I have a few questions. Forgive me if I am naive but
just wanted to clear my mind about the following
questions.
1. What information does nessus need to test a
vulnerability. Only the service name, or the
application name or the complete application version.
I presume currently nessus is detecting in some cases
only the service, or the application name or sometimes
the exact application version.
Why is it that the application version is not
completely made sure of before the vulnerability is
detected.
2. Once it has this information how does it decide
whether to do an exploit or go through the registry.
__________________________________
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online.
http://taxes.yahoo.com/filing.html
just wanted to clear my mind about the following
questions.
1. What information does nessus need to test a
vulnerability. Only the service name, or the
application name or the complete application version.
I presume currently nessus is detecting in some cases
only the service, or the application name or sometimes
the exact application version.
Why is it that the application version is not
completely made sure of before the vulnerability is
detected.
2. Once it has this information how does it decide
whether to do an exploit or go through the registry.
__________________________________
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online.
http://taxes.yahoo.com/filing.html