Re: domino6_overflows.nasl

From: Renaud Deraison (deraisonat_private)
Date: Thu Sep 04 2003 - 08:57:57 PDT

  • Next message: Paul Johnston: "Added CVE to 10661"

    On Thu, Sep 04, 2003 at 11:42:26AM +0200, Michel Arboi wrote:
    > This script looks incorrect to me. If the banner does not contain a
    > parsable version (I got "Server: Lotus-Domino/0") it tries
    > miscellaneous URL and outpus a security_hole as soon as it finds a
    > banner, but does not check the version number :-\
    
    Of course - it checks that if you provide a bogus web server name, that
    server name actually appears in the Location: field of the redirected
    pages.
    



    This archive was generated by hypermail 2b30 : Thu Sep 04 2003 - 02:55:13 PDT