Security Basics mailing list archives
RE: nikto scan results
From: "Harshul Nayak" <harshul.nayak () patni com>
Date: Wed, 1 Dec 2004 09:18:44 +0530
hello Juan, nikto results are self explanatory , as disclosed by the scanner , the IIS webserver is vulnerable to XSS vulnerability. to check for the false alarms, you can manually test the XSS vulnerability on places where user input is asked. There is enough material on NET on how to do XSS.. also verify whether you have applied the patches as mentioned in the below advisories.. the IDs mentioned (e.g MS02-018) are of various advisories, like CERT , Microsoft Security Bulletins, etc .. hope this helps. -regs Harshul -----Original Message----- From: Juan B [mailto:juanbabi () yahoo com] Sent: Tuesday, November 30, 2004 3:23 PM To: security-basics () securityfocus com Subject: nikto scan results Hi, I scan my web server (IIS)with nikto, this is the results I got: Exploit: /?"><script>alert("Vulnerable");</script> Description: IIS is vulnerable to Cross Site Scriptin (XSS). Apply MS02-018. Exploit: /?\"><script>alert('Vulnerable');</script> Description: IIS is vulnerable to Cross Site Scripting (XSS). See MS02-018, CVE-2002-0075, SNS-49, CA-2002-09 Exploit: /?\><script>alert('Vulnerable');</script> Description: IIS is vulnerable to Cross Site Scripting (XSS). See MS02-018, CVE-2002-0075, SNS-49, CA-2002-09 Can someone please explain whats does mean? how I check if this is not a faulse alarm? maybe there are links which can explain what does it mean? thanks !!! JB __________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail http://www.patni.com World-Wide Partnerships. World-Class Solutions. _____________________________________________________________________ This e-mail message may contain proprietary, confidential or legally privileged information for the sole use of the person or entity to whom this message was originally addressed. Any review, e-transmission dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you have received this e-mail in error kindly delete this e-mail from your records. If it appears that this mail has been forwarded to you without proper authority, please notify us immediately at netadmin () patni com and delete this mail. _____________________________________________________________________
Current thread:
- RE: nikto scan results Harshul Nayak (Dec 01)
- <Possible follow-ups>
- Re: nikto scan results Times Enemy (Dec 01)
- Re: nikto scan results Marco (Dec 02)