Security Basics mailing list archives

RE: nikto scan results

From: "Harshul Nayak" <harshul.nayak () patni com>
Date: Wed, 1 Dec 2004 09:18:44 +0530

hello Juan,
nikto results are self explanatory , as disclosed by the scanner , the IIS
webserver is vulnerable to XSS vulnerability.
to check for the false alarms, you can manually test the XSS vulnerability
on places where user input is asked.
There is enough material on NET on how to do XSS..
also verify whether you have applied the patches as mentioned in the below
advisories..
the IDs mentioned (e.g MS02-018) are of various advisories, like CERT ,
Microsoft Security Bulletins, etc ..

hope this helps.
-regs
Harshul

-----Original Message-----
From: Juan B [mailto:juanbabi () yahoo com]
Sent: Tuesday, November 30, 2004 3:23 PM
To: security-basics () securityfocus com
Subject: nikto scan results


Hi,

I scan my web server  (IIS)with nikto,

this is the results I got:


Exploit: /?"><script>alert("Vulnerable");</script>
Description: IIS is vulnerable to Cross Site Scriptin
(XSS). Apply MS02-018.

Exploit: /?\"><script>alert('Vulnerable');</script>
Description: IIS is vulnerable to Cross Site Scripting
(XSS). See MS02-018, CVE-2002-0075, SNS-49, CA-2002-09

Exploit: /?\><script>alert('Vulnerable');</script>
Description: IIS is vulnerable to Cross Site Scripting
(XSS). See MS02-018, CVE-2002-0075, SNS-49, CA-2002-09

Can someone please explain whats does mean? how I
check if this is not a faulse alarm? maybe there are
links which can explain what does it mean?

thanks !!!

JB






__________________________________
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
http://promotions.yahoo.com/new_mail


http://www.patni.com
World-Wide Partnerships. World-Class Solutions.
_____________________________________________________________________

This e-mail message may contain proprietary, confidential or legally
privileged information for the sole use of the person or entity to
whom this message was originally addressed. Any review, e-transmission
dissemination or other use of or taking of any action in reliance upon
this information by persons or entities other than the intended
recipient is prohibited. If you have received this e-mail in error
kindly delete  this e-mail from your records. If it appears that this
mail has been forwarded to you without proper authority, please notify
us immediately at netadmin () patni com and delete this mail. 
_____________________________________________________________________

Current thread:

RE: nikto scan results Harshul Nayak (Dec 01)
- <Possible follow-ups>
- Re: nikto scan results Times Enemy (Dec 01)
  - Re: nikto scan results Marco (Dec 02)