Yeah for example Nikto for one runs a huge list of scans against
things you've never even heard of. Its a real "throw the kitchen sink
at it" approach. I do find stuff occassionally with it but yeah that'd
explain it. For eg. It'll test for a blah blah blah Content Management
system even when there never was one.
Cheers
Arvind
On Sat, Jan 3, 2009 at 10:36 PM, Tom Ritter <tom_at_ritter.vg> wrote:
> Based on some googling, and finding similar vulnerabilities [1], it
> seems likely someone was just running a very wide vulnerability scan
> against your server. If you use any pre-built applications like phpBB
> or osCommerce, you should make sure they are up-to-date.
>
> -tom
>
> [1] http://secunia.com/advisories/cve_reference/CVE-2006-7183/
>
> -------------------------------------------------------------------------
> Sponsored by: Watchfire
> Methodologies & Tools for Web Application Security Assessment
> With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!
>
> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
> -------------------------------------------------------------------------
>
>
-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Received on Jan 04 2009
Intro
