Hi
I've seen the Caucho Resin status page accessible on
/server-status and
changed plugin 11930 (resin_server_status.nasl) to also
check this location.
When running Apache with mod_caucho any location handled by
the
"caucho-status" handler can display the page, so
it might be worth
checking all detected files when thorough checks is enabled.
I don't
know if the location is configurable in other setups (e.g.
Resin on
IIS): It looks like it isn't, so checks for locations other
than
'/caucho-status' could be conditional on the web server
being Apache.
http://wiki.caucho.com/Apache#Configure_Apache_httpd.co
nf
http://wiki.caucho.com/HowTo_enable_/caucho-status_for
_IIS
The status page I saw (Resin 2.1.6) also didn't contain
"%cpu/thread" so
I removed that check. I think "<title>Status :
Caucho Servlet Engine"
should be sufficient.
Regards
--
Simon Ward
Operations Security Specialist, Westpoint Ltd
Albion Wharf, 19 Albion Street, Manchester M1 5LN, United
Kingdom
Web: www.westpoint.ltd.uk
Tel: +44-161-2371028
_______________________________________________
Plugins-writers mailing list
Plugins-writers list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers
|
