Hi Team Tried scanning a linux server and ended up with Apache
vulnerabilities(Windows).We reported the same few months back and the Plugin
was updated by Open VAS team.But again we are getting the same windows
vulnerability on Linux boxes.Can you help us in fixing this issue?
Listed the vulnerabilities.
High 1 - NVT: Apache Tomcat 'MultipartStream' Class Denial of Service
Vulnerability OID:1.3.6.1.4.1.25623.1.0.808197
High 2 - NVT: OpenSSH 'auth password' Denial of Service Vulnerability
(Windows)OID:1.3.6.1.4.1.25623.1.0.809121
-----------------------------------------------------------------------------------------------------------------------------------------------
Medium 1- NVT: Apache Tomcat CSRF Token Leak Vulnerability -Feb16
(Windows)OID:1.3.6.1.4.1.25623.1.0.807405
Medium 2 - NVT: Apache Tomcat Session Fixation Vulnerability -Feb16
(Windows)OID:1.3.6.1.4.1.25623.1.0.807409
Medium 3 - NVT: Apache Tomcat Security Manager Bypass Vulnerability -Feb16
(Windows)OID:1.3.6.1.4.1.25623.1.0.807406
Medium 4 - NVT: Apache Tomcat Security Manager Bypass Vulnerability01 -Feb16
(Windows)OID:1.3.6.1.4.1.25623.1.0.807408
Medium 5 - NVT: Apache Tomcat SecurityManager Security Bypass Vulnerability
-June15 (Windows)OID:1.3.6.1.4.1.25623.1.0.805702
Medium 6 - NVT: Apache Tomcat Directory Disclosure Vulnerability -Feb16
(Windows) OID:1.3.6.1.4.1.25623.1.0.807407
Medium 7 - NVT: Apache Tomcat Limited Directory Traversal Vulnerability -Feb16
(Windows) OID:1.3.6.1.4.1.25623.1.0.807404
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
