Nikto v1.21 scan_database.db lotus notes additions and unicode/double decode fix

From: fr0stman (
Date: 11/29/02

  • Next message: Ozan Gonenc: "RE: Terminal Server brute force"
    From: fr0stman <>
    Date: Fri, 29 Nov 2002 11:59:31 -0500

    Happy Thanksgiving All,

    Here's an updated scan_database.db for nikto 1.21 with Lotus Notes additions
    from David Barnett as well as fixing Unicode/Double Decode bug of a single \
    in cmd.exe?/c+dir+c:\" causing the check not to be performed. This has been
    changed to cmd.exe?/c+dir" instead and looking for <DIR> in the HTTP
    response. Added all default executable directories into the checks as well.

    To install the update:

    1. perl -update to get the latest updates. **Warning** Don't do this
    after installing the attached scan_database.db until this update is
    incorporated by

    2. Now since you are at the latest update overwrite the scan_database.db in
    your /nikto/plugins/ directory with the attached one.

    3. Enjoy. :)

    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see: