Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. users
Filer panics while running NESSUS security scanner
Edgar.Vargas at wnco
Nov 18, 2008, 9:16 AM
Post #1 of 3 (2654 views)
Permalink
Hello All,



I'm looking for any information regarding "Filer panic" when running
NESSUS on DataONTAP. The description that I got from another eng is
this:

Description

Formatted

Filer panic's while decoding overflowing authorization header when
customer tried to run security audit package. The address of the buffer
falls into end of a page, which caused a page fault on the filer.



I've not been able to find any information regarding this "bug". Has
anyone had any issues while attempting to scan their Data ONTAP running
6.x or 7.x? Any help would be greatly appreciated.


thanks


--edgar




Edgar J Vargas



I'm against picketing, but I don't know how to show it.
Re: Filer panics while running NESSUS security scanner [ In reply to ]
theall at tenablesecurity
Nov 18, 2008, 9:52 AM
Post #2 of 3 (2543 views)
Permalink
On Nov 18, 2008, at 12:16 PM, Edgar Vargas wrote:

> I'm looking for any information regarding "Filer panic" when running
> NESSUS on DataONTAP. The description that I got from another eng is
> this:

Do you mean when *scanning* Data ONTAP using Nessus? If so, how was
the scan configured? In particular, were safe checks enabled and
thorough tests disabled?

> I've not been able to find any information regarding this "bug".
> Has anyone had any issues while attempting to scan their Data ONTAP
> running 6.x or 7.x? Any help would be greatly appreciated.

I'd recommend first contacting the vendor and making sure that you're
running the latest release. There were some advisories last August
concerning several vulnerabilities which could allow for system
crashes, execution of arbitrary commands, etc -- see for example http://www.kb.cert.org/vuls/id/329772
.

George
--
theall@tenablesecurity.com



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: Filer panics while running NESSUS security scanner [ In reply to ]
gcunning at charter
Nov 19, 2008, 6:02 PM
Post #3 of 3 (2684 views)
Permalink
we had a similar issue once. I don't have the resolution details but you might ask NetApp about bug # 297075.

"The NetApp Remote Volume protocol handler received a bad packet from a security scanner. The data in that request packet was not validated and one piece of it was used as an index into an array. That index was much larger than the actual number of elements in the array. The address of the array element using the bad index was in an area of virtual memory that was unmapped. This resulted in the page fault when an attempt was made to access that array element."
----- Original Message -----
From: Edgar Vargas
To: nessus@list.nessus.org
Sent: Tuesday, November 18, 2008 12:16 PM
Subject: Filer panics while running NESSUS security scanner



Hello All,



I'm looking for any information regarding "Filer panic" when running NESSUS on DataONTAP. The description that I got from another eng is this:

Description

Formatted

Filer panic's while decoding overflowing authorization header when customer tried to run security audit package. The address of the buffer falls into end of a page, which caused a page fault on the filer.



I've not been able to find any information regarding this "bug". Has anyone had any issues while attempting to scan their Data ONTAP running 6.x or 7.x? Any help would be greatly appreciated.


thanks


--edgar




Edgar J Vargas



I'm against picketing, but I don't know how to show it.





------------------------------------------------------------------------------


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal