-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday 04 October 2003 02:39, Renaud Deraison wrote: > On Sat, Oct 04, 2003 at 02:25:26AM +0200, Francesco Lamonica wrote:
> > Solution : Contact your vendor for a fix. If the remote host is running > > Linux 2.0, upgrade to Linux 2.0.40. > > > > but i am running linux 2.4.22 (plain vanilla kernel compiled from > > sources) > > This is not a false positive. Contact the maintainer of the driver of > your NIC, and have him investigate the issue. ok, i will at once > > Solution : Upgrade to CVS 1.11.5 > > > > but i am running cvs 1.11.5 > > Doubtful as well. If you enabled KB saving in your client, what does the > entriy "cvs/2401/version" in /usr/local/var/nessus/users/<login>/kb/<ip> > looks like ? i have none, i did enable kb saving but the only lines containing 'cvs' are the following 1065262735 1 Services/cvspserver=2401 1065262735 1 Known/tcp/2401=cvspserver 1065262735 1 SentData/10330/INFO/2=A CVS pserver server is running on this port 1065262844 1 SentData/11385/HOLE/1=\nThe remote CVS server, according to its version number,\nis vulnerable to a double free() bug which may allow an\nattacker to gain a shell on this host.\n\nSolution : Upgrade to CVS 1.11.5\nRisk Factor : High 1065262886 1 SentData/10051/INFO/1=A CVS (Concurrent Versions System) server is installed, and it is configured\nto have its own password file, or use that\nof the system. This service starts as a daemon, listening on port\nTCP:port.\nKnowing that a CVS server is present on the system gives attackers\nadditional information about the system, such as that this is a\nUNIX based system, and maybe a starting point for further attacks.\n\nSolution: Block those ports from outside communication\n\nRisk factor : Low > Did you restart httpd ? u mean after having added those lines and before running nessus? yes > None of these seem to be false positives to me. - -- Francesco Lamonica: f DOT lamonica AT tin DOT it PGP Fingerprint: 5870 92BA 8DFF 1ACF DE2E B94D 46EC 5505 7C64 4EF1 Favourite quote: There's no spoon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/fqFcRuxVBXxkTvERAiIWAJ4+Ll77FwMOKbev90tYdILPyHmUhQCeNCG5 BOZegHOJOESXHVWByVJUjYQ= =qCc+ -----END PGP SIGNATURE-----
