False positive in 2016/sw_scm_files_accessible.nasl

2016/sw_scm_files_accessible.nasl looks for files on web servers that should not be available. In its table of targets to search for, it has this entry:

"/.hg/branch", "^default",

Unfortunately, when it scans a particular NAS, it finds this javascript snippet in the resulting 404 page:

case 'create_raid':

This results in a false positive.

Thanks for your report.

The mentioned VT should already check for a 200 response to avoid false reports on 404 and similar status codes (check_header:TRUE in the called http_vuln_check function). Could it be possible that this response is 200 and not 404 as assumed?

Nevertheless from the above the ^default is indeed a little bit too loose so this will be updated to use a line ending anchor $ to make it more strict.

Those changes should end up in the feed in the next few days.

1 Like