hello list, I noticed on my last two scans (one was a XP SP2 laptop and the other was a Win2k3 SP1 Domain Controller) that Nessus was reporting a vulnerability on port 8081 and linking it to a Linksys BEFSR41 Router.
TCP port 8081 is active and is used by McAfee Agent to report to McAfee ePolicy Orchestrator. Plug in 11773 appearts to be performing a http get looking for "/Gozila.cgi" When I connect to http://localhost:8081/ I get the web page that displays the McAfee Agent Activity Log When I try to connect to http://localhost:8081/Gozilla.cgi I get 404 - File not found and a search of the hard workstation and server didn't find any Gozila.cgi file. So I know that Gozila.cgi file does not exist. So I'm not sure what is causing the plug in to trigger and create the fails postive. If someone can help me out ane explain the fails postive, that would be great. Below is what appears in the report. The Linksys BEFSR41 EtherFast Cable/DSL Router crashes if somebody accesses the Gozila CGI without argument on the web administration interface. Solution: upgrade your router firmware to 1.42.7. Risk Factor : Medium Plugin ID : 11773 Take Care and Have Fun --John _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
