Hi, I am working with Nessus 3 and have the latest plugins downloaded. I have enabled the following plugins: 1. Denial Of Service - Tomcat servlet engine MS/DOS device names denial of service. 2. Port scanners - SYN I am running the scan against Tomcat 5.5 on Windows and see the following vulnerability reported: http-alt (8080/tcp) It was possible to freeze or crash Windows or the web server by reading a thousand of times a MS/DOS device through Tomcat servlet engine, using a file name like /examples/servlet/AUX A cracker may use this flaw to make your system crash continuously, preventing you from working properly. Solution: Upgrade your Apache Tomcat web server to version 4.1.10. Risk Factor : High CVE : CVE-2003-0045 Other references : OSVDB:12233 Plugin ID : 11150 -- Ethereal traces show a lot of requests like GET /servlet/AUX and 404 Not Found responses to the same. I see that Tomcat is still running after the scan and Tomcat Manager status shows all threads are running. Even after the scan, sending a request like http://[IP]:8080/servlet/AUX through the browser gives a 404 Not Found error and it doesn't seem like Tomcat has crashed. CVE-2003-0045(http://nvd.nist.gov/nvd.cfm?cvename=CVE-2003-0045) and Tomcat state the bug is fixed in Tomcat 3.3.1a and later (http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE -NOTES-3.3.1a.txt). I see Nessus reporting the hole against both Tomcat 4.1 and Tomcat 5.5. Has anyone seen something similar before? Is this a bug with the Nessus plugin? If so, is there any plugin update I need to obtain to correct this? Thanks, Mamatha
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
