On 12/10/07 19:28, Yanyan Wang wrote: > I scanned a server twice with about 30-40 minutes of time difference, > same preferences. The first scan reported a "BLING SQL Injection" > vulnerablity, but not the second one.
It's hard to say. Did you look through the Nessus server log to see if there was any reason that particular plugin (I assume it's #11139, sql_injection.nasl) might not have been launched? Like, was the remote web server / host still alive when you launched the second scan? Is there some type of IPS that might have prevented the plugin from running the second time? Do you have access to the logs on the remote host and, if so, do they tell you anything? George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
