Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/nessus/plugins/ en-us (c) Gossamer Threads Inc. All rights reserved. 13 Feb 2012 03:35:46 -0800 120 75 23 http://www.gossamer-threads.com/lists/nessus/plugins/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg Hello! Here's the fixes against nmap.nasl found on this link: http://www.nessus.org/documentation/nmap.nasl Here's the link to the diff (it's in att 14 Mar 2009 04:59:38 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33747 Plugin frontpage_chunked_overflow.nasl (version 1.18) reports a false positive if the IIS web server is configured not to return 404. The following 10 Mar 2009 20:12:28 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33744 Plugin ssh1_proto_enabled.nasl (version 1.18) rates CVE-2001-0361 as Low with CVSS 2.6, which seems rather odd, especially considering that it shoul 10 Mar 2009 20:12:27 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33743 Hello all, I am currently investigating the possibilities of Nessus with regards to testing web applications on generic vulnerabilities. My goal is t 09 Mar 2009 07:47:59 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33741 Final Speaker Lineup for CanSecWest 2009 (March 18-20): =============================================== The Smart-Phones Nightmare - Sergio 'shadown' 15 Feb 2009 18:52:51 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33716 Don't know if this is the proper way to ask this but I'm in the process of trying to convince MGMT to utilize nessus Windows compliance .audit file 12 Feb 2009 06:45:39 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33710 I have just run Nessus with the paranoid option against three systems. I believe all three are instances of Firewall-1 (ports 264/tcp and 500/udp open 11 Feb 2009 09:48:52 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33706 is there a setting for plugins to disable them by default? the nikto.nasl has a nice checkbox.. any other way? I have one with reverse logic (errors i 11 Feb 2009 08:22:10 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33705 Hi guys, PFA. This contains the consolidated list of scans performed for a single subnet last day. The items marked in RED have patch mismatch as 02 Feb 2009 21:35:36 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33681 Hello, I have a string that looks like this mystring="value1=1 value2=a value3=cd value4=jj"; I would like to be able to put this in individual arr 31 Jan 2009 06:29:32 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33676 Hi all, I have started writing a new nessus plugin in nasl. 1. When I run the plugin with nasl (at a command line), I get "A non-authenticated scrip 30 Jan 2009 03:01:32 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33670 The attached plugin detects presence of SNMP community strings in SNMP MIBs. In this sense it eclipses the functionality of snmp_vacm.nasl while pro 25 Jan 2009 11:06:27 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33652 Hello everyone, For 10 years now, the Nessus user base has been supported with the use of mailing lists as a medium to communicate with the communi 12 Jan 2009 09:08:00 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33637 I've written a few plugins that check if they can successfully login via SSH - checks return value of ssh_open_connection(), empty username/password 05 Jan 2009 15:41:49 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33608 Dear All, Is there an up-to-date reference manual for nasl ? I tried to improve the plugin 21725 (Symantec Anti-Virus check) so it will check that t 05 Jan 2009 15:25:40 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33607 Plugins ssl_anon_ciphers.nasl and ssl_weak_supported_ciphers.nasl obtain the list of supported SSL ciphers via get_kb_list(). Both of these plugins 31 Dec 2008 08:35:27 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33586 Hi, First post, but I've been using Nessus, nasl's and .audit files for a couple of years now. I've recently been writing a few plugins that requir 28 Dec 2008 12:36:59 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33572 This generic ftp traversal test uses anonymous:nessus@<hostname>. I found an ftp server this morning with a traversal vulnerability, but it doesn't 24 Dec 2008 10:18:57 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33569 Hello Frank, Comments inline: Frank_Kenisky@psc.uscourts.gov wrote: > > I've used Nessus "free" tool for almost 8 years now. I just recently > p 16 Dec 2008 07:16:36 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33544 I've used Nessus "free" tool for almost 8 years now. I just recently purchased the commercial version so I can utilize the .audit files. After runn 15 Dec 2008 08:15:14 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33541 There is a minor bug in script os_fingerprint_http.nasl. The following patch against version 1.26 resolves the issue: --- os_fingerprint_http.nasl.or 04 Dec 2008 08:45:27 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33497 There is a typo bug in script hastymail_attachment_exec.nasl. The following patch against version 1.5 resolves the issue: --- hastymail_attachment_ex 04 Dec 2008 08:29:27 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33496 Recently script cross_site_scripting.nasl got modified to request URLs via http_send_recv3(). The script attempts to retrieve mostly non-existent UR 04 Dec 2008 08:17:27 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33495 According to the CVE-2004-2630[1] and the advisory from the phpMyAdmin team[2] only phpMyAdmin versions 2.5.0 to 2.6.0-pl1 have the command executio 04 Dec 2008 06:51:17 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33494 Call For Papers     The CanSecWest 2009 CFP is now open.     Deadline is December 8th, 2008. CanSecWest CALL FOR PAPERS     VANCOUVER, Canada -- T 24 Nov 2008 21:21:34 -0800 http://www.gossamer-threads.com/lists/nessus/plugins/33442