On Wed, Jun 30, 2004 at 09:59:29AM -0600, Lucas Albers wrote: > My raw ness item shows these entries: ... > SERVER <|> INFO <|> xxx.edu <|> general/icmp <|> The 'way-board' CGI is > installed. This CGI has;a well known security flaw that lets an attacker > read arbitrary;files with the privileges of the http daemon (usually root > or nobody).;;Solution : remove it from /cgi-bin.;;Risk factor : Serious; > <|> 10114 <|> SERVER ... > SERVER <|> INFO <|> xxx.edu <|> ssh (22/tcp) <|> The 'way-board' CGI is > installed. This CGI has;a well known security flaw that lets an attacker > read arbitrary;files with the privileges of the http daemon (usually root > or nobody).;;Solution : remove it from /cgi-bin.;;Risk factor : Serious; > <|> 11574 <|> SERVER
This indeed is strange! The description for the wayboard plugin is being mixed with the output from other plugins. I suspect that the plugins are detecting issues correctly, just reporting them always with the description from the wayboard plugin. That is, those targets with the ssh report above are vulnerable to the OpenSSH/PAM timing attack that plugin 11574 checks. > I'v restarted nessus, and don't show any other strange scan results. Can you repeat the scan with the same odd results? George -- [EMAIL PROTECTED]
pgpVk1go2kdNF.pgp
Description: PGP signature
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
