[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Detecion of failures of security with the scanner of eeye (retina)

Subject: Re: [cobalt-security] Detecion of failures of security with the scanner of eeye (retina)
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Thu, 18 Sep 2003 14:13:55 +0200
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Matias,

> I have updated all the patches with blueling, but when scannig my server
> with retina, appears many vulneravilidades, that he assumes, those
> patches solve.

Retina (like many other related products) just looks at the version number of 
stuff like Sendmail, Apache and whatever active service it finds. Sure, it 
then throws a fit about finding oldtimers like Apache-1.3.20, Sendmail-8.11.6 
and what not else. 

However, if you are up to date on patches, then your Apache-1.3.20 has all 
known security patches applied - and still reports itself as Apache-1.3.20. 
So if the scanner just assumes that Apache-1.3.20 means "unpatches 
Apache-1.3.20", then you get a false report.

-- 

With best regards,

Michael Stauber

References:
- [cobalt-security] Detecion of failures of security with the scanner of eeye (retina)
  - From: Matias Alfaro

Prev by Date: [cobalt-security] Detecion of failures of security with the scanner of eeye (retina)
Next by Date: [cobalt-security] 3rd unofficial Sendmail PKGs available
Previous by thread: [cobalt-security] Detecion of failures of security with the scanner of eeye (retina)
Next by thread: [cobalt-security] 3rd unofficial Sendmail PKGs available

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index