALOT (just about all I > expect) of cgi related exploits. We have found out, that it's because > the Blackboard servers respond with a "HTTP errocode 200" when Nessus > probes them, and then Nessus assumes the exploit is there. > > It would be very nice, if that could be fixed somehow? If the > scan-report is neede, then let me know and I'll make it available. > > > -- > > Jesper S. Jensen > Basisnet og Sikkerhed > Uni-C - �rhus, Danmark > +45 8937-6666 > _______________________________________________ > Nessus mailing list > [EMAIL PROTECTED] > http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
