Hello everyone
I have some concerns with a scan of a Windows 2003 SP1 Server running McAfee
ePolicy Orchestrtor client 3.5.5.438 the version of Nessus used is 3.0.3 Build
W334 with plug ins update today (Nov 20).
I recieve the following hole reported in both an administrative and a non
administrative scan
(8081/tcp)
It was possible to freeze or reboot Windows by reading a MS/DOS device through
HTTP, using a file name like CON\CON, AUX.htm or AUX.
A cracker may use this flaw to make your system crash continuously, preventing
you from working properly.
Solution: upgrade your system or use a HTTP server that filters those names
out.
Risk Factor : High
CVE : CVE-2001-0386, CVE-2001-0493, CVE-2001-0391, CVE-2001-0558,
CVE-2002-0200, CVE-2000-0168, CVE-2003-0016, CVE-2001-0602
BID : 1043, 2575, 2608, 2622, 2649, 2704, 3929, 6659, 6662
Plugin ID : 10930
It looks like plug in 10930 tries to enumerate a Apache < 2.0.44 CVE-2003-0016
- Apache before 2.0.44, when running on unpatched Windows 9x and Me operating
systems
Can anyone show/point me to a way that I can verify this manually? I believe
this is a false postive, but I believe ePolicy Orchestrtor using some version
of Apache I would like to find out. The server doesn't crash continuously
Telnet shows
HTTP/1.0
Server: Agent-ListenServer-HttpSvr/1.0
Date: Mon, 20 Nov 2006 12:54:16 GMT
Thanks in advance --John
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
|