I hope the WAF is not playing around to give false results.
Abdus Saboor Cyber Security Leader OSCP | C)PTE | CL6σBB | CSSA | VCP | VTSPx4 | ITIL | ISO27001 PGP 0xE536080D <mailto:ab...@ipnec.com> Email | <http://linkedin.com/in/abdussaboor> LinkedIn | Skype <mailto:ab...@ipnec.com> abdus.saboor <http://www.ipnec.com/> Website | <http://ipnec.com/securityprofiles> Security Profile | <http://ipnec.com/it.pdf> IT Profile | <http://vxg.co/profile/LSS.pdf> LSS Profile From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] On Behalf Of Sai Ravi Sent: Friday, December 16, 2016 8:37 AM To: Openvas-discuss <openvas-discuss@wald.intevation.org> Subject: [Openvas-discuss] Reg Apache Vulnerabilties Hi Team Tried scanning a linux server and ended up with Apache vulnerabilities(Windows).We reported the same few months back and the Plugin was updated by Open VAS team.But again we are getting the same windows vulnerability on Linux boxes.Can you help us in fixing this issue? Listed the vulnerabilities. High 1 - NVT: Apache Tomcat 'MultipartStream' Class Denial of Service Vulnerability OID:1.3.6.1.4.1.25623.1.0.808197 High 2 - NVT: OpenSSH 'auth password' Denial of Service Vulnerability (Windows) OID:1.3.6.1.4.1.25623.1.0.809121 ----------------------------------------------------------------------------------------------------------------------------------------------- Medium 1- NVT: Apache Tomcat CSRF Token Leak Vulnerability -Feb16 (Windows) OID:1.3.6.1.4.1.25623.1.0.807405 Medium 2 - NVT: Apache Tomcat Session Fixation Vulnerability -Feb16 (Windows) OID:1.3.6.1.4.1.25623.1.0.807409 Medium 3 - NVT: Apache Tomcat Security Manager Bypass Vulnerability -Feb16 (Windows) OID:1.3.6.1.4.1.25623.1.0.807406 Medium 4 - NVT: Apache Tomcat Security Manager Bypass Vulnerability01 -Feb16 (Windows) OID:1.3.6.1.4.1.25623.1.0.807408 Medium 5 - NVT: Apache Tomcat SecurityManager Security Bypass Vulnerability -June15 (Windows) OID:1.3.6.1.4.1.25623.1.0.805702 Medium 6 - NVT: Apache Tomcat Directory Disclosure Vulnerability -Feb16 (Windows) OID:1.3.6.1.4.1.25623.1.0.807407 Medium 7 - NVT: Apache Tomcat Limited Directory Traversal Vulnerability -Feb16 (Windows) OID:1.3.6.1.4.1.25623.1.0.807404
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss