Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

PluginID: 15642

from [peceka] Network Security [Permanent Link]
Subject: PluginID: 15642
Date: Mon, 18 Jul 2005 15:48:56 +0200 
Hi,

I've just done audit with Nessus on one of my servers with "Safe
checks" and "Optimize the test" switched off.
In report i've got:

The remote web server seems to be vulnerable to a format string attack
on HTTP 1.0 header value.
An attacker might use this flaw to make it crash or even execute 
arbitrary code on this host.


Solution : upgrade your software or contact your vendor and inform him
           of this vulnerability

Risk factor : High


But i'm using mod_security which has blocked this and shows forbidden
(403) page.

So how to treat this? As false-positive?

Best Regards,
p.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: view traffic, Josh Zlatin-Amishav
Next by Date:  Re: New error in my nessus.dump file, George A. Theall
Previous by Thread:  view traffic, ramiro delfin
Next by Thread:  Re: PluginID: 15642, George A. Theall
Indexes:  [Date] [Thread] [Top] [All Lists]