Re: [Plugins-writers] iplanet_data_snag.nasl

From: Paul Johnston (paul@private)
Date: Wed Dec 03 2003 - 06:37:37 PST

  • Next message: sullo@private: "Re: [Plugins-writers] iplanet_data_snag.nasl"

    Hi,
    
    That's right - installing the service pack doesn't change the banner.
    
    For client scans, I phrase this vulnerability as "... may be vulnerable 
    to an information leak. Check that you have at least SP7 installed..."
    
    Paul
    
    sullo@private wrote:
    
    >In iplanet_data_snag.nasl it matches the banner to see if it's vulnerable, and
    >the match is:
    >egrep(pattern:"^Server: *Netscape-Enterprise/(4\.[01][^0-9])", string:mybanner)
    >
    >However, I've never seen a Netscape-Enterprise 4 banner that was other than one
    >of  the following:
    > Netscape-Enterprise/4.1
    > Netscape-Enterprise/4.0
    >
    >So I don't think if you have SP 7 installed it makes it 4.07 or 4.17 or
    >something... anyone know for sure if I'm wrong? 
    >
    >Thanks
    >Sullo
    >
    >
    >
    >  
    >
    
    -- 
    Paul Johnston
    Internet Security Specialist
    Westpoint Limited
    Albion Wharf, 19 Albion Street,
    Manchester, M1 5LN
    England
    Tel: +44 (0)161 237 1028
    Fax: +44 (0)161 237 1031
    email: paul@private
    web: www.westpoint.ltd.uk
    
    
    _______________________________________________
    Plugins-writers mailing list
    Plugins-writers@private
    http://mail.nessus.org/mailman/listinfo/plugins-writers
    



    This archive was generated by hypermail 2b30 : Wed Dec 03 2003 - 06:38:43 PST