On Wed Jun 22 2005 at 21:45, Max Andersen wrote: > GET /%5c/ HTTP/1.1
Wrong. You need to give a Host field. > Anyone got an idea on why Nessus reports a positive? 1. You are right as far as the %00 is concerned: something is missing. 2. Although the code is not clear, the plugin checks that there is no directory index with a normal / request (some servers have no index.html page). So it should not do a FP. Rather than using Telnet, try something like this: echo -e 'GET /%00/ HTTP/1.1\r\nHost: yourhost\r\n\r\n' | nc youhost 80 I'll add some debug messages (-> nessusd.dump) to this plugin, just in case. _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
