When performing CGI scans, Tenable recommends several strategies:
- By default, Nessus will only mirror 200 pages for a scanned site. If your site has more pages than this, you should increase this value to a relative amount.
- Plugin #29871 is dependent on the webmirror.nasl script so this plugin (#10662) should either be enabled, or the test should be performed with dependencies enabled at runtime.
- If you are scanning web servers that run on ports other than 80 or 443, be sure to include these in your scan policy.
Tenable also introduced a plugin for the Passive Vulnerability Scanner (#4334), which also detects web sites that are hosting this type of content based purely on traffic analysis.
Plugin #29871 is currently available to Nessus Direct Feed and Security Center users.
Are You Vulnerable to the Latest Exploits?
Enter your email to receive the latest cyber exposure alerts in your inbox.