[Openvas-discuss] NVT: Too long options parameter OID: 1.3.6.1.4.1.25623.1.0.11235

Goeber, Daniel daniel.goeber at logica.com
Thu Sep 29 09:52:42 CEST 2011


Hi Micha,

the web server is running stable, and I didn't set safe-checks to "no". I just modified openvassd.conf (safe_checks = no) and now I am not getting any high critical threats now :) - so that scan looks like my others I previously did on that system, which just had the expected medium/low threats.
     
I guess for future security issues that show up all over sudden in my reports it's recommended do this then first again before getting headaches, right?

Thank you!

Cheers,
Daniel  

-----Ursprüngliche Nachricht-----
Von: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] Im Auftrag von Michael Meyer
Gesendet: Mittwoch, 28. September 2011 15:44
An: openvas-discuss at wald.intevation.org
Betreff: Re: [Openvas-discuss] NVT: Too long options parameter OID: 1.3.6.1.4.1.25623.1.0.11235

*** Goeber, Daniel <daniel.goeber at logica.com> wrote:

> OpenVAS found this critical threat - but strangely it only appears
> sometimes. 
> 
> NVT: Too long options parameter OID: 1.3.6.1.4.1.25623.1.0.11235
> 
> Any idea?! I'm getting concerned about this, the scanned target is a
> domino server.

Did the web server crash (sometimes)? At http://pastebin.com/XpjJV12p
you could see the request send by www_too_long_options.nasl.

Is it intentional, that you have disabled "safe checks'?

Micha

-- 
Michael Meyer                            OpenPGP Key: 52A6EFA6
http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss at wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss


Think green - keep it on the screen.

This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.





More information about the Openvas-discuss mailing list