[Openvas-commits] r6132 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Mon Dec 14 10:00:45 CET 2009


Author: chandra
Date: 2009-12-14 10:00:43 +0100 (Mon, 14 Dec 2009)
New Revision: 6132

Removed:
   trunk/openvas-plugins/scripts/gb_testlink_detect.nasl
   trunk/openvas-plugins/scripts/gb_testlink_xss_n_sql_inj_vuln.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
removed duplicate plugins

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-12-14 08:18:47 UTC (rev 6131)
+++ trunk/openvas-plugins/ChangeLog	2009-12-14 09:00:43 UTC (rev 6132)
@@ -1,5 +1,12 @@
 2009-12-14  Chandrashekhar B <bchandra at secpod.com>
 
+	* scripts/gb_testlink_xss_n_sql_inj_vuln.nasl,
+	scripts/gb_testlink_detect.nasl: Removed as the
+	the issue is covered by, testlink_detect.nasl and
+	testlink_37258.nasl.
+
+2009-12-14  Chandrashekhar B <bchandra at secpod.com>
+
 	* scripts/gb_panda_prdts_priv_esc_vuln.nasl,
 	scripts/gb_panda_prdts_detect.nasl,
 	scripts/gb_image_hosting_script_dpi_xss_vuln.nasl,

Deleted: trunk/openvas-plugins/scripts/gb_testlink_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_testlink_detect.nasl	2009-12-14 08:18:47 UTC (rev 6131)
+++ trunk/openvas-plugins/scripts/gb_testlink_detect.nasl	2009-12-14 09:00:43 UTC (rev 6132)
@@ -1,69 +0,0 @@
-###############################################################################
-# OpenVAS Vulnerability Test
-# $Id: gb_testlink_detect.nasl 6184 2009-12-11 17:25:36Z dec $
-#
-# Testlink Version Detection
-#
-# Authors:
-# Antu Sanadi <santu at secpod.com>
-#
-# Copyright:
-# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version 2
-# (or any later version), as published by the Free Software Foundation.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-###############################################################################
-
-if(description)
-{
-  script_id(801085);
-  script_version("Revision: 1.0 ");
-  script_name("Testlink Version Detection");
-  desc = "
-  Overview: This script finds the installed Testlink version and saves the
-  result in KB.
-
-  Risk factor: Informational";
-
-  script_description(desc);
-  script_summary("Set the version of Testlink in KB");
-  script_category(ACT_GATHER_INFO);
-  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
-  script_family("Service detection");
-  script_dependencies("find_service.nes");
-  script_require_ports("Services/www", 80);
-  exit(0);
-}
-
-
-include("http_func.inc");
-
-tlPort = get_http_port(default:80);
-if(!tlPort){
-  exit(0);
-}
-
-foreach path (make_list("/", "/testlink", "/Testlink", cgi_dirs()))
-{
-  sndReq = http_get(item:string(path, "/login.php"), port:tlPort);
-  rcvRes = http_send_recv(port:tlPort, data:sndReq);
-  if("TestLink" >< rcvRes && (rcvRes != NULL))
-  {
-    tlVer = eregmatch(pattern:"TestLink ([0-9.]+)" , string:rcvRes);
-    if(tlVer[1] != NULL)
-    {
-      set_kb_item(name:"www/" + tlPort + "/TestLink",
-           value:tlVer[1] + " under " + path);
-    }
-  }
-}

Deleted: trunk/openvas-plugins/scripts/gb_testlink_xss_n_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_testlink_xss_n_sql_inj_vuln.nasl	2009-12-14 08:18:47 UTC (rev 6131)
+++ trunk/openvas-plugins/scripts/gb_testlink_xss_n_sql_inj_vuln.nasl	2009-12-14 09:00:43 UTC (rev 6132)
@@ -1,111 +0,0 @@
-###############################################################################
-# OpenVAS Vulnerability Test
-# $Id: gb_testlink_xss_sql_inje_vuln.nasl 6184 2009-12-11 18:11:27Z dec $
-#
-# TestLink Cross Site Scripting and SQL Injection Vulnerabilities
-#
-# Authors:
-# Antu Sanadi <santu at secpod.com>
-#
-# Copyright:
-# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version 2
-# (or any later version), as published by the Free Software Foundation.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-###############################################################################
-
-if(description)
-{
-  script_id(801086);
-  script_version("$Revision: 1.0 $");
-  script_cve_id("CVE-2009-4237","CVE-2009-4238");
-  script_bugtraq_id(37258);
-  script_name("TestLink Cross Site Scripting and SQL Injection Vulnerabilities");
-  desc = "
-  Overview: The host is running TestLink and is prone to Cross Site Scripting
-  and SQL Injection Vulnerabilities.
-
-  Vulnerability Insight:
-  These flaws are due to an improper validation of user supplied input in the req
-  parameter to 'login.php' inside the key parameter for 'ib/general/staticPage.php',
-  inside the 'tableName' parameter for 'lib/attachments/attachmentupload.php', and
-  inside the 'startDate', 'endDate', 'logLevel' parameter for
-  'lib/events/eventviewer.php'.
-
-  Impact:
-  Successful exploitation could allow remote attackers to steal cookie-based
-  authentication credentials, compromise the application, access or modify data,
-  or exploit latest vulnerabilities in the underlying database.
-
-  Impact Level: Network/Application.
-
-  Affected Software/OS:
-  TestLink version prior to 1.8.5 on all running platform.
-
-  Fix: Upgrade to TestLink version 1.8.5 or later,
-  For updates refer, http://sourceforge.net/projects/testlink/files
-
-  References:
-  http://archives.neohapsis.com/archives/fulldisclosure/current/0221.html
-  http://www.teamst.org/index.php?option=com_content&task=view&id=84&Itemid=2
-  http://www.coresecurity.com/content/testlink-multiple-injection-vulnerabilities
-
-  CVSS Score:
-   CVSS Base Score       : 7.5 (AV:N/AC:L/Au:NR/C:P/I:P/A:P)
-   CVSS Temporal Score   : 5.9
-  Risk factor: High";
-
-  script_description(desc);
-  script_summary("Check for the version of TestLink");
-  script_category(ACT_MIXED_ATTACK);
-  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
-  script_dependencies("gb_testlink_detect.nasl");
-  script_family("Web application abuses");
-  script_require_ports("Services/www", 80);
-  exit(0);
-}
-
-
-include("http_func.inc");
-include("version_func.inc");
-
-tlPort = get_http_port(default:80);
-if(!tlPort){
-  exit(0);
-}
-
-tlVer = get_kb_item("www/" + tlPort + "/TestLink");
-if(!tlVer){
-  exit(0);
-}
-
-tlVer = eregmatch(pattern:"^(.+) under (/.*)$", string:tlVer);
-if(!safe_checks() && tlVer[2] != NULL)
-{
-  request = http_get(item:tlVer[2] + "/login.php?req=%22%3E%3Ciframe%20src" +
-                     "=%27OpenVAS-XSS%27%20width=%27100%%27height=%27300%2" +
-                     "7%3E%3C/iframe%3E", port:tlPort);
-  response = http_send_recv(port:tlPort, data:request);
-  if("src='OpenVAS-XSS" >< response)
-  {
-    security_hole(tlPort);
-    exit(0);
-  }
-}
-
-if(tlVer[1] != NULL)
-{
-  if(version_is_less(version:tlVer[1], test_version:"1.8.5")){
-    security_hole(tlPort);
-  }
-}



More information about the Openvas-commits mailing list