On Mon, Nov 20, 2006 at 02:55:09PM +0000, [EMAIL PROTECTED] wrote:
I have some concerns with a scan of a Windows 2003 SP1 Server running McAfee ePolicy Orchestrtor client 3.5.5.438 the version of Nessus used is 3.0.3 Build W334 with plug ins update today (Nov 20).
...
It looks like plug in 10930 tries to enumerate a Apache < 2.0.44 CVE-2003-0016 - Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems
Actually, that plugin doesn't look at any banners but tries to kill the host itself.
Can anyone show/point me to a way that I can verify this manually? I believe this is a false postive, but I believe ePolicy Orchestrtor using some version of Apache I would like to find out. The server doesn't crash continuously
It probably is a false-positive given what you say about the target environment. Does the machine crash when you run it?
Also, are you able to re-run this plugin against EPO? If so, would you take a packet capture while doing it and send me privately the results. I'm interested only in packets going between that particular service and nessusd. [If using tcpdump, please specify "-s 0" to fully capture packets.]
George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
