Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Apache killer 3192

From: Henri Doreau <henri.doreau () greenbone net>
Date: Mon, 12 Sep 2011 19:46:07 +0200
2011/9/12 Adrian Coelho <adrian.coelho () gmail com>:

This is the response for a 443 session for script
http://nmap.org/svn/scripts/http-vuln-cve2011-3192.nse

*NSE: Starting runlevel 1 (of 1) scan.
NSE: Starting http-vuln-cve2011-3192 against x.x.x.x:443.
NSE: Script scanning x.x.x.x
Initiating NSE at 18:21
NSE: Setting the request path to '/' since 'http-vuln-cve2011-3192.path'
argument is missing.
NSE: http-vuln-cve2011-3192: Functionality check HEAD request failed for
x.x.x.x (with path '/').
NSE: Finished http-vuln-cve2011-3192 against x.x.x.x:443.
Completed NSE at 18:21, 0.18s elapsed
Host is up, received user-set (0.089s latency).
Scanned at 2011-09-12 18:21:33 BST for 1s
PORT    STATE SERVICE REASON
443/tcp open  https   syn-ack
Final times for host: srtt: 89171 rttvar: 89171  to: 445855*


I can't trigger any problem with the script. Is your server configured
to accept HEAD requests on port 443?
Which version of nmap are you running (nmap -V)?


Regards.

-- 
Henri
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: