False positives with BIND 8.4.1-REL?
Michel Arboi
mikhail at nessus.org
Wed Sep 24 11:38:06 EDT 2003
Manuel Kiessling <manuel at kiessling.net> writes:
> "We could DELETE the file '/'on your web server
> This allows an attacker to destroy some of your pages
> Solution : disable this method
> Risk factor : Serious"
We should probably suppress this test. too dangerous.
> My server says "HTTP/1.1 200 OK", but the file is not deleted. Is that
> a false positive?
Probably.
More information about the Nessus
mailing list