Hi Josh,
Thanks for the info.
There is one more thing that I observed.
One of the processes of my application gets killed while the scan is happening, however the hole which I have mentioned below is seen in the report
after almost 20 min. Does it mean that the process is actually killed by some other plugin and not this one ?
Under what circumstances can this hole be a false positive ?
unknown (6780/tcp) High
It was possible to crash the remote service by flooding it with too much data.
An attacker may use this flaw to make this service crash continuously,
preventing this service from working properly. It may also be possible
to exploit this flaw to execute arbitrary code on this host.
Solution : upgrade your software or contact your vendor and inform it of this
vulnerability
Risk factor : High
Thanks in advance for your help
Regards,
Monali Navin Shah
| Josh Zlatin-Amishav <[EMAIL PROTECTED]>
11/16/2005 02:25 PM |
|
On Wed, 16 Nov 2005 [EMAIL PROTECTED] wrote:
> What I would like to know over here is that :
> a : Which pluggin actually identified these holes ?
It looks like the miscflood.nasl (plugin #10735). Depending on what your
report output type is, you can see which plugin identified which hole.
> b : What is the kind of data that was pumped in to crash the port , i mean
> is it some random data or some specific Packets which are being sent ?
miscflood.nasl sends a string of 65535 X's 10 times to the open port and
then checks if the service that was listening is still responsive.
--
- Josh
ForwardSourceID:NT00004382
Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
