Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: MOD_SSL: CVE-2004-0700, MOD_SSL; CVE-2004-0488 on OpenVMS, false pos

from [Randal T. Rioux] Network Security [Permanent Link]
Subject: Re: MOD_SSL: CVE-2004-0700, MOD_SSL; CVE-2004-0488 on OpenVMS, false positive?
Date: Tue, 8 Apr 2008 13:37:22 -0400 (EDT) 
On Tue, April 8, 2008 12:08 pm, Yanyan Wang wrote:

What about MOD_SSL: CVE-2004-0700, MOD_SSL; CVE-2004-0488? Our admins say
that they've been patched by HP before the scan. Thanks.


I'm assuming you're using Secure Web Server for OpenVMS? What is the
patch/version level? Do you have console access to check the version?

TELNET 0 80

Though this should work from anywhere (system specific, of course). You
should see output like this if local:

%TELNET-I-TRYING, Trying ... 127.0.0.1

%TELNET-I-SESSION, Session 01, host localhost, port 80
-TELNET-I-ESCAPE, Escape character is ^]

Press ENTER and enter the following HTTP command:

HEAD / HTTP/1.0

<hit enter twice>

HTTP/1.1 200 OK
Date: blah blah GMT
Server: Apache/2.0.52 (OpenVMS) mod_ssl/2.0.52 OpenSSL/0.9.7d
Content-Location: index.html.en
Vary: negotiate,accept-language,accept-charset
TCN: choice
Last-Modified: blah blah blah GMT
ETag: "2e4550-5b2-b12cef40"
Accept-Ranges: bytes
Content-Length: 1458
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Language: en

%TELNET-S-REMCLOSED, Remote connection closed

-TELNET-I-SESSION, Session 01, host localhost, port 80


What do you see? The patch could have been applied, but the instance may
not have been restarted. Verify with whoever patched it (HP?) if it
doesn't look right.

Randy


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: What is this situation???, Michel Arboi
Next by Date:  Re: MOD_SSL: CVE-2004-0700, MOD_SSL; CVE-2004-0488 on OpenVMS, false positive?, Randal T. Rioux
Previous by Thread:  MOD_SSL: CVE-2004-0700, MOD_SSL; CVE-2004-0488 on OpenVMS, false positive?, Yanyan Wang
Next by Thread:  Re: MOD_SSL: CVE-2004-0700, MOD_SSL; CVE-2004-0488 on OpenVMS, false positive?, Randal T. Rioux
Indexes:  [Date] [Thread] [Top] [All Lists]