On Mon, Nov 20, 2006 at 02:55:09PM +0000, jfvanmeter@comcast.net wrote:
I have some concerns with a scan of a Windows 2003 SP1 Server
running McAfee ePolicy Orchestrtor client 3.5.5.438 the version of
Nessus used is 3.0.3 Build W334 with plug ins update today (Nov 20).
...
It looks like plug in 10930 tries to enumerate a Apache < 2.0.44
CVE-2003-0016 - Apache before 2.0.44, when running on unpatched
Windows 9x and Me operating systems
Actually, that plugin doesn't look at any banners but tries to kill the
host itself.
Can anyone show/point me to a way that I can verify this manually? I
believe this is a false postive, but I believe ePolicy Orchestrtor
using some version of Apache I would like to find out. The server
doesn't crash continuously
It probably is a false-positive given what you say about the target
environment. Does the machine crash when you run it?
Also, are you able to re-run this plugin against EPO? If so, would you
take a packet capture while doing it and send me privately the results.
I'm interested only in packets going between that particular service and
nessusd. [If using tcpdump, please specify "-s 0" to fully capture packets.]
George
--
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
|