First Last wrote: > How do you validate vulnerabilities Nessus finds? I've been working with a > server for awhile that all of the sudden supposedly has a bunch of > vulnerabilities. Below are a few of the ID's. How do I validate that the > vulnerability exists or not? > > Nessus ID : 11760 > Nessus ID : 11694 > Nessus ID : 15908 > >
Many things can change on a network or on a server. Software can be loaded without your knowledge by administrators, and services that weren't running before may start on reboot if they've been disabled but not turned off completely. The plugins in question have to do with CSS issues on a variety of web server applications that are also much older. Is there any chance that a new PHP application has been loaded, how the web server responds to bad queries or older software been reverted to? Ron Gula Tenable Network Security _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
