[Plugins-writers] Script false alarms

• Previous message: Jon Passki: "Re: [Plugins-writers] Low Priority: Changing output to security_notice in showmount.nasl (#10437)"
• Next in thread: Renaud Deraison: "Re: [Plugins-writers] Script false alarms"
• Reply: Renaud Deraison: "Re: [Plugins-writers] Script false alarms"
• Reply: Martin O'Neal: "RE: [Plugins-writers] Script false alarms"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The following scripts all produce false alarms on sites that repeat the
url back as part of a location header in a 302 redirect.

fcgi_echo.nasl script_id(10838)
phproxy_xss.nasl script_id(16069)
ubbthreads_xss.nasl script_id(15951)

Reworking them to test the regex against the body only and not the
header will solve the problem.

Martin...








_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Jon Passki: "Re: [Plugins-writers] Low Priority: Changing output to security_notice in showmount.nasl (#10437)"
• Next in thread: Renaud Deraison: "Re: [Plugins-writers] Script false alarms"
• Reply: Renaud Deraison: "Re: [Plugins-writers] Script false alarms"
• Reply: Martin O'Neal: "RE: [Plugins-writers] Script false alarms"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Feb 21 2005 - 13:24:34 PST