Re: Plugin 10297

To:	Nessus@list.nessus.org
Subject:	Re: Plugin 10297
From:	"George A. Theall" <theall@tenablesecurity.com>
Date:	Fri, 16 Feb 2007 10:26:19 -0500
Cc:
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	nessus-list1@securepoint.com
Delivered-to:	Nessus@list.nessus.org
In-reply-to:	<9B71985304C4914AACE30A5BD6A08771351BDA@sumac.cfs.le.ac.uk>
List-archive:	<http://mail.nessus.org/pipermail/nessus>
List-help:	<mailto:nessus-request@list.nessus.org?subject=help>
List-id:	Discussion of Nessus software <nessus.list.nessus.org>
List-post:	<mailto:nessus@list.nessus.org>
List-subscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=subscribe>
List-unsubscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=unsubscribe>
References:	<9B71985304C4914AACE30A5BD6A08771351BDA@sumac.cfs.le.ac.uk>
Sender:	nessus-bounces@list.nessus.org
User-agent:	Thunderbird 1.5.0.9 (X11/20061206)

To:

Nessus@list.nessus.org

Subject:

Re: Plugin 10297

From:

"George A. Theall" <theall@tenablesecurity.com>

Date:

Fri, 16 Feb 2007 10:26:19 -0500

Cc:

Delivered-to:

sp-com-lists@consult.net

Delivered-to:

nessus-list1@securepoint.com

Delivered-to:

Nessus@list.nessus.org

In-reply-to:

<9B71985304C4914AACE30A5BD6A08771351BDA@sumac.cfs.le.ac.uk>

List-archive:

<http://mail.nessus.org/pipermail/nessus>

List-help:

<mailto:nessus-request@list.nessus.org?subject=help>

List-id:

Discussion of Nessus software <nessus.list.nessus.org>

List-post:

<mailto:nessus@list.nessus.org>

List-subscribe:

<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=subscribe>

List-unsubscribe:

<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=unsubscribe>

References:

<9B71985304C4914AACE30A5BD6A08771351BDA@sumac.cfs.le.ac.uk>

Sender:

nessus-bounces@list.nessus.org

User-agent:

Thunderbird 1.5.0.9 (X11/20061206)

On Fri, Feb 16, 2007 at 03:13:25PM -0000, Nelson, C.M. wrote:

However, I find that the URL that it reports does not work for me.
Perhaps it is something to do with the browser I use - not sure really.

It would be nice for the URL in the report to work.

It probably is a browser issue -- some exploits are sensitive to theformat of the request, and browsers can encode the URLs before sendingthem.

To be sure, you could test by telnet'ing into the web server and issuingthe command by hand. You may need to do a packet capture to see exactlywhat the plugin is sending, so you can replicate it manually.


> (I like my "customers" to be able to see this problem for themselves).

So showing them the contents of a boot.ini / passwd file from the remotedoesn't work for them?



George
--
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

<Prev in Thread]	Current Thread	[Next in Thread>
Plugin 10297, Nelson, C.M. Re: Plugin 10297, George A. Theall <= Re: Plugin 10297, Michel Arboi

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Plugin 10297, Nelson, C.M.
Next by Date:	Internet hosts = "No vulnerability found", Sean Carolan
Previous by Thread:	Plugin 10297, Nelson, C.M.
Next by Thread:	Re: Plugin 10297, Michel Arboi
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Plugin 10297, Nelson, C.M.

Next by Date:

Internet hosts = "No vulnerability found", Sean Carolan

Previous by Thread:

Plugin 10297, Nelson, C.M.

Next by Thread:

Re: Plugin 10297, Michel Arboi

Indexes:

[Date] [Thread] [Top] [All Lists]