Penetration Testing mailing list archives
Nikto v1.21 scan_database.db lotus notes additions and unicode/double decode fix
From: fr0stman <fr0stman () sun-tzu-security net>
Date: Fri, 29 Nov 2002 11:59:31 -0500
Happy Thanksgiving All, Here's an updated scan_database.db for nikto 1.21 with Lotus Notes additions from David Barnett as well as fixing Unicode/Double Decode bug of a single \ in cmd.exe?/c+dir+c:\" causing the check not to be performed. This has been changed to cmd.exe?/c+dir" instead and looking for <DIR> in the HTTP response. Added all default executable directories into the checks as well. http://www.geocities.com/fr0stmanspublicdownloads/nikto121update.tar.gz To install the update: 1. perl nikto.pl -update to get the latest updates. **Warning** Don't do this after installing the attached scan_database.db until this update is incorporated by cirt.net. 2. Now since you are at the latest update overwrite the scan_database.db in your /nikto/plugins/ directory with the attached one. 3. Enjoy. :) -- fr0stman ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Nikto v1.21 scan_database.db lotus notes additions and unicode/double decode fix fr0stman (Nov 29)