On Wed Nov 23 2005 at 21:23, Chatarpal, Muni wrote: > Hi, I ran a scan and on several win2K servers I am seeing 11 HIGH > Vulnerabilities for Apache and SSL , for e.g: [...] > Are these false positives ?
I'd say "probably not", but you are the only one that can answer this question. Are you running Apache on those machine? And which version? If you don't know, run something like echo -e 'HEAD / HTTP/1.0\r\n\r\n' | netcat HOST PORT and check the "Server:" field If somebody was smart enough to change the banner, enable "experimental scripts", HMAP will fingerprint the server and detect the fake banner. -- http://arboi.da.ru/ http://ma75.blogspot.com/ PGP key ID : 0x0BBABA91 - 0x1320924F0BBABA91 Fingerprint: 1048 B09B EEAF 20AA F645 2E1A 1320 924F 0BBA BA91 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
