[Nikto-discuss] help with nikto output results

Sullo csullo at gmail.com
Sat Jun 2 08:11:48 CDT 2012


These tests are likely just looking for a 200 OK response, so the web
server's configuration is causing it to return a 200--thus the false
positive.

On Fri, Jun 1, 2012 at 10:36 AM, Matt ~ <aereal at gmail.com> wrote:
> Maybe the responses from accessing a /scgi-bin/* folder, whether or not
> exists are completely different from any other 404.
>
> On Fri, Jun 1, 2012 at 5:50 AM, Jeff Cheng <iungltd at yahoo.com> wrote:
>>
>> hello
>> can anyone help me with this: i use nikto to scan my site, and the output
>> result show a lot of files that does not exist on my server, below are some
>> of them:
>>  i don't even have a scgi-bin folder.
>>
>> + OSVDB-11740: /scgi-bin/foxweb.dll: Foxweb 2.5 and below is vulnerable to
>> a buffer overflow (not tested or confirmed). Verify Foxweb is the latest
>> available version.
>> + OSVDB-11741: /scgi-bin/foxweb.exe: Foxweb 2.5 and below is vulnerable to
>> a buffer overflow (not tested or confirmed). Verify Foxweb is the latest
>> available version.
>> + /scgi-bin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is
>> vulnerable to multiple buffer overflows. Upgrade to 9.x.
>> + OSVDB-3093: /scgi-bin/pollssi.cgi: This might be interesting... has been
>> seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/postcards.cgi: This might be interesting... has
>> been seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/profile.cgi: This might be interesting... has been
>> seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/quikstore.cfg: This might be interesting... has
>> been seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/register.cgi: This might be interesting... has
>> been seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/replicator/webpage.cgi/: This might be
>> interesting... has been seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/rightfax/fuwww.dll/?: This might be interesting...
>> has been seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/rmp_query: This might be interesting... has been
>> seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/robpoll.cgi: This might be interesting... has been
>> seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/scripts/*%0a.pl: This might be interesting... has
>> been seen in web logs from an unknown scanner.
>> + OSVDB-3093: /scgi-bin/simplestguest.cgi: This might be interesting...
>> has been seen in web logs from an unknown scanner.
>>
>> thanks!!!
>>
>> _______________________________________________
>> Nikto-discuss mailing list
>> Nikto-discuss at attrition.org
>> https://attrition.org/mailman/listinfo/nikto-discuss
>>
>
>
>
> --
> Atte:
> Matías Aereal Aeón
>
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>



-- 

http://www.cirt.net     |      http://richsec.com/


More information about the Nikto-discuss mailing list