Another missed 404 on Web pages
Jason Haar
Jason.Haar at trimble.co.nz
Sun Jan 16 19:12:48 EST 2005
Nessus 2.2.2a
We've got some Java Web app that generates it's own error pages - again
confusing Nessus into thinking it's successfully download a page when it
hasn't.
The returned page looks like:
HTTP/1.0 200 OK
Expires: 0
Date: Mon, 17 Jan 2005 00:07:44 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Set-Cookie: JSESSIONID=7G0o294MtWEdjXxo9UYdF9D3pnU; path=/arsys/
<html>
<body>
Loading your page, Please wait...
<br/>
<script>
var locationPath = escape(location.pathname+location.search);
location.href = "/arsys" +
"/servlet/ErrorHandlingServlet?action=404&path=" + locationPath;
</script>
</body>
</html>
Hope that helps
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the Nessus
mailing list