[Openvas-commits] r6137 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Tue Dec 15 19:11:59 CET 2009


Author: mime
Date: 2009-12-15 19:11:56 +0100 (Tue, 15 Dec 2009)
New Revision: 6137

Added:
   trunk/openvas-plugins/scripts/digital_scribe_37292.nasl
   trunk/openvas-plugins/scripts/monkey_http_37307.nasl
   trunk/openvas-plugins/scripts/ntp_37255.nasl
   trunk/openvas-plugins/scripts/phpldapadmin_37327.nasl
   trunk/openvas-plugins/scripts/phpldapadmin_detect.nasl
   trunk/openvas-plugins/scripts/savant_12429.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/cve_current.txt
   trunk/openvas-plugins/scripts/TikiWiki_xss.nasl
Log:
Added new plugins

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-12-15 07:56:25 UTC (rev 6136)
+++ trunk/openvas-plugins/ChangeLog	2009-12-15 18:11:56 UTC (rev 6137)
@@ -1,3 +1,17 @@
+2009-12-15 Michael Meyer <michael.meyer at intevation.de>
+
+	* scripts/phpldapadmin_37327.nasl,
+	scripts/ntp_37255.nasl,
+	scripts/digital_scribe_37292.nasl,
+	scripts/savant_12429.nasl,
+	scripts/monkey_http_37307.nasl,
+	scripts/phpldapadmin_detect.nasl:
+	Added new plugins.
+
+	* scripts/TikiWiki_xss.nasl:
+	Ignore XSS in 404 pages. "cross_site_scripting.nasl" will
+	report about it.
+	
 2009-12-14  Thomas Reinke <reinke at securityspace.com>
 
 	* scripts/deb_1947_1.nasl,

Modified: trunk/openvas-plugins/cve_current.txt
===================================================================
--- trunk/openvas-plugins/cve_current.txt	2009-12-15 07:56:25 UTC (rev 6136)
+++ trunk/openvas-plugins/cve_current.txt	2009-12-15 18:11:56 UTC (rev 6137)
@@ -377,3 +377,7 @@
 CVE-2009-4238			SecPod		svn		R
 CVE-2009-4250			SecPod		svn		R
 CVE-2009-4249			SecPod		svn		R
+37327				Greenbone	svn		R
+CVE-2009-3563			Greenbone	svn		R
+37292				Greenbone	svn		R	
+37307				Greenbone	svn		R

Modified: trunk/openvas-plugins/scripts/TikiWiki_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/TikiWiki_xss.nasl	2009-12-15 07:56:25 UTC (rev 6136)
+++ trunk/openvas-plugins/scripts/TikiWiki_xss.nasl	2009-12-15 18:11:56 UTC (rev 6137)
@@ -72,9 +72,8 @@
  buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE);
  if( buf == NULL )continue;
 
- if (
-     egrep(pattern:"<script>alert\(document\.cookie\);</script>", string: buf) 
-    )
+ if (egrep(pattern:"<script>alert\(document\.cookie\);</script>", string: buf) &&
+     buf =~ "^HTTP/1\.[01] +200")
      
  	{    
        	  security_warning(port:port);

Added: trunk/openvas-plugins/scripts/digital_scribe_37292.nasl
===================================================================
--- trunk/openvas-plugins/scripts/digital_scribe_37292.nasl	2009-12-15 07:56:25 UTC (rev 6136)
+++ trunk/openvas-plugins/scripts/digital_scribe_37292.nasl	2009-12-15 18:11:56 UTC (rev 6137)
@@ -0,0 +1,92 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# Digital Scribe Multiple SQL Injection Vulnerabilities
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100398);
+ script_bugtraq_id(37292);
+ script_version ("1.0-$Revision$");
+
+ script_name("Digital Scribe Multiple SQL Injection Vulnerabilities");
+
+desc = "Overview:
+Digital Scribe is prone to multiple SQL-injection vulnerabilities
+because it fails to sufficiently sanitize user-supplied data before
+using it in an SQL query.
+
+Exploiting these issues could allow an attacker to compromise the
+application, access or modify data, or exploit latent vulnerabilities
+in the underlying database.
+
+Digital Scribe 1.4.1 is vulnerable; other versions may also be
+affected.
+
+References:
+http://www.securityfocus.com/bid/37292
+http://www.digital-scribe.org/
+http://www.securityfocus.com/archive/1/508410
+
+Risk factor : Medium";
+
+ script_description(desc);
+ script_summary("Determine if Digital Scribe is prone to multiple SQL-injection vulnerabilities");
+ script_category(ACT_ATTACK);
+ script_family("Web application abuses");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("find_service.nes", "http_version.nasl");
+ script_require_ports("Services/www", 80);
+ script_exclude_keys("Settings/disable_cgi_scanning");
+ exit(0);
+}
+
+include("http_func.inc");
+include("http_keepalive.inc");
+include("global_settings.inc");
+   
+port = get_http_port(default:80);
+if(!get_port_state(port))exit(0);
+if(!can_host_php(port:port))exit(0);
+
+dirs = make_list("/DigitalScribe","/digitalscribe",cgi_dirs());
+
+foreach dir (dirs) {
+   
+  url = string(dir, "/stuworkdisplay.php?ID=-1)%20UNION%20ALL%20SELECT%200x4f70656e5641532d53514c2d496e6a656374696f6e2d54657374,2,3,4,5,6,7,8,9,10,11%23"); 
+  req = http_get(item:url, port:port);
+  buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE);  
+  if( buf == NULL )continue;
+
+  if(egrep(pattern: "Student Work", string: buf, icase: TRUE) || 
+     egrep(pattern: "OpenVAS-SQL-Injection-Test", string: buf)) {
+     
+      security_warning(port:port);
+      exit(0);
+
+  }
+}
+
+exit(0);
+


Property changes on: trunk/openvas-plugins/scripts/digital_scribe_37292.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Added: trunk/openvas-plugins/scripts/monkey_http_37307.nasl
===================================================================
--- trunk/openvas-plugins/scripts/monkey_http_37307.nasl	2009-12-15 07:56:25 UTC (rev 6136)
+++ trunk/openvas-plugins/scripts/monkey_http_37307.nasl	2009-12-15 18:11:56 UTC (rev 6137)
@@ -0,0 +1,85 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# Monkey HTTP Daemon Invalid HTTP 'Connection' Header Denial Of Service Vulnerability
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100397);
+ script_bugtraq_id(37307);
+ script_version ("1.0-$Revision$");
+
+ script_name("Monkey HTTP Daemon Invalid HTTP 'Connection' Header Denial Of Service Vulnerability");
+
+desc = "Overview:
+Monkey HTTP Daemon is prone to a denial-of-service vulnerability.
+
+Remote attackers can exploit this issue to cause the application to
+crash, denying service to legitimate users.
+
+Versions prior to Monkey HTTP Daemon 0.9.3 are vulnerable.
+
+Solution:
+Updates are available; please see the references for more information.
+
+References:
+http://www.securityfocus.com/bid/37307
+http://groups.google.com/group/monkeyd/browse_thread/thread/055b4e9b83973861/c0e013d166ae1eb3?show_docid=c0e013d166ae1eb3
+http://monkeyd.sourceforge.net/
+http://census-labs.com/news/2009/12/14/monkey-httpd/
+http://www.securityfocus.com/archive/1/508442
+
+Risk factor : Medium";
+
+ script_description(desc);
+ script_summary("Determine if Monkey HTTP Daemon is prone to a denial-of-service vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_family("Web Servers");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("find_service.nes");
+ script_require_ports("Services/www", 2001);
+ exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+port = get_http_port(default:2001);
+if(!get_port_state(port))exit(0);
+
+banner = get_http_banner(port: port);
+if(!banner)exit(0);
+
+if("Server: Monkey/" >!< banner)exit(0);
+version = eregmatch(pattern: "Server: Monkey/([0-9.]+)", string: banner);
+if(isnull(version[1]))exit(0);
+
+   if(version_is_less(version: version[1], test_version: "0.9.3")) {
+        security_note(port:port);
+        exit(0); 
+   }
+
+exit(0);
+


Property changes on: trunk/openvas-plugins/scripts/monkey_http_37307.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Added: trunk/openvas-plugins/scripts/ntp_37255.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ntp_37255.nasl	2009-12-15 07:56:25 UTC (rev 6136)
+++ trunk/openvas-plugins/scripts/ntp_37255.nasl	2009-12-15 18:11:56 UTC (rev 6137)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100399);
+ script_bugtraq_id(37255);
+ script_cve_id("CVE-2009-3563");
+ script_version ("1.0-$Revision$");
+
+ script_name("NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability");
+
+desc = "Overview:
+NTP is prone to a remote denial-of-service vulnerability because it
+fails to properly handle certain incoming network packets.
+
+An attacker can exploit this issue to cause the application to consume
+excessive CPU resources and fill disk space with log messages.
+
+Solution:
+Updates are available. Please see the references for details.
+
+References:
+http://www.securityfocus.com/bid/37255
+https://support.ntp.org/bugs/show_bug.cgi?id=1331
+http://www.ntp.org/
+http://www.kb.cert.org/vuls/id/568372
+
+Risk factor : Medium";
+
+ script_description(desc);
+ script_summary("Determine if NTP is prone to a remote denial-of-service vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_family("Denial of Service");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("ntp_open.nasl");
+ script_require_keys("NTP/Running");
+ exit(0);
+}
+
+port = "123";
+if(!(get_udp_port_state(port)))exit(0);
+
+data = raw_string(0x97, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00);
+soc = open_sock_udp(port);
+if(!soc)exit(0);
+
+send(socket:soc, data:data);
+r = recv(socket:soc, length:8);
+close(soc);
+
+if(!r)exit(0);
+
+if(hexstr(r) == "9700000030000000") {
+
+  security_warning(port:port, proto: udp);
+  exit(0);
+
+}
+
+exit(0);


Property changes on: trunk/openvas-plugins/scripts/ntp_37255.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Added: trunk/openvas-plugins/scripts/phpldapadmin_37327.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpldapadmin_37327.nasl	2009-12-15 07:56:25 UTC (rev 6136)
+++ trunk/openvas-plugins/scripts/phpldapadmin_37327.nasl	2009-12-15 18:11:56 UTC (rev 6137)
@@ -0,0 +1,102 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# phpldapadmin 'cmd.php' Local File Include Vulnerability
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100396);
+ script_bugtraq_id(37327);
+ script_version ("1.0-$Revision$");
+
+ script_name("phpldapadmin 'cmd.php' Local File Include Vulnerability");
+
+desc = "Overview:
+phpldapadmin is prone to a local file-include vulnerability because it
+fails to sufficiently sanitize user-supplied data.
+
+Exploiting this issue may allow an attacker to compromise the
+application and the underlying system; other attacks are also
+possible.
+
+phpldapadmin 1.1.0.5 is vulnerable; other verisons may also be
+affected.
+
+References:
+http://www.securityfocus.com/bid/37327
+http://phpldapadmin.sourceforge.net/
+
+Risk factor : Medium";
+
+ script_description(desc);
+ script_summary("Determine if phpldapadmin is prone to a local file-include vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_family("Web application abuses");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("phpldapadmin_detect.nasl");
+ script_require_ports("Services/www", 80);
+ script_exclude_keys("Settings/disable_cgi_scanning");
+ exit(0);
+}
+
+include("http_func.inc");
+include("http_keepalive.inc");
+include("global_settings.inc");
+   
+port = get_http_port(default:80);
+if(!get_port_state(port))exit(0);
+if(!can_host_php(port:port))exit(0);
+
+if(!version = get_kb_item(string("www/", port, "/phpldapadmin")))exit(0);
+if(!matches = eregmatch(string:version, pattern:"^(.+) under (/.*)$"))exit(0);
+
+dir = matches[2];
+if(isnull(dir))exit(0);
+
+  url = string(dir, "/htdocs/index.php"); 
+  req = http_get(item:url, port:port);
+  buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE);  
+  if( buf == NULL )exit(0);
+
+  c = eregmatch(pattern: "PLASESSID=([^;]+);", string: buf);
+  if(isnull(c))exit(0);
+
+  host = get_host_name();
+  files = make_list("boot.ini","etc/passwd");
+
+  foreach file (files) {
+    req = string("GET ", dir,"/htdocs/cmd.php?cmd=../../../../../../../../../",file,"%00 HTTP/1.1\r\nHost: ",
+                  host, ":", port,"\r\nCookie: PLASESSID=", c[1],"\r\n\r\n");
+    buf = http_keepalive_send_recv(port:port, data:req);
+    if( buf == NULL )continue;
+
+    if(egrep(pattern: "(root:.*:0:[01]:|\[boot loader\])", string: buf, icase: TRUE)) {
+     
+      security_warning(port:port);
+      exit(0);
+
+    }
+  }
+exit(0);
+


Property changes on: trunk/openvas-plugins/scripts/phpldapadmin_37327.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Added: trunk/openvas-plugins/scripts/phpldapadmin_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpldapadmin_detect.nasl	2009-12-15 07:56:25 UTC (rev 6136)
+++ trunk/openvas-plugins/scripts/phpldapadmin_detect.nasl	2009-12-15 18:11:56 UTC (rev 6137)
@@ -0,0 +1,111 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# phpLDAPadmin Detection
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+# need desc here to modify it later in script.
+desc = "Overview:
+This host is running phpLDAPadmin, a web-based LDAP administration
+tool for managing LDAP server.
+
+See also:
+http://phpldapadmin.sourceforge.net/
+
+Risk factor : None";
+
+if (description)
+{
+ script_id(100395);
+ script_version ("1.0-$Revision$");
+
+ script_name("phpLDAPadmin Detection");
+ script_description(desc);
+ script_summary("Checks for the presence of phpLDAPadmin");
+ script_category(ACT_GATHER_INFO);
+ script_family("Service detection");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("find_service.nes", "http_version.nasl");
+ script_require_ports("Services/www", 80);
+ script_exclude_keys("Settings/disable_cgi_scanning");
+ exit(0);
+}
+
+
+include("http_func.inc");
+include("http_keepalive.inc");
+include("global_settings.inc");
+
+port = get_http_port(default:80);
+
+if(!get_port_state(port))exit(0);
+if(!can_host_php(port:port))exit(0);
+
+dirs = make_list("/phpldapadmin","/ldapadmin","/ldap",cgi_dirs());
+
+foreach dir (dirs) {
+
+ url = string(dir, "/htdocs/index.php");
+ req = http_get(item:url, port:port);
+ buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE);
+ if( buf == NULL )continue;
+
+ if(egrep(pattern: "<title>phpLDAPadmin", string: buf, icase: TRUE) && 
+    egrep(pattern: "PLASESSID", string: buf)) {
+
+     if(strlen(dir)>0) {
+        install=dir;
+     } else {
+        install=string("/");
+     }
+
+    vers = string("unknown");
+    ### try to get version 
+    version = eregmatch(string: buf, pattern: "phpLDAPadmin \(([0-9.]+)\)",icase:TRUE);
+
+    if ( !isnull(version[1]) ) {
+       vers=chomp(version[1]);
+    }
+
+    set_kb_item(name: string("www/", port, "/phpldapadmin"), value: string(vers," under ",install));
+
+    info = string("None\n\nphpLDAPadmin Version '");
+    info += string(vers);
+    info += string("' was detected on the remote host in the following directory(s):\n\n");
+    info += string(install, "\n");
+
+    desc = ereg_replace(
+        string:desc,
+        pattern:"None$",
+        replace:info
+    );
+
+       if(report_verbosity > 0) {
+         security_note(port:port,data:desc);
+       }
+       exit(0);
+
+ }
+}
+exit(0);
+


Property changes on: trunk/openvas-plugins/scripts/phpldapadmin_detect.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Added: trunk/openvas-plugins/scripts/savant_12429.nasl
===================================================================
--- trunk/openvas-plugins/scripts/savant_12429.nasl	2009-12-15 07:56:25 UTC (rev 6136)
+++ trunk/openvas-plugins/scripts/savant_12429.nasl	2009-12-15 18:11:56 UTC (rev 6137)
@@ -0,0 +1,81 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# Savant Web Server Remote Buffer Overflow Vulnerability
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100394);
+ script_bugtraq_id(12429);
+ script_cve_id("CVE-2005-0338");
+ script_version ("1.0-$Revision$");
+
+ script_name("Savant Web Server Remote Buffer Overflow Vulnerability");
+
+desc = "Overview:
+A remote buffer-overflow vulnerability affects Savant Web Server. This
+issue occurs because the application fails to validate the length of
+user-supplied strings before copying them into finite process buffers.
+
+A remote attacker may leverage this issue to execute arbitrary code
+with the privileges of the affected webserver. This issue may
+facilitate unauthorized access or privilege escalation.
+
+References:
+http://www.securityfocus.com/bid/12429
+http://savant.sourceforge.net/index.html
+
+Risk factor : Medium";
+
+ script_description(desc);
+ script_summary("Determine if Savant Web Server version is 3.1");
+ script_category(ACT_GATHER_INFO);
+ script_family("Web Servers");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("find_service.nes");
+ script_require_ports("Services/www", 80);
+ exit(0);
+}
+
+include("http_func.inc");
+include("version_func.inc");
+
+port = get_http_port(default:80);
+if(!get_port_state(port))exit(0);
+
+banner = get_http_banner(port: port);
+if(!banner)exit(0);
+
+if("Server: Savant/" >< banner)
+ {
+   version = eregmatch(pattern: "Savant/([0-9.]+)", string: banner);
+   if(isnull(version[1]))exit(0);
+   if(version_is_equal(version: version[1], test_version: "3.1")) {
+        security_note(port:port);
+        exit(0); 
+   }
+ }
+
+exit(0);
+


Property changes on: trunk/openvas-plugins/scripts/savant_12429.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision



More information about the Openvas-commits mailing list