On Mon, Mar 29, 2004 at 11:46:10AM -0500, Keyur Lavingia wrote: > It pretty sure looks like a FP. The reason being, this customer has two > identical WIN 2K servers running IIS 5 and only one of them is showing > positive results for this plugin. The only difference between these two > servers is the cert authority. One has a Verisign cert and one has a Thawte > cert. The one with the Thawte cert is showing the positive results. The > confusing part is that this server is using native Windows implementation of > SSL and not OpenSSL, so it should not come out positive at all as far as I > think.
Back on 3/19, you asked about false positives arising from plugin #12110 when testing IIS 5 on Windows 2000. Those "false positives" wouldn't happen to be for the same hosts as you're now encountering with 11060, would they? Perhaps something else is going on such that these aren't false positives. Out of curiousity, can you provide the banner for one of the "vulnerable" servers, as determined by 12110? George -- [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
