[Plugins-writers] Plugin 10807 (Jakarta Tomcat 3.1 Path Disclosure) False Positive

• Previous message: Jon Passki: "[Plugins-writers] LDAP plugin 10723 and confusing text"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello All,

Could the following check be put into plugin 10807?  I grabbed the
Server check from plugin 11176, but I do not know what a 3.1
returns in the Server response header.  The plugin reported
positive on a Win32 Jakarta 4.0.1 (according to the banner) system.
 I don't have  a packet dump or the response to validate the reply.

diff -u tomcat_path_disclosure.nasl.orig
tomcat_path_disclosure.nasl
--- tomcat_path_disclosure.nasl.orig    2005-02-17
12:49:09.099600200 -0600
+++ tomcat_path_disclosure.nasl 2005-02-17 12:49:36.036991200 -0600
@@ -68,7 +68,7 @@
  r = http_recv(socket:soc);
  http_close_socket(soc);

- if("Tomcat" >< r)
+ if("Server: Apache Tomcat/3.1" >< r)
   {
   path = ereg_replace(pattern:".*HTTP Status 404 - ([^<]*)
.The.*",
                    string:r,


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Jon Passki: "[Plugins-writers] LDAP plugin 10723 and confusing text"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Thu Feb 17 2005 - 10:53:45 PST