> I believe they are false positives. I am just searching for "proof" to
> provide to person running sans.
>
If it were really testing for the vulnerabilities it would have to be
presenting requests that exploit them and checking the the desired
outcome (for example that it can crash the httpd process). You could
look for evidence of such activity using tcpdump, and also in the httpd
access logs.
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
No comments:
Post a Comment