Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

nikto scan results

From: Juan B <juanbabi () yahoo com>
Date: Tue, 30 Nov 2004 01:52:55 -0800 (PST)
Hi,

I scan my web server  (IIS)with nikto,

this is the results I got:


Exploit: /?"><script>alert("Vulnerable");</script>
Description: IIS is vulnerable to Cross Site Scriptin
(XSS). Apply MS02-018.

Exploit: /?\"><script>alert('Vulnerable');</script>
Description: IIS is vulnerable to Cross Site Scripting
(XSS). See MS02-018, CVE-2002-0075, SNS-49, CA-2002-09

Exploit: /?\><script>alert('Vulnerable');</script>
Description: IIS is vulnerable to Cross Site Scripting
(XSS). See MS02-018, CVE-2002-0075, SNS-49, CA-2002-09

Can someone please explain whats does mean? how I
check if this is not a faulse alarm? maybe there are
links which can explain what does it mean?

thanks !!!

JB




        
                
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - You care about security. So do we. 
http://promotions.yahoo.com/new_mail
Previous By Date Next
Previous By Thread Next

Current thread: