On Sat, Mar 29, 2003 at 12:15:55PM +0200, Noam Rathaus wrote:
> Hi,
>
> Here is an additional patch for the issue, the error 403 is not localized, nor
> generic enough (" 403 Forbidden " is accepted for example).
>
> 6d5
> < # Patch to detect whether the Redirected is UNAUTHORIZED
> 56d54
> <
> 66c64
> < if(" 403 " >< data)exit(0); # if default response is Access Forbidden, a
> false positive will result
> ---
> > if(" 403 Access Forbidden" >< data)exit(0); # if default response is
> Access Forbidden, a false positive will result
> 98,109d95
> <
> < req = http_get(item:BaseURL, port:port);
> < soc=http_open_socket(port);
> <
> < send(socket:soc,data:req);
> < data = http_recv(socket:soc);
> <
> < if(" 403 " >< data)exit(0); # if default response is Access Forbidden, a
> false positive will result
This is bad. If means that if the page content has a "403" in it, it
won't "see" the vuln.
Apparently, you're using the Nessus 1.2.x plugin - I made some changes
in the 2.0.x one, could you check if they're sufficient ?
-- Renaud
(and by the way, I _am_ subscribed to plugins-writers@, so there's no
need to Cc: me each time you post to it)
This archive was generated by hypermail 2b30 : Sat Mar 29 2003 - 02:24:42 PST