List, can anybody confirm 2.5n is in fact vulnerable ? thank you. On Tue, Dec 30, 2008 at 4:19 PM, George A. Theall <the...@tenablesecurity.com> wrote: > On Dec 30, 2008, at 3:05 PM, YARICK wrote: > >> I think plug-in ftp_servu_overflow.nasl is not >> working correctly ( script_id 12037 ) >> >> I have can a scan against a server running Serv-U version 2.5 and it >> did not show up in the report. >> I am able to ftp to the server from the nessus scanner: >> >> 220-Serv-U FTP-Server v2.5n for WinSock ready... >> 220-Welcome to WWW-ESD's FTP Server. >> 220-The privileges for anonymous FTP users are: >> >> and the version seems to be vulnerable. > > Thanks for the heads-up, Yarick. The plugin expects banners to have > the string "Serv-U FTP Server". I'll update the plugin shortly to > handle the banner you report. > > George > -- > the...@tenablesecurity.com > > > > _______________________________________________ > Nessus mailing list > Nessus@list.nessus.org > http://mail.nessus.org/mailman/listinfo/nessus >
-- --Yarick Tsagoyko Advisory Notice: Email is covered by the Electronic Communications Privacy Act and is legally privileged, but inherently insecure. Content may be subject to alteration: email addresses may incorrectly identify the sender. This email transmission, and any documents, files, or previous email messages attached to it may be privileged and confidential, and are intended only for the use of the recipient(s) named in the address field. If the reader of this message is not an intended recipient, or the employee or agent responsible to deliver it to the recipient, you are hereby notified that any dissemination, distribution, or copying of this message or its contents is strictly prohibited. If you have received this message in error, please notify me by telephone or return email and delete it and any attachments from your computer. Thank you. _______________________________________________ Nessus mailing list Nessus@list.nessus.org http://mail.nessus.org/mailman/listinfo/nessus