Hello there, Yesterday I ran Nessus (version 1.2.6 with the latest plugins) against an IIS server that I've scanned in the past. I knew the server was vulnerable to several exploits, including a FrontPage buffer overflow and the HTTP PUT and DELETE methods. I wanted to perform a more comprehensive scan, so I checked "Enable all" instead of "Enable all but dangerous" on the "Plugins" tab. I was under the impression that the dangerous scans would, at the very worst, crash the server. When I ran the scan, however, Nessus proceeded to delete most of the content on the webserver, including entire subdirectories such as "/includes". At first, I suspected the "http_methods.nasl" plugin. After inspecting the code, however, this plugin doesn't appear to be the culprit. This plugin attempts to delete a single file named "/puttest.html" (created by the earlier PUT test), "/index.html", "/default.asp", "/default.htm", or "/index.php". Even if this plugin deleted the homepage, that wouldn't account for all the other files and subdirectories that were mysteriously deleted. Does anyone know what plugin could've done this? I was under the impression that Nessus scans were unobtrusive, so this seems to be strange behavior. Any thoughts would be greatly appreciated...
Thanks in advance for your help! Vince Kornacki - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
