Detections
Analytics
CGI Generic Tests Timeout
info Nessus Plugin ID 39470
Synopsis
Some generic CGI attacks ran out of time.Description
Some generic CGI tests ran out of time during the scan. The results may be incomplete.Solution
Consider increasing the 'maximum run time (minutes)' preference for the 'Web Applications Settings' in order to prevent the CGI scanning from timing out. Less ambitious options could also be used, such as :- Test more that one parameter at a time per form :
'Test all combinations of parameters' is much slower than 'Test random pairs of parameters' or 'Test all pairs of parameters (slow)'.
- 'Stop after one flaw is found per web server (fastest)' under 'Do not stop after the first flaw is found per web page' is quicker than 'Look for all flaws (slowest)'.
- In the Settings/Advanced menu, try reducing the value for 'Max number of concurrent TCP sessions per host' or 'Max simultaneous checks per host'.
Plugin Details
Severity: Info
ID: 39470
File Name: torture_cgi_timeout.nasl
Version: 1.15
Type: summary
Family: CGI abuses
Published: 6/19/2009
Updated: 1/19/2021
Supported Sensors: Nessus
Vulnerability Information
Required KB Items: Settings/enable_web_app_tests