>Date: Tue, 18 Sep 2007 13:27:41 -0400 >From: "George A. Theall" <[EMAIL PROTECTED]> >Subject: Re: NASL Script for plugin ID 10330 >To: [email protected] >Message-ID: <[EMAIL PROTECTED]> >Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>On 09/18/07 13:19, Joel Elwell wrote: >>> Oh my, not again! :-) >> Your response would indicate that plugin has a history.... ;-) >> Or, are you recalling the btcpcom.nlm issue? >Only the DoS you uncovered last year in Netware (btcpcom.nlm). Just teasing you a little, I figured that was it. >The find_services plugin (#10330) should be pretty safe, although I am >sure we all have interesting stories about devices and software we've >knocked out with things like simple port scans. :-) >> Running Nessus version 3.0.3 on Linux release 2.6.13-15.16-smp (SUSE) >> found the find_service.nes and find_service.nasl in >> /opt/nessus/lib/nessus/plugins/ >>I'll check it out. >Let me know if you need a copy of the C source. Thanks, sadly it will do me little good, as I'm not familiar with C language. I noted that the plugin "find_service.nasl" in version 3.0.3, indicates it's meant to replace the "find_service.nes". Which is actually running in my case? One or both? For additional background info: The DoS target is a presentation layer "service" providing SQL database info from the back end to the application running in a browser session. Runs on Windows Server 2003 and IIS. Any insight on this scenario? Could the plugin be creating multiple requests (threads) that the app is not releasing? (CPU utilization spikes almost immediately, but it's late in the scan, with that being the only plugin enabled.) Really, I'm just looking for a speaking point to introduce this issue to the vendor. Joel _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
