[Openvas-commits] r6163 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Thu Dec 17 09:03:11 CET 2009 

Author: jan
Date: 2009-12-17 09:03:08 +0100 (Thu, 17 Dec 2009)
New Revision: 6163

Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/version_func.inc
Log:
* scripts/version_func.inc (find_bin, find_file, get_bin_version):
Remove "islocalhost" conditional
block where search commands like "locate" are directly executed
instead of using a SSH connection. This now avoids that some
commands are executed on the scanner host even without providing SSH credentials
and it also avoids that such commands are executed with the
same privileges as the scanner daemon.



Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-12-17 07:14:37 UTC (rev 6162)
+++ trunk/openvas-plugins/ChangeLog	2009-12-17 08:03:08 UTC (rev 6163)
@@ -1,5 +1,15 @@
-1009-12-17  Chandrashekhar B <bchandra at secpod.com>
+2009-12-17  Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>
 
+	* scripts/version_func.inc (find_bin, find_file, get_bin_version):
+	Remove "islocalhost" conditional
+	block where search commands like "locate" are directly executed
+	instead of using a SSH connection. This now avoids that some
+	commands are executed on the scanner host even without providing SSH credentials
+	and it also avoids that such commands are executed with the
+	same privileges as the scanner daemon.
+
+2009-12-17  Chandrashekhar B <bchandra at secpod.com>
+
 	* scripts/gb_etrust_pestpatrol_actvx_ctrl_bof_vuln.nasl,
 	scripts/gb_yabsoft_aihs_xss_n_sql_inj_vuln.nasl,
 	scripts/gb_firefox_mult_spoof_vuln_win_dec09.nasl,

Modified: trunk/openvas-plugins/scripts/version_func.inc
===================================================================
--- trunk/openvas-plugins/scripts/version_func.inc	2009-12-17 07:14:37 UTC (rev 6162)
+++ trunk/openvas-plugins/scripts/version_func.inc	2009-12-17 08:03:08 UTC (rev 6163)
@@ -13,21 +13,15 @@
   local_var r, whe, whi;
   whe = "";
   whi = "";
-  if (islocalhost()) {
-     r = split(pread(cmd:"locate", argv:make_list("locate", "-i", "*bin/"+prog_name)) );
-     whe = pread(cmd: "whereis", argv:make_list("whereis", "-b", prog_name));
-     whi = pread(cmd:"which", argv:make_list("which", "-a", prog_name));
+  if(! sock) {
+    sock = ssh_login_or_reuse_connection();
+  }
+  if(sock) {
+    r = split(ssh_cmd(socket:sock, cmd:"locate -i *bin/"+prog_name, timeout:60));
+    whe = ssh_cmd(socket:sock, cmd:"whereis -b "+prog_name, timeout:60);
+    whi = ssh_cmd(socket:sock, cmd:"which -a "+prog_name, timeout:60);
   } else {
-      if(! sock) {
-        sock = ssh_login_or_reuse_connection();
-      }
-      if(sock) {
-        r = split(ssh_cmd(socket:sock, cmd:"locate -i *bin/"+prog_name, timeout:60));
-        whe = ssh_cmd(socket:sock, cmd:"whereis -b "+prog_name, timeout:60);
-        whi = ssh_cmd(socket:sock, cmd:"which -a "+prog_name, timeout:60);
-      } else {
-         r = NULL;
-      }
+     r = NULL;
   }
   if( "bin/"+prog_name >!< r ) {
     if( "bin/"+prog_name >< whe ) {
@@ -58,29 +52,19 @@
 
   fname = ereg_replace(pattern:"\*.+", string:file_name, replace:"");
 
-  if (islocalhost()) {
-     r = split(pread(cmd:"locate", argv:make_list("locate", lparam, file_path+file_name+regexpar )) );
-     if(fname >!< r) {
-       if(! isnull(file_path) ) {
-         f = split(pread(cmd:"find", argv:make_list("find", file_path , "-maxdepth", "7",
-                             "-mindepth", "1", "-name",  file_name, "-type", "f")));
-       }	 
-     } 
-  } else {
-      if(! sock) {
-        sock = ssh_login_or_reuse_connection();
+  if(! sock) {
+    sock = ssh_login_or_reuse_connection();
+  }
+  if(sock) {
+    r = split(ssh_cmd(socket:sock, cmd:"locate "+lparam+" "+raw_string(0x22)+file_path+file_name+
+                                        regexpar+raw_string(0x22), timeout:60));
+    if(fname >!< r) {
+      if(!isnull(file_path) ) {
+        f = split(ssh_cmd(socket:sock, cmd:"find "+raw_string(0x22)+file_path+raw_string(0x22)+
+                                           " -maxdepth 7 -mindepth 1"+" -name "+raw_string(0x22)+
+                                           file_name+raw_string(0x22)+" -type f", timeout:60));
       }
-      if(sock) {
-        r = split(ssh_cmd(socket:sock, cmd:"locate "+lparam+" "+raw_string(0x22)+file_path+file_name+
-                                            regexpar+raw_string(0x22), timeout:60));
-        if(fname >!< r) {
-          if(!isnull(file_path) ) {
-            f = split(ssh_cmd(socket:sock, cmd:"find "+raw_string(0x22)+file_path+raw_string(0x22)+
-                                               " -maxdepth 7 -mindepth 1"+" -name "+raw_string(0x22)+
-                                               file_name+raw_string(0x22)+" -type f", timeout:60));
-          }
-	}  
-      } 
+    }
   }
 
   if( fname >!< r ) {
@@ -96,16 +80,12 @@
 function get_bin_version(full_prog_name, version_argv, ver_pattern, sock) {
   local_var loc_version, r, report;
 
-  if (islocalhost()) {
-     r = pread(cmd:full_prog_name, argv:make_list(full_prog_name, version_argv) );
-  } else {
-     if(! sock) {
-       sock = ssh_login_or_reuse_connection();
-     }
-     if(sock) {
-       r = ssh_cmd(socket:sock, cmd:full_prog_name +" "+version_argv, timeout:60);
-     }
+  if(! sock) {
+    sock = ssh_login_or_reuse_connection();
   }
+  if(sock) {
+    r = ssh_cmd(socket:sock, cmd:full_prog_name +" "+version_argv, timeout:60);
+  }
   loc_version = eregmatch(pattern:ver_pattern, string:r);
   if(loc_version != NULL) loc_version[max_index(loc_version)] = r;
   return (loc_version);

More information about the Openvas-commits mailing list