[Openvas-commits] r3111 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Thu Apr 16 16:39:17 CEST 2009
Author: chandra
Date: 2009-04-16 16:39:16 +0200 (Thu, 16 Apr 2009)
New Revision: 3111
Added:
trunk/openvas-plugins/scripts/gb_slysoft_prdts_code_exec_vuln.nasl
trunk/openvas-plugins/scripts/gb_slysoft_prdts_detect.nasl
trunk/openvas-plugins/scripts/gb_tikiwiki_xss_vuln.nasl
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/scripts/secpod_ms_wordpad_mult_vuln.nasl
Log:
Added new plugins
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2009-04-16 14:37:27 UTC (rev 3110)
+++ trunk/openvas-plugins/ChangeLog 2009-04-16 14:39:16 UTC (rev 3111)
@@ -1,3 +1,10 @@
+2009-04-16 Chandrashekhar B <bchandra at secpod.com>
+ * scripts/secpod_ms_wordpad_mult_vuln.nasl,
+ scripts/gb_tikiwiki_xss_vuln.nasl,
+ scripts/gb_slysoft_prdts_code_exec_vuln.nasl,
+ scripts/gb_slysoft_prdts_detect.nasl:
+ Added new plugins
+
2009-04-15 Thomas Reinke <reinke at securityspace.com>
* deb_1754_1.nasl deb_1763_1.nasl deb_1764_1.nasl deb_1765_1.nasl
deb_1766_1.nasl deb_1767_1.nasl deb_1768_1.nasl deb_1769_1.nasl
Added: trunk/openvas-plugins/scripts/gb_slysoft_prdts_code_exec_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_slysoft_prdts_code_exec_vuln.nasl 2009-04-16 14:37:27 UTC (rev 3110)
+++ trunk/openvas-plugins/scripts/gb_slysoft_prdts_code_exec_vuln.nasl 2009-04-16 14:39:16 UTC (rev 3111)
@@ -0,0 +1,126 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_slysoft_prdts_code_exec_vuln.nasl 962 2009-03-19 19:16:29Z mar $
+#
+# SlySoft Product(s) Code Execution Vulnerability
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(800392);
+ script_version("$Revision: 1.0 $");
+ script_cve_id("CVE-2009-0824");
+ script_bugtraq_id(34103);
+ script_name(english:"SlySoft Product(s) Code Execution Vulnerability");
+ desc["english"] = "
+
+ Overview: This host is installed with SlySoft Product(s) and are prone
+ to Code Execution Vulnerability.
+
+ Vulnerability Insight:
+ METHOD_NEITHER communication method for IOCTLs does not properly validate
+ a buffer associated with the Irp object of user space data provided to
+ the ElbyCDIO.sys kernel driver.
+
+ Impact:
+ Successful exploitation will let the attacker cause memory corruption and
+ can allow remote code execution in the context of the affected system,
+ which result in service crash.
+
+ Impact Level: System/Application
+
+ Affected Software/OS:
+ SlySoft AnyDVD version prior to 6.5.2.6
+ SlySoft CloneCD version 5.3.1.3 and prior
+ SlySoft CloneDVD version 2.9.2.0 and prior
+ SlySoft Virtual CloneDrive version 5.4.2.3 and prior
+
+ Fix: Upgrade to higher versions accordingly
+ http://www.slysoft.com/en/download.html
+
+ References:
+ http://secunia.com/advisories/34269
+ http://secunia.com/advisories/34289
+ http://secunia.com/advisories/34287
+ http://secunia.com/advisories/34288
+ http://www.securityfocus.com/archive/1/archive/1/501713/100/0/threaded
+
+ CVSS Score:
+ CVSS Base Score : 4.9 (AV:L/AC:L/Au:NR/C:N/I:N/A:C)
+ CVSS Temporal Score : 3.9
+ Risk factor: Medium";
+
+ script_description(english:desc["english"]);
+ script_summary(english:"Check for the version of SlySoft Product(s)");
+ script_category(ACT_GATHER_INFO);
+ script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
+ script_family(english:"Buffer overflow");
+ script_dependencies("gb_slysoft_prdts_detect.nasl");
+ script_require_keys("AnyDVD/Ver", "CloneCD/Ver", "CloneDVD/Ver",
+ "VirtualCloneDrive/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+# Grep the version for AnyDVD prior to 6.5.2.6
+anydvdVer = get_kb_item("AnyDVD/Ver");
+if(anydvdVer)
+{
+ if(version_is_less(version:anydvdVer, test_version:"6.5.2.6"))
+ {
+ security_warning(0);
+ exit(0);
+ }
+}
+
+# Grep the version for CloneCD 5.3.1.3 and prior
+clonecdVer = get_kb_item("CloneCD/Ver");
+if(clonecdVer)
+{
+ if(version_is_less_equal(version:clonecdVer, test_version:"5.3.1.3"))
+ {
+ security_warning(0);
+ exit(0);
+ }
+}
+
+# Grep the version for CloneDVD 2.9.2.0 and prior
+clonedvdVer = get_kb_item("CloneDVD/Ver");
+if(clonedvdVer)
+{
+ if(version_is_less_equal(version:clonedvdVer, test_version:"2.9.2.0"))
+ {
+ security_warning(0);
+ exit(0);
+ }
+}
+
+# Grep the version for Virtual CloneDrive 5.4.2.3 and prior
+vcdVer = get_kb_item("VirtualCloneDrive/Ver");
+if(vcdVer)
+{
+ if(version_is_less_equal(version:vcdVer, test_version:"5.4.2.3")){
+ security_warning(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_slysoft_prdts_code_exec_vuln.nasl
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/openvas-plugins/scripts/gb_slysoft_prdts_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_slysoft_prdts_detect.nasl 2009-04-16 14:37:27 UTC (rev 3110)
+++ trunk/openvas-plugins/scripts/gb_slysoft_prdts_detect.nasl 2009-04-16 14:39:16 UTC (rev 3111)
@@ -0,0 +1,179 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_slysoft_prdts_detect.nasl 962 2009-04-19 16:07:24Z apr $
+#
+# SlySoft Product(s) Version Detection
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(800391);
+ script_version("Revision: 1.0 $");
+ script_name(english:"SlySoft Product(s) Version Detection");
+ desc["english"] = "
+ Overview: This script detects the installed version of SlySoft Product(s)
+ and sets the result in KB.
+
+ Risk factor: Informational";
+
+ script_description(english:desc["english"]);
+ script_summary(english:"Sets the KB for the version of SlySoft Product(s)");
+ script_category(ACT_GATHER_INFO);
+ script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
+ script_family(english:"Service detection");
+ script_dependencies("secpod_reg_enum.nasl");
+ script_require_keys("SMB/WindowsVersion");
+ exit(0);
+}
+
+
+include("smb_nt.inc");
+include("secpod_smb_func.inc");
+
+if(!get_kb_item("SMB/WindowsVersion")){
+ exit(0);
+}
+
+function slysoftGetVer(path)
+{
+ share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:path);
+ file = ereg_replace(pattern:"[A-Za-z]:(.*)", replace:"\1", string:path);
+
+ soc = open_sock_tcp(port);
+ if(!soc){
+ exit(0);
+ }
+
+ r = smb_session_request(soc:soc, remote:name);
+ if(!r){
+ close(soc);
+ exit(0);
+ }
+
+ prot = smb_neg_prot(soc:soc);
+ if(!prot){
+ close(soc);
+ exit(0);
+ }
+
+ r = smb_session_setup(soc:soc, login:login, password:pass, domain:domain,
+ prot:prot);
+ if(!r){
+ close(soc);
+ exit(0);
+ }
+
+ uid = session_extract_uid(reply:r);
+ if(!uid){
+ close(soc);
+ exit(0);
+ }
+
+ r = smb_tconx(soc:soc, name:name, uid:uid, share:share);
+ if(!r){
+ close(soc);
+ exit(0);
+ }
+
+ tid = tconx_extract_tid(reply:r);
+ if(!tid){
+ close(soc);
+ exit(0);
+ }
+
+ fid = OpenAndX(socket:soc, uid:uid, tid:tid, file:file);
+ if(!fid){
+ close(soc);
+ exit(0);
+ }
+
+ slysoftVer = GetVersion(socket:soc, uid:uid, tid:tid, fid:fid, verstr:"prod");
+ if(!slysoftVer){
+ slysoftVer = GetVersion(socket:soc, uid:uid, tid:tid, fid:fid, offset:332560);
+ close(soc);
+ if(!slysoftVer){
+ return NULL;
+ }
+ }
+ close(soc);
+ return slysoftVer;
+}
+
+if(!registry_key_exists(key:"SOFTWARE\SlySoft"))
+{
+ if(!registry_key_exists(key:"SOFTWARE\Elaborate Bytes")){
+ exit(0);
+ }
+}
+
+# Get the Version for AnyDVD
+anydvdPath = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion" +
+ "\App Paths\AnyDVD.exe", item:"Path");
+if(anydvdPath)
+{
+ anydvdVer = slysoftGetVer(path:anydvdPath + "\AnyDVD.exe");
+ if(anydvdVer != NULL){
+ set_kb_item(name:"AnyDVD/Ver", value:anydvdVer);
+ }
+}
+
+# Get the Version for CloneDVD
+clonedvdPath = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion" +
+ "\App Paths\CloneDVD2.exe", item:"Path");
+if(clonedvdPath)
+{
+ dvdVer = slysoftGetVer(path:clonedvdPath + "\CloneDVD2.exe");
+ if(dvdVer != NULL){
+ set_kb_item(name:"CloneDVD/Ver", value:dvdVer);
+ }
+}
+else
+{
+ clonedvdPath = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion" +
+ "\App Paths\CloneDVD.exe", item:"Path");
+ dvdVer = slysoftGetVer(path:clonedvdPath + "\CloneDVD.exe");
+ if(dvdVer != NULL){
+ set_kb_item(name:"CloneDVD/Ver", value:dvdVer);
+ }
+}
+
+# Get the Version for CloneCD
+clonecdPath = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion" +
+ "\App Paths\CloneCD.exe", item:"Path");
+if(clonecdPath)
+{
+ cdVer = slysoftGetVer(path:clonecdPath + "\CloneCD.exe");
+ if(cdVer != NULL){
+ set_kb_item(name:"CloneCD/Ver", value:cdVer);
+ }
+}
+
+# Get the Version for Virtual CloneDrive
+drivePath = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion" +
+ "\App Paths\VCDPrefs.exe", item:"Path");
+if(drivePath)
+{
+ driveVer = slysoftGetVer(path:drivePath + "\VCDPrefs.exe");
+ if(driveVer != NULL){
+ set_kb_item(name:"VirtualCloneDrive/Ver", value:driveVer);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_slysoft_prdts_detect.nasl
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/openvas-plugins/scripts/gb_tikiwiki_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_tikiwiki_xss_vuln.nasl 2009-04-16 14:37:27 UTC (rev 3110)
+++ trunk/openvas-plugins/scripts/gb_tikiwiki_xss_vuln.nasl 2009-04-16 14:39:16 UTC (rev 3111)
@@ -0,0 +1,130 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_tikiwiki_xss_vuln.nasl 1350 2009-04-07 16:18:34Z apr $
+#
+# TikiWiki Multiple Cross Site Scripting Vulnerabilities
+#
+# Authors:
+# Sujit Ghosal <sghosal at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(800266);
+ script_version("$Revision: 1.0 $");
+ script_cve_id("CVE-2009-1204");
+ script_bugtraq_id(34105, 34106, 34107, 34108);
+ script_name(english:"TikiWiki Multiple Cross Site Scripting Vulnerabilities");
+ desc["english"] = "
+
+ Overview:
+ This host is running TikiWiki and is prone to Multiple Cross Site Scripting
+ vulnerabilities.
+
+ Vulnerability Insight:
+ Multiple flaws are due to improper sanitization of user supplied input in
+ the pages i.e. 'tiki-orphan_pages.php', 'tiki-listpages.php',
+ 'tiki-list_file_gallery.php' and 'tiki-galleries.php' which lets the attacker
+ conduct XSS attacks inside the context of the web application.
+
+ Impact:
+ Successful exploitation will allow remote attackers to inject arbitrary HTML
+ codes in the context of the affected web application.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ TikiWiki version 2.2, 2.3 and prior.
+
+ Fix: No solution or patch is available as on 14th April, 2009. Information
+ regarding this issue will be updated once the solution details are available.
+ For more info refer, http://info.tikiwiki.org
+
+ References:
+ http://secunia.com/advisories/34273
+ http://info.tikiwiki.org/tiki-read_article.php?articleId=51
+
+ CVSS Score:
+ CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N)
+ CVSS Temporal Score : 3.9
+ Risk factor: Medium";
+
+ script_description(english:desc["english"]);
+ script_summary(english:"Check for XSS attacks in TikiWiki");
+ script_category(ACT_ATTACK);
+ script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
+ script_family(english:"Web application abuses");
+ script_dependencies("find_service.nes", "http_version.nasl");
+ script_require_ports("Services/www", 80, 8080);
+ exit(0);
+}
+
+
+include("http_func.inc");
+
+httpPort = get_kb_item("Services/www");
+if(!httpPort){
+ exit(0);
+}
+
+if(!safe_checks())
+{
+ foreach dir (make_list("/tiki", "/wiki", "/tikiwiki", cgi_dirs()))
+ {
+ # Multiple XSS attempts
+ sndReq = http_get(item:string(dir, "/tiki-index.php"), port:httpPort);
+ rcvRes = http_send_recv(port:httpPort, data:sndReq);
+ if("Tikiwiki" >< rcvRes)
+ {
+ request = http_get(item:dir + '/tiki-listpages.php/<script>alert("XSS_Check");</script>',
+ port:httpPort);
+ response = http_send_recv(port:httpPort, data:request);
+ if("XSS" >< response && "Check" >< response)
+ {
+ security_warning(httpPort);
+ exit(0);
+ }
+ request = http_get(item:dir + '/tiki-galleries.php/<script>alert("XSS_Check");</script>',
+ port:httpPort);
+ response = http_send_recv(port:httpPort, data:request);
+ if("XSS" >< response && "Check" >< response)
+ {
+ security_warning(httpPort);
+ exit(0);
+ }
+ request = http_get(item:dir + '/tiki-orphan_pages.php/<script>alert("XSS_Check");</script>',
+ port:httpPort);
+ response = http_send_recv(port:httpPort, data:request);
+ if("XSS" >< response && "Check" >< response)
+ {
+ security_warning(httpPort);
+ exit(0);
+ }
+ request = http_get(item:dir + '/tiki-list_file_gallery.php/<script>alert("XSS_Check");</script>',
+ port:httpPort);
+ response = http_send_recv(port:httpPort, data:request);
+ if("XSS" >< response && "Check" >< response)
+ {
+ security_warning(httpPort);
+ exit(0);
+ }
+ exit(0);
+ }
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_tikiwiki_xss_vuln.nasl
___________________________________________________________________
Name: svn:executable
+ *
Modified: trunk/openvas-plugins/scripts/secpod_ms_wordpad_mult_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms_wordpad_mult_vuln.nasl 2009-04-16 14:37:27 UTC (rev 3110)
+++ trunk/openvas-plugins/scripts/secpod_ms_wordpad_mult_vuln.nasl 2009-04-16 14:39:16 UTC (rev 3111)
@@ -75,9 +75,9 @@
script_category(ACT_GATHER_INFO);
script_copyright(english:"Copyright (C) 2009 SecPod");
script_family(english:"Windows : Microsoft Bulletins");
- script_dependencies("secpod_reg_enum.nasl", "secpod_ms_office_detection_900025.nasl",
+ script_dependencies("secpod_ms_office_detection_900025.nasl",
"secpod_office_products_version_900032.nasl");
- script_require_keys("SMB/WindowsVersion", "SMB/Office/Word/Version");
+ script_require_keys("SMB/Office/Word/Version");
exit(0);
}
@@ -91,15 +91,15 @@
exit(0);
}
-dllPath = registry_get_sz(key:"SOFTWARE\Microsoft\Shared Tools Location",
- item:"TEXTCONV");
+dllPath = registry_get_sz(key:"SOFTWARE\Microsoft\Shared Tools",
+ item:"SharedFilesDir");
if(!dllPath){
exit(0);
}
- share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:dllPath);
- file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1",
- string:dllPath + "\MSCONV97.DLL");
+share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:dllPath);
+file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1",
+ string:dllPath + "TextConv\MSCONV97.DLL");
dllVer = GetVer(file:file, share:share);
@@ -109,54 +109,73 @@
{
if(dllVer)
{
- # Check for Hotfix 921606 (Office 2K) or 933399 (Office XP).
- if(hotfix_missing(name:"921606") == 1 || hotfix_missing(name:"933399") == 1)
+ # Check for Hotfix 921606 (Office 2K) or 933399 (Office XP).
+ if(hotfix_missing(name:"921606") == 1 || hotfix_missing(name:"933399") == 1)
+ {
+ if(version_is_less(version:dllVer, test_version:"2003.1100.8202.0"))
{
- if(version_is_less(version:dllVer, test_version:"2003.1100.8202.0"))
- {
- security_hole(0);
- exit(0);
- }
+ security_hole(0);
+ exit(0);
}
+ }
}
}
-# Patch check for WordPad
+# Patch check for WordPad
if(registry_key_exists(key:"SOFTWARE\Microsoft\Windows\CurrentVersion" +
"\App Paths\WORDPAD.EXE"))
{
key = "SOFTWARE\Microsoft\Shared Tools\MSWord8\Clients";
foreach item (registry_enum_values(key:key))
- {
+ {
if("wordpad" >< item)
{
- # Check for Wordpad Hotfix 923561 (MS09-010).
- if(hotfix_missing(name:"923561") == 0){
- exit(0);
- }
+ # Check for Wordpad Hotfix 923561 (MS09-010)
+ if(hotfix_missing(name:"923561") == 1)
+ {
+ share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:item);
+ file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:item);
- share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:item);
- file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:item);
-
- wpVer = GetVer(file:file, share:share);
- if(wpVer != NULL)
- {
- if(hotfix_check_sp(win2k:5) > 0) # Check <= 2K SP4
+ wpVer = GetVer(file:file, share:share);
+ if(wpVer != NULL)
{
- if(version_is_less(version:wpVer, test_version:"5.0.2195.7155")){
- security_hole(0);
+ if(hotfix_check_sp(win2k:5) > 0)
+ {
+ if(version_is_less(version:wpVer, test_version:"5.0.2195.7155")){
+ security_hole(0);
+ }
}
- }
- else if(hotfix_check_sp(xp:3) > 0) # Check < XP SP3
- {
- if(version_is_less(version:wpVer, test_version:"5.1.2600.5584")){
- security_hole(0);
+ else if(hotfix_check_sp(xp:4) > 0)
+ {
+ SP = get_kb_item("SMB/WinXP/ServicePack");
+ if("Service Pack 2" >< SP)
+ {
+ if(version_is_less(version:wpVer, test_version:"5.1.2600.3355")){
+ security_hole(0);
+ }
+ }
+ else if("Service Pack 3" >< SP)
+ {
+ if(version_is_less(version:wpVer, test_version:"5.1.2600.5584")){
+ security_hole(0);
+ }
+ }
}
- }
- else if(hotfix_check_sp(win2003:3) > 0) # Check <= SP2
- {
- if(version_is_less(version:wpVer, test_version:"5.2.3790.4282")){
- security_hole(0);
+ else if(hotfix_check_sp(win2003:3) > 0)
+ {
+ SP = get_kb_item("SMB/Win2003/ServicePack");
+ if("Service Pack 1" >< SP)
+ {
+ if(version_is_less(version:wpVer, test_version:"5.2.3790.3129")){
+ security_hole(0);
+ }
+ }
+ else if("Service Pack 2" >< SP)
+ {
+ if(version_is_less(version:wpVer, test_version:"5.2.3790.4282")){
+ security_hole(0);
+ }
+ }
}
}
}
@@ -175,7 +194,7 @@
exit(0);
}
- # Check for Office Converter Hotfix 960476 (MS09-010).
+ # Check for Office Converter Hotfix 960476 (MS09-010)
if(hotfix_missing(name:"960476") == 0){
exit(0);
}
More information about the Openvas-commits
mailing list