*** Jonas Andradas <[email protected]> wrote:
> I am scanning an APC Smart-UPS 1000 RM device (with version 3.5.5 of
> APC OS). On port 80 , there is a web server which, upon an empty GET request,
> freezes or, at least, becomes unresponsive. This also makes
> unresponsive the Telnet server running on the device. After a while, services
> are restored. OpenVAS did not report this issue, but Nessus 4 did report it
> as
> "Linksys WRT54G Empty GET Request Remote DoS".
Jonas and i discovered that both, the embedded webserver at the
APC Smart-UPS and the embedded webserver at the Enterasys switch, have
problems with certain requests (too long requests, empty GET requests,...).
"Problematic" plugins are nikto.nasl and
taifajobs_1_0_jobid_sql_injection.nasl for example.
Both plugins are able to kill the embedded webservers without
reporting about that. Perhaps there are more plugins...
As a workaround i will add
"if(get_kb_item("Services/www/" + port + "/embedded"))exit(0);"
to both plugins.
We should consider whether it makes sense in principle, running
plugins of Family "Web application abuses" against embedded webservers.
Many thanks again to Jonas for his support.
Micha
--
Michael Meyer OpenPGP Key: 76E050B9
http://www.intevation.de
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
