On 12/13/07 16:11, First Last wrote: > The server does not have XSS issues, so that's why I was questioning > these plugins.
It would be useful then to see a packet capture of running those plugins against the affected port(s). Each of those plugins apparently saw the Javascript they sent in response packets. > Especially since this scan generated about 10 different > vulnerabilities with about 10 different apps. What vulnerabilities beyond the three you already mentioned? > Side note * No 404 Check was triggered but > false positive... I find this a lot. Would you explain or provide an example? If it's really an issue, I'd like to try to correct it. > Another point I should mention that my be throwing Nessus a loop... > these vulnerabilities are not on port 80, but 8080,8081, and 8082. Nessus shouldn't care. George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
