[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Detecion of failures of security with the scanner of eeye (retina)
- Subject: Re: [cobalt-security] Detecion of failures of security with the scanner of eeye (retina)
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Thu, 18 Sep 2003 14:13:55 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Matias,
> I have updated all the patches with blueling, but when scannig my server
> with retina, appears many vulneravilidades, that he assumes, those
> patches solve.
Retina (like many other related products) just looks at the version number of
stuff like Sendmail, Apache and whatever active service it finds. Sure, it
then throws a fit about finding oldtimers like Apache-1.3.20, Sendmail-8.11.6
and what not else.
However, if you are up to date on patches, then your Apache-1.3.20 has all
known security patches applied - and still reports itself as Apache-1.3.20.
So if the scanner just assumes that Apache-1.3.20 means "unpatches
Apache-1.3.20", then you get a false report.
--
With best regards,
Michael Stauber