Re: [Plugins-writers] Is iis_isapi_overflow.nasl needed?

From: Renaud Deraison (deraison@private)
Date: Thu Feb 26 2004 - 01:28:47 PST

  • Next message: Dennis Jackson: "Re: [Plugins-writers] mssql_blank_password.nasl and mssql_brute_force.nasl"

    On Thu, Feb 26, 2004 at 07:00:36AM +0000, Dennis Jackson wrote:
    > As far as I can see, the two scripts
    >   iis_ida_isapi.nasl
    >   iis_isapi_overflow.nasl
    > are testing for the same vulnerability.
    
    No. One checks for the .IDA mapping - ie: it will issue an alert against
    any IIS server with all the patches applied and tell you that .ida
    mapping is there. [you typically don't want .ida to be set anyway]
    
    The second one checks for one vulnerability.
    
    
    				-- Renaud
    _______________________________________________
    Plugins-writers mailing list
    Plugins-writers@private
    http://mail.nessus.org/mailman/listinfo/plugins-writers
    



    This archive was generated by hypermail 2b30 : Thu Feb 26 2004 - 01:30:42 PST