Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Number of clearly false positives, what happened?

from [HG] Network Security [Permanent Link]
Subject: Number of clearly false positives, what happened?
Date: Thu, 14 Jun 2007 16:28:52 +0300 
Hello!

I'm new to the list, so I hope that this is not a old thing... I did
try to scan the archives, but could not find anything.

I've been using nessus for some time now to make sure my servers are
secure. Generally I've run the checks once a month, but now the last
scan was 5 weeks ago. Usually there is nothing (well information), but
now suddenly I got a number of strange false positive holes. I just
loaded the new plugins (the free stream). I hope somebody can shine
some light on these errors. Here are some examples:

----
The account '4Dgifts' has no password set.
An attacker may use it to gain further privileges on this system

Risk factor : High
Solution : Set a password for this account or disable it
CVE : CVE-1999-0502
----
The login/password combination 'root/12345678' is valid.
On older Macintosh computers, Mac OS X server is configured by
default with the account 'root/1234568' (on newer computers, the
serial number of the system is used instead).

Solution : Set a strong password for the root account
Risk factor : High
CVE : CVE-1999-0502
----
The account 'EZsetup' has no password set.
An attacker may use it to gain further privileges on this system

Risk factor : High
Solution : Set a password for this account or disable it
CVE : CVE-1999-0502
----
The account 'OutOfBox' has no password set. An attacker may use it
to gain further privileges on this system.

Risk factor : High
Solution : Set a password for this account or disable it
CVE : CVE-1999-0502
----
The account 'root' has no password set!

Risk factor : High
Solution : Set a password for this account or disable it
CVE : CVE-1999-0502
----
The account 'root' has the password 'root'. An attacker may use it to
gain further privileges on this system

Risk factor : High
Solution : Set a password for this account or disable it
CVE : CVE-1999-0502
----


These are obviously false positives, as the system is not OS X (as one
of the above claims) but Linux. It doesn't have those users. Besides,
how can the root password be 'root' and not set at the same time. Of
course, all of them are connected with CVE : CVE-1999-0502

--
HG.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: ChartWorks Server 3.7.0, Nessus, and a Fishing Expedition, Jon Passki
Next by Date:  Re: Number of clearly false positives, what happened?, Renaud Deraison
Previous by Thread:  ChartWorks Server 3.7.0, Nessus, and a Fishing Expedition, Jon Passki
Next by Thread:  Re: Number of clearly false positives, what happened?, Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]