|Main Archive Page > Month Archives > full-disclosure-uk archives|
-----BEGIN PGP SIGNED MESSAGE-----
Well, this scanner managed to find a couple of low level vulnerabilities on my site which were missed by both Nikto and Nessus.
Two directories allowed a directory listing and a test.php file I created, an information disclosure vulnerability, was also detected. My dumb ass forgot to delete this "test.php" file after I finished testing the server.
Possible sensitive directories were also listed, however browsing to these directories returned 403 errors, blank pages or a wordpress logon prompt, which is what I expected.
So all in all this scanner seems to do it's job well. At least for a LAMP server running wordpress
Of course I have addressed the vulnerabilities reported.
My command of the Chinese language is limited to zero, so I cannot understand the pdf report emailed to me nor the information within the web based report. Hopefully the developers will address this language problem.
-----END PGP SIGNATURE-----