Some avoidable false positives ?
When run tests against ports 80 and 443 on a Windows Server 2003 system:
Plugin ID 10362 says:
"It is possible to get the source code of the remote ASP scripts by
appending ::$DATA at the end of the request (like GET
/default.asp::$DATA) ASP source code usually contains sensitive
information such as logins and passwords."
Plugin ID 10363 says:
"It is possible to get the source code of the remote ASP scripts by
appending %2e at the end of the request (like GET /default.asp%2e) ASP
source codes usually contain sensitive informations such as logins and
passwords."
Plugin ID 10491 says:
"There is a serious vulnerability in Windows 2000 (unpatched by SP1)
that allows an attacker to view ASP/ASA source code instead of a
processed file. ASP source code can contain sensitive information such
as username's and passwords for ODBC connections."
I seem to recall a case where at least one of these plugins alerted me
to a real problem; however, they also alert when the actual response
from port 80 is:
The page cannot be found
The page you are looking for might have been removed, had its name
changed, or is temporarily unavailable.
------------------------------------------------------------------------
--------
Please try the following:
.
.
.
.
and response from port 443 is:
Internet Explorer cannot display the webpage
Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.
What you can try:
Diagnose Connection Problems
.
.
.
--
Carl Nelson
Distributed Systems Support Section, Computer Centre, University of
Leicester, Leicester, LE1 7RH, U.K.
Tel: +44 (0)116 252 2060, Fax: +44 (0)116 252 5027
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
