Have you been able to try these scripts against Compaq Insight Manager. Compaq Insight Manager always gets huge numbers of false positives on ports 2301/tcp, 2381/tcp and 49400/tcp. > ---------- > From: Paul Johnston[SMTP:paulat_private] > Sent: 12 September 2003 14:48 > To: plugins-writersat_private; Renaud Deraison > Subject: Changes to 11395, 10844, 11142 and http_keepalive.inc > > <<File: http_keepalive.inc.txt>><<File: iis_xss_idc.nasl.txt>><<File: > frontpage_xss.nasl.txt>><<File: asp_net_css.nasl.txt>> > Hi, > > I have coded up the change I suggested to stop these plugins causing > false positives when the XSS url appears in the response headers. I've > added a bodyonly option to http_keepalive_send_recv, and modified the > plugins to use this function. > > I've tested them against a simple CGI scripts that's vulnerable to all > XSS and they work fine, but I don't have vulnerable hosts to test > against. And I did check keepalive operation when keepalives disabled - > works fine. > > Best wishes, > > Paul > > -- > Paul Johnston > Internet Security Specialist > Westpoint Limited > Albion Wharf, 19 Albion Street, > Manchester, M1 5LN > England > Tel: +44 (0)161 237 1028 > Fax: +44 (0)161 237 1031 > email: paulat_private > web: www.westpoint.ltd.uk > > This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. LogicaCMG global sponsors, Gartner Symposium, Cannes, 4th -7th November 2003 http://symposium.gartner.com/story.php.id.3323.s.5.html Please note that LogicaCMG does not have control over content from,or availability of, this website
This archive was generated by hypermail 2b30 : Fri Sep 12 2003 - 08:24:20 PDT