[Openvas-commits] r6038 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Wed Dec 2 17:31:13 CET 2009


Author: mime
Date: 2009-12-02 17:30:58 +0100 (Wed, 02 Dec 2009)
New Revision: 6038

Added:
   trunk/openvas-plugins/scripts/ISPworker_26277.nasl
   trunk/openvas-plugins/scripts/simple_machines_forum_37182.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/cve_current.txt
   trunk/openvas-plugins/scripts/gb_adobe_robohelp_server_detect.nasl
   trunk/openvas-plugins/scripts/gb_adobe_robohelp_server_unspecified_vuln.nasl
   trunk/openvas-plugins/scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl
   trunk/openvas-plugins/scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl
   trunk/openvas-plugins/scripts/gb_dotnetnuke_auth_bypass_vuln.nasl
   trunk/openvas-plugins/scripts/gb_dotnetnuke_detect.nasl
   trunk/openvas-plugins/scripts/gb_dotnetnuke_installwizard_info_disc_vuln.nasl
   trunk/openvas-plugins/scripts/gb_dotnetnuke_skin_sec_bypass_vuln.nasl
   trunk/openvas-plugins/scripts/gb_firefox_data_uri_xss_vuln_sep09_lin.nasl
   trunk/openvas-plugins/scripts/gb_firefox_detect_lin.nasl
   trunk/openvas-plugins/scripts/gb_flock_detect_lin.nasl
   trunk/openvas-plugins/scripts/gb_flock_detect_win.nasl
   trunk/openvas-plugins/scripts/gb_google_chrome_js_uri_xss_vuln_sep09.nasl
   trunk/openvas-plugins/scripts/gb_ibm_db2mc_detect.nasl
   trunk/openvas-plugins/scripts/gb_ibm_db2mc_mult_unspecified_vuln.nasl
   trunk/openvas-plugins/scripts/gb_icq_toolbar_actvx_ctrl_dos_vuln.nasl
   trunk/openvas-plugins/scripts/gb_icq_toolbar_detect.nasl
   trunk/openvas-plugins/scripts/gb_ikiwiki_detect.nasl
   trunk/openvas-plugins/scripts/gb_k-meleon_detect.nasl
   trunk/openvas-plugins/scripts/gb_lunascape_detect.nasl
   trunk/openvas-plugins/scripts/gb_maxthon_detect.nasl
   trunk/openvas-plugins/scripts/gb_mozilla_detect_win.nasl
   trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl
   trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl
   trunk/openvas-plugins/scripts/gb_ms_win2k3_dos_vuln_sep09.nasl
   trunk/openvas-plugins/scripts/gb_netrisk_detect.nasl
   trunk/openvas-plugins/scripts/gb_netrisk_sec_bypass_vuln.nasl
   trunk/openvas-plugins/scripts/gb_openoffice_word_bof_vuln_lin.nasl
   trunk/openvas-plugins/scripts/gb_openoffice_word_bof_vuln_win.nasl
   trunk/openvas-plugins/scripts/gb_openpro_detect.nasl
   trunk/openvas-plugins/scripts/gb_openpro_file_inc_vuln.nasl
   trunk/openvas-plugins/scripts/gb_opera_js_uri_xss_vuln_sep09_lin.nasl
   trunk/openvas-plugins/scripts/gb_opera_js_uri_xss_vuln_sep09_win.nasl
   trunk/openvas-plugins/scripts/gb_opera_mult_url_spoof_vuln_sep09_lin.nasl
   trunk/openvas-plugins/scripts/gb_opera_mult_url_spoof_vuln_sep09_win.nasl
   trunk/openvas-plugins/scripts/gb_orca_browser_detect.nasl
   trunk/openvas-plugins/scripts/gb_qtweb_detect.nasl
   trunk/openvas-plugins/scripts/gb_sinecms_detect.nasl
   trunk/openvas-plugins/scripts/gb_sinecms_file_incl_vuln.nasl
   trunk/openvas-plugins/scripts/ms_telnet_overflow.nasl
   trunk/openvas-plugins/scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_firefox_document_location_dos_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_aug09.nasl
   trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl
   trunk/openvas-plugins/scripts/secpod_ms09-046.nasl
   trunk/openvas-plugins/scripts/secpod_ms09-047.nasl
   trunk/openvas-plugins/scripts/secpod_ms09-048.nasl
   trunk/openvas-plugins/scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_php_sec_bypass_vuln_aug09.nasl
   trunk/openvas-plugins/scripts/secpod_projectbutler_file_inc_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_squirrelmail_csrf_vuln.nasl
   trunk/openvas-plugins/scripts/showmount.nasl
   trunk/openvas-plugins/scripts/yahoo_msg_running.nasl
Log:
Added new plugins. Removed unnecessary log messages

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/ChangeLog	2009-12-02 16:30:58 UTC (rev 6038)
@@ -1,3 +1,65 @@
+2009-12-02 Michael Wiegand <michael.wiegand at intevation.de>
+
+	* scripts/simple_machines_forum_37182.nasl,
+	scripts/ISPworker_26277.nasl:
+	Added new plugins.
+
+	* scripts/gb_flock_detect_win.nasl,
+	scripts/secpod_php_sec_bypass_vuln_aug09.nasl,
+	scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl,
+	scripts/gb_k-meleon_detect.nasl,
+	scripts/ms_telnet_overflow.nasl,
+	scripts/gb_google_chrome_js_uri_xss_vuln_sep09.nasl,
+	scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl,
+	scripts/gb_adobe_robohelp_server_detect.nasl,
+	scripts/gb_opera_js_uri_xss_vuln_sep09_lin.nasl,
+	scripts/gb_openpro_file_inc_vuln.nasl,
+	scripts/secpod_google_chrome_mult_vuln_aug09.nasl,
+	scripts/secpod_ms09-046.nasl,
+	scripts/gb_dotnetnuke_skin_sec_bypass_vuln.nasl,
+	scripts/gb_maxthon_detect.nasl,
+	scripts/gb_mozilla_detect_win.nasl,
+	scripts/gb_opera_mult_url_spoof_vuln_sep09_lin.nasl,
+	scripts/gb_adobe_robohelp_server_unspecified_vuln.nasl,
+	scripts/gb_ibm_db2mc_mult_unspecified_vuln.nasl,
+	scripts/gb_sinecms_detect.nasl,
+	scripts/gb_firefox_detect_lin.nasl,
+	scripts/gb_openoffice_word_bof_vuln_lin.nasl,
+	scripts/gb_netrisk_sec_bypass_vuln.nasl,
+	scripts/gb_openpro_detect.nasl,
+	scripts/gb_ikiwiki_detect.nasl,
+	scripts/secpod_squirrelmail_csrf_vuln.nasl,
+	scripts/gb_flock_detect_lin.nasl,
+	scripts/gb_firefox_data_uri_xss_vuln_sep09_lin.nasl,
+	scripts/gb_icq_toolbar_detect.nasl,
+	scripts/gb_dotnetnuke_installwizard_info_disc_vuln.nasl,
+	scripts/secpod_ms09-048.nasl,
+	scripts/gb_orca_browser_detect.nasl,
+	scripts/gb_ibm_db2mc_detect.nasl,
+	scripts/gb_dotnetnuke_detect.nasl,
+	scripts/gb_netrisk_detect.nasl,
+	scripts/secpod_firefox_document_location_dos_vuln.nasl,
+	scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl,
+	scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl,
+	scripts/gb_ms_win2k3_dos_vuln_sep09.nasl,
+	scripts/yahoo_msg_running.nasl,
+	scripts/gb_dotnetnuke_auth_bypass_vuln.nasl,
+	scripts/secpod_kvirc_detect_win.nasl,
+	scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl,
+	scripts/secpod_projectbutler_file_inc_vuln.nasl,
+	scripts/gb_opera_js_uri_xss_vuln_sep09_win.nasl,
+	scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl,
+	scripts/gb_sinecms_file_incl_vuln.nasl,
+	scripts/gb_opera_mult_url_spoof_vuln_sep09_win.nasl,
+	scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl,
+	scripts/secpod_ms09-047.nasl,
+	scripts/gb_lunascape_detect.nasl,
+	scripts/gb_icq_toolbar_actvx_ctrl_dos_vuln.nasl,
+	scripts/showmount.nasl,
+	scripts/gb_openoffice_word_bof_vuln_win.nasl,
+	scripts/gb_qtweb_detect.nasl:
+	Removed	unnecessary log messages.
+
 2009-12-02  Chandrashekhar B <bchandra at secpod.com>
 
 	* scripts/gb_typsoft_ftp_server_dos_vuln.nasl,

Modified: trunk/openvas-plugins/cve_current.txt
===================================================================
--- trunk/openvas-plugins/cve_current.txt	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/cve_current.txt	2009-12-02 16:30:58 UTC (rev 6038)
@@ -326,3 +326,4 @@
 CVE-2009-4110			SecPod		svn		R
 CVE-2009-4105			SecPod		svn		R
 CVE-2009-4108			SecPod		svn		R
+37182				Greenbone	svn		R

Added: trunk/openvas-plugins/scripts/ISPworker_26277.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ISPworker_26277.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/ISPworker_26277.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -0,0 +1,100 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# ISPworker Download.PHP Multiple Directory Traversal Vulnerabilities
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100370);
+ script_bugtraq_id(26277);
+ script_cve_id("CVE-2007-5813");
+ script_version ("1.0-$Revision$");
+
+ script_name("ISPworker Download.PHP Multiple Directory Traversal Vulnerabilities");
+
+desc = "Overview:
+ISPworker is prone to multiple directory-traversal vulnerabilities
+because it fails to sufficiently sanitize user-supplied input.
+
+Exploiting these issues may allow an attacker to obtain sensitive
+information that could aid in further attacks.
+
+These issues affect ISPworker 1.21 and 1.23; other versions may also
+be affected.
+
+References:
+http://www.securityfocus.com/bid/26277
+http://www.ispware.de/ispworker/index.php
+
+Risk factor : Medium";
+
+ script_description(desc);
+ script_summary("Determine if ISPworker is prone to multiple directory-traversal vulnerabilities");
+ script_category(ACT_GATHER_INFO);
+ script_family("Web application abuses");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("find_service.nes", "http_version.nasl");
+ script_require_ports("Services/www", 80);
+ script_exclude_keys("Settings/disable_cgi_scanning");
+ exit(0);
+}
+
+include("http_func.inc");
+include("http_keepalive.inc");
+include("global_settings.inc");
+   
+port = get_http_port(default:80);
+
+if(!get_port_state(port))exit(0);
+
+if(!can_host_php(port:port))exit(0);
+
+dirs = make_list("/ispworker",cgi_dirs());
+
+foreach dir (dirs) {
+   
+  url = string(dir, "/module/biz/index.php"); 
+  req = http_get(item:url, port:port);
+  buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE);  
+  if( buf == NULL )continue;
+
+  if(egrep(pattern: "Login - ISPworker", string: buf, icase: TRUE) &&
+     egrep(pattern: "start_authentication", string: buf, icase: TRUE)) {
+    
+      url = string(dir,"/module/ticket/download.php?ticketid=../../../../../../../../../etc/passwd%00");
+      req = http_get(item:url, port:port);
+      buf = http_keepalive_send_recv(port:port, data:req,bodyonly:FALSE);
+      if( buf == NULL )exit(0);
+
+      if(egrep(pattern: "root:.*:0:[01]:.*", string: buf, icase: TRUE)) {
+
+        security_warning(port:port);
+        exit(0);
+
+      }
+  }
+}
+
+exit(0);
+


Property changes on: trunk/openvas-plugins/scripts/ISPworker_26277.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Modified: trunk/openvas-plugins/scripts/gb_adobe_robohelp_server_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_adobe_robohelp_server_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_adobe_robohelp_server_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -55,7 +55,6 @@
 
 if(!get_port_state(robohelpPort))
 {
-  log_message(data:"gb_adobe_robohelp_server_detect.nasl: Required HTTP port is not open.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_adobe_robohelp_server_unspecified_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_adobe_robohelp_server_unspecified_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_adobe_robohelp_server_unspecified_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -81,7 +81,6 @@
 robohelpPort = get_http_port(default:8080);
 if(!robohelpPort)
 {
-  log_message(data:"gb_adobe_robohelp_server_unspecified_vuln.nasl: Required HTTP port is not open.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -76,7 +76,6 @@
 safariVer = get_kb_item("AppleSafari/Version");
 if(isnull(safariVer))
 {
-  log_message(data:"gb_apple_safari_js_uri_xss_vuln_sep09.nasl:Exit due to NULL value return from KB for Apple Safari");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -76,7 +76,6 @@
 
 abVer = get_kb_item("AvantBrowser/Ver");
 if(!abVer){
-  log_message(data:"gb_avant_browser_addr_bar_spoofing_vuln.nasl:Avant Browser is not installed");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_dotnetnuke_auth_bypass_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_dotnetnuke_auth_bypass_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_dotnetnuke_auth_bypass_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -76,14 +76,11 @@
 
 dnnPort = get_http_port(default:80);
 if(!dnnPort){
-  log_message(data:"gb_dotnetnuke_auth_bypass_vuln.nasl: Required port is not open.");
   exit(0);
 }
 
 dnnVer = get_kb_item("www/" + dnnPort + "/DotNetNuke");
 if(!dnnVer){
-  log_message(data:"gb_dotnetnuke_auth_bypass_vuln.nasl:
-                            DotNetNuke is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_dotnetnuke_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_dotnetnuke_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_dotnetnuke_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -54,7 +54,6 @@
 }
 
 if(!get_port_state(dnnPort)){
-  log_message(data:"gb_dotnetnuke_detect.nasl: Required port is not open.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_dotnetnuke_installwizard_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_dotnetnuke_installwizard_info_disc_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_dotnetnuke_installwizard_info_disc_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -76,15 +76,11 @@
 
 dnnPort = get_http_port(default:80);
 if(!dnnPort){
-  log_message(data:"gb_dotnetnuke_installwizard_info_disc_vuln.nasl:
-                                               Required port is not open.");
   exit(0);
 }
 
 dnnVer = get_kb_item("www/" + dnnPort + "/DotNetNuke");
 if(!dnnVer){
-  log_message(data:"gb_dotnetnuke_installwizard_info_disc_vuln.nasl:
-                                        DotNetNuke is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_dotnetnuke_skin_sec_bypass_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_dotnetnuke_skin_sec_bypass_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_dotnetnuke_skin_sec_bypass_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -76,15 +76,11 @@
 
 dnnPort = get_http_port(default:80);
 if(!dnnPort){
-  log_message(data:"gb_dotnetnuke_skin_sec_bypass_vuln.nasl:
-                                       Required port is not open.");
   exit(0);
 }
 
 dnnVer = get_kb_item("www/" + dnnPort + "/DotNetNuke");
 if(!dnnVer){
-  log_message(data:"gb_dotnetnuke_skin_sec_bypass_vuln.nasl:
-                           DotNetNuke is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_firefox_data_uri_xss_vuln_sep09_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_firefox_data_uri_xss_vuln_sep09_lin.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_firefox_data_uri_xss_vuln_sep09_lin.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -82,7 +82,6 @@
 
 if(!ffVer)
 {
-  log_message(data:"gb_firefox_data_uri_xss_vuln_sep09_lin.nasl: Firefox is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_firefox_detect_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_firefox_detect_lin.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_firefox_detect_lin.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -54,7 +54,6 @@
 fox_sock = ssh_login_or_reuse_connection();
 if(!fox_sock)
 {
-  log_message(data:"gb_firefox_detect_lin.nasl:Unable to login through SSH.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_flock_detect_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_flock_detect_lin.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_flock_detect_lin.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -49,7 +49,6 @@
 
 f_soc = ssh_login_or_reuse_connection();
 if(!f_soc){
-  log_message(data:"gb_flock_detect_win.nasl:SSH login failed");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_flock_detect_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_flock_detect_win.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_flock_detect_win.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -52,12 +52,10 @@
 
 if(!get_kb_item("SMB/WindowsVersion"))
 {
-  log_message(data:"gb_flock_detect_win.nasl:Non-Windows Platform found");
   exit(0);
 }
 
 if(!registry_key_exists(key:"SOFTWARE\Flock\Flock")){
-  log_message(data:"gb_flock_detect_win.nasl:Flock is not installed");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_google_chrome_js_uri_xss_vuln_sep09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_google_chrome_js_uri_xss_vuln_sep09.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_google_chrome_js_uri_xss_vuln_sep09.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -78,7 +78,6 @@
 chromeVer = get_kb_item("GoogleChrome/Win/Ver");
 if(isnull(chromeVer))
 {
-  log_message(data:"gb_google_chrome_js_uri_xss_vuln_sep09.nasl:Google Chrome not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_ibm_db2mc_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ibm_db2mc_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_ibm_db2mc_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -55,7 +55,6 @@
 
 if(!get_port_state(dmcPort))
 {
-  log_message(data:"gb_ibm_db2mc_detect.nasl: Required HTTP port is not open.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_ibm_db2mc_mult_unspecified_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ibm_db2mc_mult_unspecified_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_ibm_db2mc_mult_unspecified_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -81,14 +81,12 @@
 dmcPort = get_http_port(default:80);
 if(!dmcPort)
 {
-  log_message(data:"gb_ibm_db2mc_mult_unspecified_vuln.nasl: Required HTTP Port is not open");
   exit(0);
 }
 
 dmcVer = get_kb_item("www/" + dmcPort + "/IBM/DB2MC");
 if(!dmcVer)
 {
-   log_message(data:"gb_ibm_db2mc_mult_unspecified_vuln.nasl: IBM DB2 MC is not installed.");
    exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_icq_toolbar_actvx_ctrl_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_icq_toolbar_actvx_ctrl_dos_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_icq_toolbar_actvx_ctrl_dos_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -82,7 +82,6 @@
 cqVer = get_kb_item("ICQ/Toolbar/Ver");
 if(!cqVer)
 {
-  log_message(data:"gb_icq_toolbar_actvx_ctrl_dos_vuln: ICQ Toolbar is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_icq_toolbar_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_icq_toolbar_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_icq_toolbar_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -51,7 +51,6 @@
 include("secpod_smb_func.inc");
 
 if(!get_kb_item("SMB/WindowsVersion")){
-  log_message(data:"gb_icq_toolbar_detect.nasl: Not a Windows target.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_ikiwiki_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ikiwiki_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_ikiwiki_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -50,7 +50,6 @@
 sock = ssh_login_or_reuse_connection();
 if(!sock)
 {
-  log_message(data:"gb_ikiwiki_detect.nasl: SSH login failed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_k-meleon_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_k-meleon_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_k-meleon_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -52,7 +52,6 @@
 
 if(!get_kb_item("SMB/WindowsVersion"))
 {
-  log_message(data:"gb_k-meleon_detect.nasl: Not a Windows target.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_lunascape_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_lunascape_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_lunascape_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -52,7 +52,6 @@
 
 if(!get_kb_item("SMB/WindowsVersion"))
 {
-  log_message(data:"gb_lunascape_detect.nasl:Not a Windows target.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_maxthon_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_maxthon_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_maxthon_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -52,7 +52,6 @@
 
 if(!get_kb_item("SMB/WindowsVersion"))
 {
-  log_message(data:"gb_maxthon_detect.nasl: Not a Windows target.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_mozilla_detect_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mozilla_detect_win.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_mozilla_detect_win.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -106,7 +106,6 @@
 
 
 if(!get_kb_item("SMB/WindowsVersion")){
-  log_message(data:"gb_mozilla_detect_win.nasl: Not a Windows target.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -84,7 +84,6 @@
      version_is_equal(version:ffVer, test_version:"3.5.2"))
   {
     security_warning(0);
-    log_message(data:"Exit due to Firefox Vulnerable version is Found");
     exit(0);
   }
 }

Modified: trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -84,7 +84,6 @@
      version_is_equal(version:ffVer, test_version:"3.5.2"))
   {
     security_warning(0);
-    log_message(data:"Exit due to Firefox Vulnerable version is Found");
     exit(0);
   }
 }

Modified: trunk/openvas-plugins/scripts/gb_ms_win2k3_dos_vuln_sep09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ms_win2k3_dos_vuln_sep09.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_ms_win2k3_dos_vuln_sep09.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -80,8 +80,6 @@
 include("secpod_smb_func.inc");
 
 if(hotfix_check_sp(win2003:3) <= 0){
-  log_message(data:"gb_ms_win2k3_dos_vuln_sep09.nasl:
-                    Installed OS is not vulnerable");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_netrisk_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_netrisk_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_netrisk_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -55,7 +55,6 @@
 
 if(!get_port_state(netriskPort))
 {
-  log_message(data:"gb_netrisk_detect.nasl: Required HTTP port is not open");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_netrisk_sec_bypass_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_netrisk_sec_bypass_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_netrisk_sec_bypass_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -80,7 +80,6 @@
 
 if(!netriskPort)
 {
-  log_message(data:"gb_netrisk_sec_bypass_vuln.nasl: Required HTTP port is not open.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_openoffice_word_bof_vuln_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_openoffice_word_bof_vuln_lin.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_openoffice_word_bof_vuln_lin.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -79,7 +79,6 @@
 openVer = get_kb_item("OpenOffice/Linux/Ver");
 if(!openVer)
 {
-  log_message(data:"gb_openoffice_word_bof_vuln_lin.nasl: OpenOffice is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_openoffice_word_bof_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_openoffice_word_bof_vuln_win.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_openoffice_word_bof_vuln_win.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -79,7 +79,6 @@
 openVer = get_kb_item("OpenOffice/Win/Ver");
 if(!openVer)
 {
-  log_message(data:"gb_openoffice_word_bof_vuln_win.nasl: OpenOffice is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_openpro_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_openpro_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_openpro_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -53,7 +53,6 @@
   openPort = 80;
 }
 if(!get_port_state(openPort)){
-  log_message(data:"gb_openpro_detect.nasl: Required HTTP port is not open");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_openpro_file_inc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_openpro_file_inc_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_openpro_file_inc_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -77,7 +77,6 @@
 
 openPort = get_http_port(default:80);
 if(!openPort){
-  log_message(data:"gb_openpro_file_inc_vuln.nasl: Required HTTP port is not open");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_opera_js_uri_xss_vuln_sep09_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_opera_js_uri_xss_vuln_sep09_lin.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_opera_js_uri_xss_vuln_sep09_lin.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -76,7 +76,6 @@
 operaVer = get_kb_item("Opera/Build/Linux/Ver");
 if(isnull(operaVer))
 {
-  log_message(data:"gb_opera_js_uri_xss_vuln_sep09_lin.nasl: Opera is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_opera_js_uri_xss_vuln_sep09_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_opera_js_uri_xss_vuln_sep09_win.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_opera_js_uri_xss_vuln_sep09_win.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -76,7 +76,6 @@
 operaVer = get_kb_item("Opera/Build/Win/Ver");
 if(isnull(operaVer))
 {
-  log_message(data:"gb_opera_js_uri_xss_vuln_sep09_win.nasl: Opera is not installed");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_opera_mult_url_spoof_vuln_sep09_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_opera_mult_url_spoof_vuln_sep09_lin.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_opera_mult_url_spoof_vuln_sep09_lin.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -89,7 +89,6 @@
 
 if(isnull(operaVer))
 {
-  log_message(data:"gb_opera_mult_url_spoof_vuln_sep09_lin.nasl: Opera is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_opera_mult_url_spoof_vuln_sep09_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_opera_mult_url_spoof_vuln_sep09_win.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_opera_mult_url_spoof_vuln_sep09_win.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -88,7 +88,6 @@
 operaVer = get_kb_item("Opera/Win/Version");
 if(isnull(operaVer))
 {
-  log_message(data:"gb_opera_mult_url_spoof_vuln_sep09_win.nasl: Opera is not installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_orca_browser_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_orca_browser_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_orca_browser_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -108,7 +108,6 @@
 
 if(!get_kb_item("SMB/WindowsVersion"))
 {
-  log_message(data:"gb_orca_browser_detect.nasl: Not a Windows target.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_qtweb_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_qtweb_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_qtweb_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -52,7 +52,6 @@
 
 if(!get_kb_item("SMB/WindowsVersion"))
 {
-  log_message(data:"gb_qtweb_detect.nasl: Not a Windows target.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_sinecms_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_sinecms_detect.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_sinecms_detect.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -55,7 +55,6 @@
 
 if(!get_port_state(sinePort))
 {
-  log_message(data:"gb_sinecms_detect.nasl: Required HTTP port is not open.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/gb_sinecms_file_incl_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_sinecms_file_incl_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/gb_sinecms_file_incl_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -81,7 +81,6 @@
 sinePort = get_http_port(default:80);
 if(!sinePort)
 {
-  log_message(data:"gb_sinecms_file_incl_vuln.nasl: Required HTTP port is not open.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/ms_telnet_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ms_telnet_overflow.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/ms_telnet_overflow.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -70,7 +70,6 @@
     close(sock);
     return(1);
   }else{
-    log_message(data:'Can\'t connect to port ' + port);
     return(0);
   }
 }

Modified: trunk/openvas-plugins/scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -124,8 +124,6 @@
   astk_sock = ssh_login_or_reuse_connection();
   if(!astk_sock)
   {
-    log_message(data:"secpod_asterisk_sip_channel_driver_dos_vuln.nasl:
-                                             Unable to login over ssh");
     exit(0);
   }
 

Modified: trunk/openvas-plugins/scripts/secpod_firefox_document_location_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_firefox_document_location_dos_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_firefox_document_location_dos_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -81,8 +81,6 @@
 include("version_func.inc");
 
 if(hotfix_check_sp(xp:4) <= 0){
-  log_message(data:"secpod_firefox_document_location_dos_vuln.nasl:
-                                  Installed OS is not Windows XP SP3 and below");
   exit(0);
 }
 
@@ -91,8 +89,6 @@
 
 if(isnull(ffVer))
 {
-  log_message(data:"secpod_firefox_document_location_dos_vuln.nasl:
-                                 Firefox is not installed");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -78,8 +78,6 @@
 chromeVer = get_kb_item("GoogleChrome/Win/Ver");
 
 if(isnull(chromeVer)){
-  log_message(data:"secpod_google_chrome_chromehtml_dos_vuln.nasl:
-                                Google Chrome is not installed");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_aug09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_aug09.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_aug09.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -82,8 +82,6 @@
 chromeVer = get_kb_item("GoogleChrome/Win/Ver");
 
 if(isnull(chromeVer)){
-  log_message(data:"secpod_google_chrome_mult_vuln_aug09.nasl:
-                            Google Chrome is not installed");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -52,7 +52,6 @@
 
 # Check for Windows OS
 if(!get_kb_item("SMB/WindowsVersion")){
-  log_message(data:"secpod_kvirc_detect_win.nasl:Target Machine is not a Windows OS");
   exit(0);
 }
 
@@ -102,7 +101,6 @@
           }
           else
           {
-            log_message(data:"Version is not Found in Readme.txt File");
             exit(0);
           }
         }

Modified: trunk/openvas-plugins/scripts/secpod_ms09-046.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms09-046.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_ms09-046.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -81,14 +81,12 @@
 include("secpod_smb_func.inc");
 
 if(hotfix_check_sp(xp:4, win2k:5, win2003:3) <= 0){
-  log_message(data:"Exit because installed OS is not vulnerable");
   exit(0);
 }
 
 # MS09-046 Hotfix check
 if(hotfix_missing(name:"956844") == 0)
 {
-  log_message(data:"secpod_ms09-046.nasl: Hotfix is installed.");
   exit(0);
 }
 
@@ -97,7 +95,6 @@
 
 if(!dllPath)
 {
-  log_message(data:"secpod_ms09-046.nasl: Required dll is not found.");
   exit(0);
 }
 
@@ -108,7 +105,6 @@
 dllVer = GetVer(file:file, share:share);
 if(!dllVer)
 {
-  log_message(data:"secpod_ms09-046.nasl: Required dll is not found.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/secpod_ms09-047.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms09-047.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_ms09-047.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -86,7 +86,6 @@
 # MS09-047 Hotfix check
 if((hotfix_missing(name:"968816") == 0)||(hotfix_missing(name:"972554") == 0))
 {
-  log_message(data:"secpod_ms09-047.nasl: Required hotfix is installed.");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/secpod_ms09-048.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms09-048.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_ms09-048.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -91,7 +91,6 @@
   # MS09-048 Hotfix check
   if(hotfix_missing(name:"967723") == 0)
   {
-    log_message(data:"secpod_ms09-048.nasl: Hotfix is installed.");
     exit(0);
   }
 
@@ -99,7 +98,6 @@
                             item:"Install Path");
   if(!sysPath)
   {
-    log_message(data:"secpod_ms09-048.nasl: Required file is not present.");
     exit(0);
   }
 
@@ -110,7 +108,6 @@
   sysVer = GetVer(file:file, share:share);
   if(!sysVer)
   {
-    log_message(data:"secpod_ms09-048.nasl: Unable to get the version for the file Tcpip.sys.");
     exit(0);
   }
 

Modified: trunk/openvas-plugins/scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -78,7 +78,6 @@
 ieVer = get_kb_item("MS/IE/EXE/Ver");
 if(!ieVer)
 {
-  log_message(data:"secpod_ms_ie_addr_bar_spoofing_vuln:Internet Explorer is not installed");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/secpod_php_sec_bypass_vuln_aug09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_php_sec_bypass_vuln_aug09.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_php_sec_bypass_vuln_aug09.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -80,7 +80,6 @@
 phpPort = get_http_port(default:80);
 if(!phpPort)
 {
-  log_message(data:"secpod_php_sec_bypass_vuln_aug09.nasl: HTTP port is not open");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/secpod_projectbutler_file_inc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_projectbutler_file_inc_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_projectbutler_file_inc_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -81,15 +81,11 @@
 }
 
 if(!get_port_state(pbPort)){
-  log_message(data:"secpod_projectbutler_file_inc_vuln.nasl:
-                    Require port is not open");
   exit(0);
 }
 
 if(safe_checks())
 {
-  log_message(data:"secpod_projectbutler_file_inc_vuln.nasl:
-                    Safe check is enabled, not proceeding");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/secpod_squirrelmail_csrf_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_squirrelmail_csrf_vuln.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/secpod_squirrelmail_csrf_vuln.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -86,7 +86,6 @@
 
 if(isnull(squirrelPort))
 {
-  log_message(data:"secpod_squirrelmail_csrf_vuln.nasl: Required HTTP port is not open");
   exit(0);
 }
 
@@ -94,7 +93,6 @@
 
 if(isnull(squirrelVer))
 {
-  log_message(data:"secpod_squirrelmail_csrf_vuln.nasl: SquirrelMail not installed");
   exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/showmount.nasl
===================================================================
--- trunk/openvas-plugins/scripts/showmount.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/showmount.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -105,7 +105,6 @@
   if(protocol == IPPROTO_UDP){
     udp_sock = open_sock_udp(port);
     if(isnull(udp_sock)) {
-                  log_message(data: "rpc_mountd_export: Error opening socket on udp port " + port);
       return NULL;
     }
     send(socket: udp_sock, data: rpc_mountd_export_call);
@@ -114,43 +113,36 @@
   }else if(protocol == IPPROTO_TCP){
     tcp_sock = open_sock_tcp(port);
     if(isnull(tcp_sock)){
-                        log_message(data: "rpc_mountd_export: Error opening socket on tcp port " + port);
       return NULL;
     }
                 send(socket: tcp_sock, data: rpc_mountd_export_call);
                 rpc_mountd_export_reply = recv(socket: tcp_sock, length: MSS);
     close(tcp_sock);
   }else {
-    log_message(data: "rpc_mountd_export: Invalid protocol");
     return NULL;
   }
 
   if(isnull(rpc_mountd_export_reply)){
-                log_message(data: "rpc_mountd_export: No reply message");
     return NULL;
   }
 
   #RPC reply
   reply_xid = substr(rpc_mountd_export_reply,0,3);
   if(reply_xid != XID){
-    log_message(data: "rpc_mountd_export: xid don't match");
     return NULL;
   }
   reply_msg_type = substr(rpc_mountd_export_reply,4,7);
   if(reply_msg_type != raw_string(0x00, 0x00, 0x00, 0x01)){
-    log_message(data: "rpc_mountd_export: Not a reply message");
     return NULL;
   }
   reply_reply_state = substr(rpc_mountd_export_reply,8,11);
   if(reply_reply_state != raw_string(0x00, 0x00, 0x00, 0x00)){
-    log_message(data: "rpc_mountd_export: Call was denied by the server");
     return NULL;
   }
   reply_verifier_flavor = substr(rpc_mountd_export_reply,12,15);
         reply_verifier_length = substr(rpc_mountd_export_reply,16,19);
         reply_accept_state = substr(rpc_mountd_export_reply,20,23);
   if(reply_accept_state != raw_string(0x00, 0x00, 0x00, 0x00)){
-    log_message(data: "rpc_mountd_export: Remote procedure returned an error");
     return NULL;
   }
   #MOUNTD exportlist
@@ -168,7 +160,6 @@
 
 export_list = rpc_mountd_export(port: RPC_MOUNTD_port, protocol: IPPROTO_UDP); #using UDP because get_rpc_port is written only for udp ports
 if(isnull(export_list)){
-  log_message(data: "rpc_mountd_export: FAIL!");
   exit(-1);
 }else{
   VALUE_FOLLOWS = raw_string(0x00, 0x00, 0x00, 0x01);

Added: trunk/openvas-plugins/scripts/simple_machines_forum_37182.nasl
===================================================================
--- trunk/openvas-plugins/scripts/simple_machines_forum_37182.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/simple_machines_forum_37182.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -0,0 +1,101 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# Simple Machines Forum Multiple Security Vulnerabilities
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100371);
+ script_bugtraq_id(37182);
+ script_version ("1.0-$Revision$");
+
+ script_name("Simple Machines Forum Multiple Security Vulnerabilities");
+
+desc = "Overview:
+Simple Machines Forum is prone to multiple security vulnerabilities:
+
+- A remote PHP code-execution vulnerability
+- Multiple cross-site scripting vulnerabilities
+- Multiple cross-site request-forgery vulnerabilities
+- An information-disclosure vulnerability
+- Multiple denial-of-service vulnerabilities
+
+ Attackers can exploit these issues to execute arbitrary script code
+ within the context of the webserver, perform unauthorized actions on
+ behalf of legitimate users, compromise the affected application,
+ steal cookie-based authentication credentials, obtain information
+ that could aid in further attacks or cause denial-of-service
+ conditions.
+
+Please note some of these issues may already be described in other
+BIDs. This BID will be updated if further analysis confirms this.
+
+These issues affect Simple Machines Forum 2.0 RC2. Some of these
+issues also affect version 1.1.10.
+
+Solution:
+Reportedly, the vendor fixed some of the issues in the release 1.1.11.
+
+References:
+http://www.securityfocus.com/bid/37182
+http://www.simplemachines.org/
+http://code.google.com/p/smf2-review/issues/list
+
+Risk factor : High";
+
+ script_description(desc);
+ script_summary("Determine if Simple Machines Forum is prone to	multiple security vulnerabilities");
+ script_category(ACT_GATHER_INFO);
+ script_family("Web application abuses");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("gb_simple_machines_forum_detect.nasl");
+ script_require_ports("Services/www", 80);
+ script_exclude_keys("Settings/disable_cgi_scanning");
+ exit(0);
+}
+
+include("http_func.inc");
+include("http_keepalive.inc");
+include("version_func.inc");
+
+port = get_http_port(default:80);
+if(!get_port_state(port))exit(0);
+
+if (!can_host_php(port:port)) exit(0);
+
+if(!version = get_kb_item(string("www/", port, "/SMF")))exit(0);
+if(!matches = eregmatch(string:version, pattern:"^(.+) under (/.*)$"))exit(0);
+
+vers = matches[1];
+
+if(!isnull(vers) && vers >!< "unknown") {
+
+ if(version_is_equal(version: vers, test_version: "1.1.10") ||
+    version_is_equal(version: vers, test_version: "2.0.RC2")) {
+        security_warning(port:port);
+        exit(0);
+  }
+}
+
+exit(0);


Property changes on: trunk/openvas-plugins/scripts/simple_machines_forum_37182.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Modified: trunk/openvas-plugins/scripts/yahoo_msg_running.nasl
===================================================================
--- trunk/openvas-plugins/scripts/yahoo_msg_running.nasl	2009-12-02 13:56:52 UTC (rev 6037)
+++ trunk/openvas-plugins/scripts/yahoo_msg_running.nasl	2009-12-02 16:30:58 UTC (rev 6038)
@@ -173,7 +173,6 @@
 
     }
 }else{
-        log_message(data:"Can't open socket.");
         exit(-1);
 }
 



More information about the Openvas-commits mailing list