*** Sébastien AUCOUTURIER <[email protected]> wrote: > this plugin refers to CVE-2009-4612, > a XSS vulnerability for Jetty version 6.0.x to 6.1.21. > > The plugin first, > > (1) > - try the XSS and check the return > if it match it 'warning_exit'
Strange...the first part only runs if "safe checks" are disabled. That make no sense in this case. > (2) > - it check the version for Jetty > if it match 6.0.x to 6.1.21, it 'warning_exit' > > > why the plugin do not test first (2) , exit if it does not match > and then do (1) > > because (1) can easily be a false positive as example my server return : > > No topic found for "jspsnoop<script>alert(123)<script>" > > that of couse match .... and my server is jetty 7.5.4 so not vulnerable > to this CVE. Yes, the pattern for a successfull XSS is not very good in this NVT. Thanks for pointing out. I'll take care of this. Micha -- Michael Meyer OpenPGP Key: 52A6EFA6 http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
