Mailing List Archive

iis_nat.nasl and propfind_internal_ip.nasl false positives on Oracle
I have an Oracle HTTP server that identifies itself through headers as

Server: Oracle-Application-Server-10g/10.1.2.0.0 Oracle-HTTP-Server OracleAS-Web-Cache-10g/10.1.2.0.0

and through HTTP error responses in bodies with

Oracle-Application-Server-10g/10.1.2.0.0 Oracle-HTTP-Server Server at ...

Both mentioned plugins thinks that "10.1.2.0" is the leaked private IP.

Martin Maèok
ICT Security Consultant
_______________________________________________
Nessus-devel mailing list
Nessus-devel@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus-devel
Re: iis_nat.nasl and propfind_internal_ip.nasl false positives on Oracle [ In reply to ]
On Thu, Dec 22, 2005 at 09:54:53PM +0100, Martin Ma?ok wrote:

> I have an Oracle HTTP server that identifies itself through headers as
>
> Server: Oracle-Application-Server-10g/10.1.2.0.0 Oracle-HTTP-Server OracleAS-Web-Cache-10g/10.1.2.0.0
>
> and through HTTP error responses in bodies with
>
> Oracle-Application-Server-10g/10.1.2.0.0 Oracle-HTTP-Server Server at ...
>
> Both mentioned plugins thinks that "10.1.2.0" is the leaked private IP.


Thanks for the report. I've changed both plugins to ignore such headers;
updates should become available via nessus-update-plugins in an hour or so.

George
--
theall@tenablesecurity.com
_______________________________________________
Nessus-devel mailing list
Nessus-devel@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus-devel