On Thu, Apr 21, 2005 at 11:43:12PM -0400, Jonathan Clark wrote: > Not sure how this got to be a false positive I was hoping > someone could explaining it to me. The box is a windows > 2000 server box so I don't know how it found a Linux > exploit. ... > It was possible to crash the remote host by sending a > specially malformed TCP/IP packet with invalid TCP > options. Only the version 2.6 of the Linux Kernel is known > to be affected by this problem.
This is from plugin #12296 (Linux 2.6 iptables sign error DoS). Did the host really go down when the scan was run? Did it crash? Or did you experience any network problems when the scan was run? Also, were other plugins run against the host at the same time? If so, which ones? And finally, can you reproduce this result (assuming you're ok with the host possibly going down again)? George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
