I'm getting this triggering against a MS FTP server.
The code says:
if("Serv-U FTP Server " >< banner )exit(0);
So that shouldn't be matching a MS FTP server.
And yet here's the .nbe file
results|yyy|zzzzzzz|ftp (21/tcp)|10330|Security Note|An FTP server is
running on this port.\nHere is its banner : \n220 my.server Microsoft
FTP Service (Version 5.0).\r\n
results|yyy|zzzzzzz|ftp (21/tcp)|12
080|Security Hole|\nThe remote host is running Serv-U FTP
server.\n\nThere is a
bug in the way this server handles arguments to the MDTM \nrequests
which may al
low an attacker to trigger a buffer overflow against\nthis server, which
may all
ow him to disable this server remotely or to\nexecute arbitrary code on
this hos
t.\n\nSolution : Upgrade Serv-U Server, at least to version 4.3 or use
another s
erver\nRisk factor : High\nCVE : CAN-2004-0330\nBID : 9751\n
This is under Nessus-2.2.4
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Wed Aug 24 2005 - 20:57:17 PDT