Security Basics mailing list archives
Re: nikto scan results
From: "Times Enemy" <times () krr org>
Date: Tue, 30 Nov 2004 16:40:51 -0700 (MST)
Greetings. For the MS's (just use the search feature): http://www.microsoft.com/ For the CVE's: http://www.cve.mitre.org/cve/ For the SNS's (if you know japanese, it is helpful ;) : http://www.lac.co.jp/security/ http://www.attrition.org/security/advisory/sns/ For the CA's: http://search.cert.org/ For all of these: http://www.google.com/ ciao .te
Hi, I scan my web server (IIS)with nikto, this is the results I got: Exploit: /?"><script>alert("Vulnerable");</script> Description: IIS is vulnerable to Cross Site Scriptin (XSS). Apply MS02-018. Exploit: /?\"><script>alert('Vulnerable');</script> Description: IIS is vulnerable to Cross Site Scripting (XSS). See MS02-018, CVE-2002-0075, SNS-49, CA-2002-09 Exploit: /?\><script>alert('Vulnerable');</script> Description: IIS is vulnerable to Cross Site Scripting (XSS). See MS02-018, CVE-2002-0075, SNS-49, CA-2002-09 Can someone please explain whats does mean? how I check if this is not a faulse alarm? maybe there are links which can explain what does it mean? thanks !!! JB
Current thread:
- RE: nikto scan results Harshul Nayak (Dec 01)
- <Possible follow-ups>
- Re: nikto scan results Times Enemy (Dec 01)
- Re: nikto scan results Marco (Dec 02)