Hi Srikanth We'll look into this. In future would you mind sending security reports to [email protected]? Many thanks!
-- James -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Srikanth Sridhar Sent: 18 November 2010 14:35 To: [email protected] Subject: [opsview-users] Help required Hi, I have sucessfully installed OpsView 3.9 and is working fine but the security in my Office has run vulnarabilty test on, this server and have come up with a few vulnarabilties as given below can somebody help me on this please I am not sure if i am posting it to the right form please help me and suggest me if there are alternate forum where, i can post such questions in future. *************************************************************************************************************************************** Possible Database Connection String (ODBC DSN or OleDB for Access, MS SQL, ORACLE, IBM DB2, MySQL, Sybase, Informix, or Interbase ) ( 3185 ) View Description Page: This page comes up as script as given below I need to disable it or display an error page in palce of this High I/* Prototype JavaScript framework, version 1.6.1 * (c) 2005-2009 Sam Stephenson * * Prototype is freely distributable under the terms of an MIT-style license. * For details, see the Prototype web site: http://www.prototypejs.org/ * *--------------------------------------------------------------------------*/ var Prototype = { Version: '1.6.1', Browser: (function(){ var ua = navigator.userAgent; var isOpera = Object.prototype.toString.call(window.opera) == '[object Opera]'; return { IE: !!window.attachEvent && !isOpera, Opera: isOpera, WebKit: ua.indexOf('AppleWebKit/') > -1, Gecko: ua.indexOf('Gecko') > -1 && ua.indexOf('KHTML') === -1, MobileSafari: /Apple.*Mobile.*Safari/.test(ua) } })(), BrowserFeatures: { XPath: !!document.evaluate, SelectorsAPI: !!document.querySelector, ElementExtensions: (function() { var constructor = window.Element || window.HTMLElement; return !!(constructor && constructor.prototype); })(), SpecificElementExtensions: (function() { if (typeof window.HTMLDivElement !== 'undefined')ssues /* Pre terms of an MIT-style license. * For details, see the Prototype web site: http://www.prototypejs.org/ * *--------------------------------------------------------------------------*/ var Prototype = { Version: '1.6.1', Browser: (function(){ var ua = navigator.userAgent; var isOpera = Object.prototype.toString.call(window.opera) == '[object Opera]'; return { IE: !!window.attachEvent && !isOpera, Opera: isOpera, WebKit: ua.indexOf('AppleWebKit/') > -1, Gecko: ua.indexOf('Gecko') > -1 && ua.indexOf('KHTML') === -1, MobileSafari: /Apple.*Mobile.*Safari/.test(ua) } })(), BrowserFeatures: { XPath: !!document.evaluate, SelectorsAPI: !!document.querySelector, ElementExtensions: (function() { var constructor = window.Element || window.HTMLElement; return !!(constructor && constructor.prototype); })(), SpecificElementExtensions: (function() { if (typeof window.HTMLDivElement !== 'undefined') **************************************************************************************************************************************************** How to encrypt this url or if this is not required i can stop this from loading HTTP Basic Logins Sent Over Unencrypted Connection ( 10512 ) View Description Page: http://10.226.11.35:3000/atom ************************************************************************************************************************************************** How do i remove persistent cookies Persistent Cookies ( 4728 ) View Description Page: http://10.226.11.35:3000/atom Page: http://10.226.11.35:3000/about/ Page: http://10.226.11.35:3000/baddir123/ http://10.226.11.35:3000/javascript/prototype.js?ov=3.9.1.5340 *************************************************************************************************************************************************** Thanks Srikanth _______________________________________________ Opsview-users mailing list [email protected] http://lists.opsview.org/lists/listinfo/opsview-users _______________________________________________ Opsview-users mailing list [email protected] http://lists.opsview.org/lists/listinfo/opsview-users
