[Openvas-commits] r1569 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Mon Oct 20 00:31:47 CEST 2008
Author: ckm
Date: 2008-10-20 00:31:46 +0200 (Mon, 20 Oct 2008)
New Revision: 1569
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/scripts/gb_vlc_media_player_mem_crptn_vuln_lin.nasl
trunk/openvas-plugins/scripts/version_func.inc
Log:
* scripts/gb_vlc_media_player_mem_crptn_vuln_lin.nasl, changed
ver_pattern.
* scripts/version_func.inc, enhanced version_test
if testing number/char mixed version strings.
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2008-10-17 12:35:03 UTC (rev 1568)
+++ trunk/openvas-plugins/ChangeLog 2008-10-19 22:31:46 UTC (rev 1569)
@@ -1,3 +1,10 @@
+2008-10-19 Carsten Koch-Mauthe <c.koch-mauthe at dn-systems.de>.
+
+ * scripts/gb_vlc_media_player_mem_crptn_vuln_lin.nasl, changed
+ ver_pattern.
+ * scripts/version_func.inc, enhanced version_test
+ if testing number/char mixed version strings.
+
2008-10-17 Chandrashekhar B <bchandra at secpod.com>
* scripts/gb_firefox_url_file_info_dis_vuln.nasl,
scripts/gb_dovecot_mult_sec_bypass_vuln.nasl,
Modified: trunk/openvas-plugins/scripts/gb_vlc_media_player_mem_crptn_vuln_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_vlc_media_player_mem_crptn_vuln_lin.nasl 2008-10-17 12:35:03 UTC (rev 1568)
+++ trunk/openvas-plugins/scripts/gb_vlc_media_player_mem_crptn_vuln_lin.nasl 2008-10-19 22:31:46 UTC (rev 1569)
@@ -84,7 +84,7 @@
foreach binPath (vlcBinPath)
{
vlcVer = get_bin_version(full_prog_name:chomp(binPath), version_argv:"--version",
- ver_pattern:"VLC version ([0-9.]+[a-z]?)", sock:sock);
+ ver_pattern:"ersion ([0-9.]+[a-z]?)", sock:sock);
if(vlcVer)
{
# Check for VLC Media Player Version <= 0.9.2
Modified: trunk/openvas-plugins/scripts/version_func.inc
===================================================================
--- trunk/openvas-plugins/scripts/version_func.inc 2008-10-17 12:35:03 UTC (rev 1568)
+++ trunk/openvas-plugins/scripts/version_func.inc 2008-10-19 22:31:46 UTC (rev 1569)
@@ -147,24 +147,24 @@
r = eregmatch(pattern:"([0-9]+)", string:test_ary[i]);
s = eregmatch(pattern:"([A-Za-z])", string:test_ary[i]);
if(isnull(s) ) {
- test_ary[i] = int(r[0]);
+ test_ary[i] = int(r[0]) * 128; # Changed to * 128 so if a char follows a number the number is more significant
char_found = FALSE;
} else {
- test_ary[i] = int(r[0]) + ord(s[0]);
+ test_ary[i] = (int(r[0]) * 128) + ord(s[0]);
char_found = TRUE;
}
r = eregmatch(pattern:"([0-9]+)", string:ver_ary[i]);
s = eregmatch(pattern:"([A-Za-z])", string:ver_ary[i]);
if(isnull(s) ) {
- ver_ary[i] = int(r[0]);
+ ver_ary[i] = int(r[0]) * 128;
} else if(char_found) {
- ver_ary[i] = int(r[0]) + ord(s[0]);
+ ver_ary[i] = (int(r[0]) * 128) + ord(s[0]);
} else {
if(isnull(r) ) {
ver_ary[i] = ord(s[0]);
} else {
if(! less) return (0); # If char found in test_version and no char in version it is not equal
- ver_ary[i] = int(r[0]); # No chars if test_version has no chars on this position else 1.1.1a is > 1.1.2
+ ver_ary[i] = int(r[0]) * 128; # No chars if test_version has no chars on this position else 1.1.1a is > 1.1.2
}
}
if(less) {
More information about the Openvas-commits
mailing list