mailing list archives
From: mrx <mrx () propergander org uk>
Date: Wed, 06 Jan 2010 12:45:07 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Well, this scanner managed to find a couple of low level vulnerabilities on my site which were missed by both Nikto and
Two directories allowed a directory listing and a test.php file I created, an information disclosure vulnerability, was
also detected. My dumb
ass forgot to delete this "test.php" file after I finished testing the server.
Possible sensitive directories were also listed, however browsing to these directories returned 403 errors, blank pages
or a wordpress logon
prompt, which is what I expected.
So all in all this scanner seems to do it's job well. At least for a LAMP server running wordpress
Of course I have addressed the vulnerabilities reported.
My command of the Chinese language is limited to zero, so I cannot understand the pdf report emailed to me nor the
information within the web
based report. Hopefully the developers will address this language problem.
Mankind's systems are white sticks tapping walls.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/