Hey folks,
I'm getting what I *think* is a false-positive from ftp_realpath.nasl, but I'm not sure why, so I'm wondering if I'm reading something wrong, or
if it's a bug, or... I may just be brain-dead today.
The plugin code:
data = string("CWD\n");
send(socket:soc, data:data);
a = recv_line(socket:soc, length:1024);
if("550 /" >< a)security_warning(port);
But if I FTP to it directly and send the CWD command:
ftp> CWD
?Invalid command
ftp>
My question is: why is it reporting a positive? I don't see "550 /" anywhere in the response...
Thanks for your help
--Sullo
I'm getting what I *think* is a false-positive from ftp_realpath.nasl, but I'm not sure why, so I'm wondering if I'm reading something wrong, or
if it's a bug, or... I may just be brain-dead today.
The plugin code:
data = string("CWD\n");
send(socket:soc, data:data);
a = recv_line(socket:soc, length:1024);
if("550 /" >< a)security_warning(port);
But if I FTP to it directly and send the CWD command:
ftp> CWD
?Invalid command
ftp>
My question is: why is it reporting a positive? I don't see "550 /" anywhere in the response...
Thanks for your help
--Sullo