"sullo" <[EMAIL PROTECTED]> writes: > 2 were local problems--one writing a password to a log file, the > other a local buffer overflow. So, how exactly does their scanner > check that? hmmm... must be magic (or they are including their > entire host-based checking as well)
Or if it is on NT, they look into the registry and give a warning if the patch is not here. > 1 was a remote buffer overflow in socks5 on linux. yes, nessus > should have a check for that. I have it in my TODO List. However this is not very urgent, because SOCKS5 is not so common. BTW, I looked at the last CVE : 2002-0142 is about a bug in a beta version of pi3web (in my TODO list too). Not that important: previous and next stable versions are not vulnerable. 2002-0134 looks more important, I wonder how we missed it. So... Now all we have to do is take the list, and implement the tests :-] http://mapage.noos.fr/arboi/nottestedbynessus.gz - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
