[Openvas-commits] r2387 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Wed Feb 4 15:43:55 CET 2009
Author: chandra
Date: 2009-02-04 15:43:54 +0100 (Wed, 04 Feb 2009)
New Revision: 2387
Added:
trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl
trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl
trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl
trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl
trunk/openvas-plugins/scripts/secpod_activex.inc
trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl
Modified:
trunk/openvas-plugins/ChangeLog
Log:
Added new plugins
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2009-02-04 13:59:11 UTC (rev 2386)
+++ trunk/openvas-plugins/ChangeLog 2009-02-04 14:43:54 UTC (rev 2387)
@@ -1,3 +1,12 @@
+2009-02-04 Chandrashekhar B <bchandra at secpod.com>
+ * scripts/secpod_activex.inc,
+ scripts/secpod_dangerous_activex_ctrl.nasl,
+ scripts/gb_winftp_serv_detect.nasl,
+ scripts/gb_winftp_serv_bof_vuln.nasl,
+ scripts/gb_ms_ie_clickjacking_vuln.nasl,
+ scripts/gb_google_chrome_clickjacking_vuln.nasl:
+ Added new plugins
+
2009-02-03 Chandrashekhar B <bchandra at secpod.com>
* scripts/secpod_ms_ie_html_form_dos_vuln.nasl,
scripts/gb_apple_safari_http_uri_dos_vuln_win.nasl,
Added: trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl 2009-02-04 13:59:11 UTC (rev 2386)
+++ trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl 2009-02-04 14:43:54 UTC (rev 2387)
@@ -0,0 +1,86 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id:gb_google_chrome_clickjacking_vuln.nasl 931 2009-02-04 10:00:29Z feb $
+#
+# Google Chrome Clickjacking Vulnerability
+#
+# Authors:
+# Sujit Ghosal <sghosal at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(800223);
+ script_version("$Revision: 1.0 $");
+ script_cve_id("CVE-2009-0374");
+ script_name(english:"Google Chrome Clickjacking Vulnerability");
+ desc["english"] = "
+
+ Overview: This host is installed with Google Chrome and is prone to
+ clickjacking vulnerability.
+
+ Vulnerability Insight:
+ Clickjacking attack vector which hides the destination authentic URL and
+ places arbitrary malicious URL which is being displayed in the user's
+ browser.
+
+ Impact:
+ Successful exploitation will let the attacker execute arbitrary codes in
+ the context of the web browser and can gain sensitive information of the
+ remote user through the crafted URL through arbitrary scripts.
+
+ Affected Software/OS:
+ Google Chrome version 1.0.154.43 and prior.
+
+ Fix: No solution or patch is available as on 04th February 2009, Information
+ regarding this issue will be updated once the solution details are available.
+ For updates refer, http://googlechromereleases.blogspot.com
+
+ References:
+ http://www.milw0rm.com/exploits/7903
+ http://www.securityfocus.com/archive/1/archive/1/500533/100/0/threaded
+ http://www.securityfocus.com/archive/1/archive/1/500499/100/0/threaded
+
+ CVSS Score:
+ CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N)
+ CVSS Temporal Score : 3.9
+ Risk factor: Medium";
+
+ script_description(english:desc["english"]);
+ script_summary(english:"Check for the version of Google Chrome");
+ script_category(ACT_GATHER_INFO);
+ script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
+ script_family(english:"Web application abuses");
+ script_dependencies("gb_google_chrome_detect_win.nasl");
+ script_require_keys("GoogleChrome/Win/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+chromeVer = get_kb_item("GoogleChrome/Win/Ver");
+if(!chromeVer){
+ exit(0);
+}
+
+# Grep for Chrome version 1.0.154.43
+if(version_is_less_equal(version:chromeVer, test_version:"1.0.154.43")){
+ security_warning(0);
+}
Property changes on: trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl 2009-02-04 13:59:11 UTC (rev 2386)
+++ trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl 2009-02-04 14:43:54 UTC (rev 2387)
@@ -0,0 +1,79 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_ms_ie_clickjacking_vuln.nasl 930 2009-02-03 16:11:24Z feb $
+#
+# Microsoft Internet Explorer Clickjacking Vulnerability
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(800347);
+ script_version("$Revision: 1.0 $");
+ script_cve_id("CVE-2009-0369");
+ script_name(english:"Microsoft Internet Explorer Clickjacking Vulnerability");
+ desc["english"] = "
+
+ Overview: This host has installed Internet Explorer and is prone to
+ clickjacking vulnerability
+
+ Vulnerability Insight:
+ Attackers will trick users into visiting an arbitrary URL via an onclick
+ action that moves a crafted element to the current mouse position.
+
+ Impact:
+ Successful exploitation could allow remote attackers to execute arbitrary
+ code and can retrieve sensitive information from the affected application.
+
+ Impact Level: System
+
+ Affected Software/OS:
+ Windows Internet Explorer version 7.x on Windows.
+
+ Fix: No solution or patch is available as on 04th February, 2009. Information
+ regarding this issue will be updated once the solution details are available.
+ For updates refer,
+ http://www.microsoft.com/windows/internet-explorer/download-ie.aspx
+
+ References:
+ http://www.milw0rm.com/exploits/7912
+ http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0369
+
+ CVSS Score:
+ CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N)
+ CVSS Temporal Score : 3.9
+ Risk factor: Medium";
+
+ script_description(english:desc["english"]);
+ script_summary(english:"Check for the Version of Internet Explorer");
+ script_category(ACT_GATHER_INFO);
+ script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
+ script_family(english:"Web application abuses");
+ script_dependencies("gb_ms_ie_detect.nasl");
+ script_require_keys("MS/IE/Version");
+ exit(0);
+}
+
+
+# Check for Internet Explorer version 7.x
+if(get_kb_item("MS/IE/Version") =~ "^7\..*"){
+ security_warning(0);
+}
Property changes on: trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl 2009-02-04 13:59:11 UTC (rev 2386)
+++ trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl 2009-02-04 14:43:54 UTC (rev 2387)
@@ -0,0 +1,94 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_winftp_serv_bof_vuln.nasl 928 2009-02-03 13:21:29Z feb $
+#
+# WinFTP Server LIST Command Buffer Overflow Vulnerability
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(800346);
+ script_version("$Revision: 1.0 $");
+ script_cve_id("CVE-2009-0351");
+ script_bugtraq_id(33454);
+ script_name(english:"WinFTP Server LIST Command Buffer Overflow Vulnerability");
+ desc["english"] = "
+
+ Overview: This host is running WinFTP Server and is prone to Buffer Overflow
+ vulnerability.
+
+ Vulnerability Insight:
+ The flaw exists when processing malformed arguments passed to the LIST command
+ with an asterisk (*) character.
+
+ Impact:
+ Allows remote authenticated attackers to execute arbitrary code within the
+ context of the affected application resulting in buffer overflow and can cause
+ denial of service condition.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ WinFTP Server version 2.3.0 and prior on Windows.
+
+ Fix: No solution or patch is available as on 04th February, 2009. Information
+ regarding this issue will be updated once the solution details are available.
+ For updates refer, http://www.wftpserver.com/
+
+ References:
+ http://www.milw0rm.com/exploits/7875
+ http://xforce.iss.net/xforce/xfdb/48263
+
+ CVSS Score:
+ CVSS Base Score : 9.0 (AV:N/AC:L/Au:SI/C:C/I:C/A:C)
+ CVSS Temporal Score : 8.1
+ Risk factor: Critical";
+
+ script_description(english:desc["english"]);
+ script_summary(english:"Check for the version of WinFTP Server");
+ script_category(ACT_GATHER_INFO);
+ script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
+ script_family(english:"Buffer overflow");
+ script_dependencies("gb_winftp_serv_detect.nasl");
+ script_require_keys("WinFTP/Server/Ver");
+ script_require_ports("Services/ftp", 21);
+ exit(0);
+}
+
+
+include("smb_nt.inc");
+include("version_func.inc");
+
+ftpPort = get_kb_item("Services/ftp");
+if(!ftpPort){
+ exit(0);
+}
+
+winFtpVer = get_kb_item("WinFTP/Server/Ver");
+if(!winFtpVer){
+ exit(0);
+}
+
+# Check for version 2.3.0.0 and prior
+if(version_is_less_equal(version:winFtpVer, test_version:"2.3.0.0")){
+ security_hole(ftpPort);
+}
Property changes on: trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl 2009-02-04 13:59:11 UTC (rev 2386)
+++ trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl 2009-02-04 14:43:54 UTC (rev 2387)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_winftp_serv_detect.nasl 928 2009-02-03 16:26:24Z feb $
+#
+# WinFTP Server Version Detection
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(800345);
+ script_version("Revision: 1.0 ");
+ script_name(english:"WinFTP Server Version Detection");
+ desc["english"] = "
+ Overview : This script detects the installed version of WinFTP Server and
+ sets the result in KB.
+
+ Risk factor : Informational";
+
+ script_description(english:desc["english"]);
+ script_summary(english:"Set KB for the version of WinFTP Server");
+ script_category(ACT_GATHER_INFO);
+ script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
+ script_family(english:"General");
+ script_dependencies("secpod_reg_enum.nasl", "find_service.nes");
+ script_require_keys("SMB/WindowsVersion");
+ script_require_ports("Services/ftp", 21);
+ exit(0);
+}
+
+
+include("smb_nt.inc");
+include("ftp_func.inc");
+include("secpod_smb_func.inc");
+
+ftpPort = get_kb_item("Services/ftp");
+if(!ftpPort){
+ ftpPort = 21;
+}
+
+if(!get_port_state(ftpPort)){
+ exit(0);
+}
+
+if("WinFtp Server" >!< get_ftp_banner(port:ftpPort)){
+ exit(0);
+}
+
+if(!get_kb_item("SMB/WindowsVersion")){
+ exit(0);
+}
+
+regPath = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion",
+ item:"ProgramFilesDir");
+if(!regPath){
+ exit(0);
+}
+
+exePath = regPath + "\WinFTP Server\WFTPSRV.exe";
+share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:exePath);
+file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:exePath);
+
+winFtpVer = GetVer(share:share, file:file);
+if(winFtpVer){
+ set_kb_item(name:"WinFTP/Server/Ver", value:winFtpVer);
+}
Property changes on: trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/openvas-plugins/scripts/secpod_activex.inc
===================================================================
--- trunk/openvas-plugins/scripts/secpod_activex.inc 2009-02-04 13:59:11 UTC (rev 2386)
+++ trunk/openvas-plugins/scripts/secpod_activex.inc 2009-02-04 14:43:54 UTC (rev 2387)
@@ -0,0 +1,46 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_activex.inc 865 2009-01-09 15:15:24Z jan $
+#
+# ActiveX Control functions
+#
+# Authors:
+# Chandrashekhar B <bchandra at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+# Check if killbit is set for the given ActiveX control.
+# clsid - CLSID for the given ActiveX control
+
+function is_killbit_set(clsid)
+{
+ if(clsid)
+ {
+ if(registry_key_exists(key:"SOFTWARE\Classes\CLSID\" + clsid))
+ {
+ activeKey = "SOFTWARE\Microsoft\Internet Explorer\" +
+ "ActiveX Compatibility\" + clsid;
+ killBit = registry_get_dword(key:activeKey, item:"Compatibility Flags");
+ if(killBit && (int(killBit) == 1024)){
+ return 1;
+ }
+ return 0;
+ }
+ }
+ return -1;
+}
Property changes on: trunk/openvas-plugins/scripts/secpod_activex.inc
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl 2009-02-04 13:59:11 UTC (rev 2386)
+++ trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl 2009-02-04 14:43:54 UTC (rev 2387)
@@ -0,0 +1,145 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_dangerous_activex_ctrl.nasl 865 2009-01-19 12:51:24Z jan $
+#
+# Detection of Dangerous ActiveX Control
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(900188);
+ script_version("$Revision: 1.0 $");
+ script_name(english:"Detection of Dangerous ActiveX Control");
+ desc["english"] = "
+ Overview: This script will list all the vulnerable activex controls installed
+ on the remote windows machine with references and cause.
+
+ Risk Factor: Informational";
+
+ script_description(english:desc["english"]);
+ script_summary(english:"Check for Dangerous ActiveX Controls");
+ script_category(ACT_GATHER_INFO);
+ script_copyright(english:"Copyright (C) 2009 SecPod");
+ script_family(english:"General");
+ script_dependencies("secpod_reg_enum.nasl");
+ script_require_keys("SMB/WindowsVersion");
+ exit(0);
+}
+
+include("smb_nt.inc");
+include("secpod_activex.inc");
+
+if(!get_kb_item("SMB/WindowsVersion")){
+ exit(0);
+}
+
+clsid = make_list("{3352B5B9-82E8-4FFD-9EB1-1A3E60056904}", "{BDF3E9D2-5F7A-4F4A-A914-7498C862EA6A}",
+ "{00989888-BB72-4E31-A7C6-5F819C24D2F7}", "{5EFE8CB1-D095-11D1-88FC-0080C859833B}",
+ "{C2FBBB5F-6FF7-4F6B-93A3-7EDB509AA938}", "{2646205B-878C-11D1-B07C-0000C040BCDB}",
+ "{433268D7-2CD4-43E6-AA24-2188672E7252}", "{0D1011B3-89C8-4F8E-8693-BB970E2E81E0}",
+ "{D22AC3EF-B7D8-11D5-A281-005056BF0101}", "{FFFB1D8B-88D6-4C91-BB62-378625E8C73E}",
+ "{765E6B09-6832-4738-BDBE-25F226BA2AB0}", "{A27AD582-5BE5-4C2D-82F0-48B24FE02040}",
+ "{E4463A35-7E7A-4621-8248-91307AFA8EAD}", "{87D1A6EF-8CBC-458A-84B5-0333562418CD}",
+ "{A4A435CF-3583-11D4-91BD-0048546A1450}", "{6ABC861A-31E7-4D91-B43B-D3C98F22A5C0}",
+ "{97852E80-5BE4-4F90-B24F-0947E44761A2}", "{136A9D1D-1F4B-43D4-8359-6F2382449255}",
+ "{EFD84954-6B46-42f4-81F3-94CE9A77052D}", "{0B40A54D-BEC3-4077-9A33-701BD6ACDEB2}",
+ "{9EB320CE-BE1D-4304-A081-4B4665414BEF}", "{E2F2B9D0-96B9-4B25-B90C-636ECB207D18}",
+ "{4B6015E7-3ABB-45DC-96B7-55A843751F28}", "{D94AAA2A-C415-42E3-82B6-49FAB4EBFFE9}",
+ "{E055C02E-6258-40FF-80A7-3BDA52FACAD7}", "{AA7F2000-EA05-489d-900C-3C7C0A5497A3}",
+ "{36DBC179-A19F-48F2-B16A-6A3E19B42A87}", "{E838FBB2-574D-4926-9C81-CCB15F3A3F53}",
+ "{06CC1B18-42FA-41B8-91A9-D3E3A848C7A8}", "{EC935945-F1FD-4EE4-9115-FB32CE93F34F}",
+ "{6B2455FD-3669-4555-8DF8-69FD5BC846F8}", "{D34F5D71-99E4-4D96-91CA-F4104F69B8AE}",
+ "{4E7BD74F-2B8D-469E-DFF7-EC6BF4D5FA7D}", "{5A9E5061-EB7F-45FE-BDE6-3B7FDC5CFF32}",
+ "{B18FDF1D-4FBB-411D-9C59-AAFA7D4998E0}", "{09B68AD9-FF66-3E63-636B-B693E62F6236}",
+ "{02478D38-C3F9-4efb-9B51-7695ECA15670}", "{706f3805-27d7-478d-80e5-e25d2bb030b3}",
+ "{B212D577-05B7-4963-911E-4A8588160DFA}", "{eee7178c-bbc3-4153-9dde-cd0e9ab1b5b6}",
+ "{1AE6D7D5-0C28-4DB6-9FD1-33B870A4C5F2}", "{53E10C2C-43B2-4657-BA29-AAE179E7D35C}",
+ "{327C3AF0-4EF6-4f8a-9A8D-685A4815D9F8}", "{3845CD5A-6FA0-3E0C-3980-000CD8DE3A31}",
+ "{6FAA7D12-F331-4B51-8D72-877A3CE20E84}");
+
+refeList = make_list(
+ "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5002",
+ "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4919",
+ "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4342",
+ "http://archives.neohapsis.com/archives/fulldisclosure/2008-07/0509.html",
+ "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4342",
+ "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5232",
+ "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5492",
+ "http://securityresponse.symantec.com/avcenter/venc/data/dialer.instantaccess.html",
+ "http://www.viruslist.com/en/viruses/encyclopedia?virusid=67936",
+ "http://www.viruslist.com/en/viruses/encyclopedia?virusid=74565",
+ "http://www.spywareguide.com/product_show.php?id=431",
+ "http://www.spywareguide.com/product_show.php?id=860",
+ "http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453094115",
+ "http://www.symantec.com/security_response/writeup.jsp?docid=2005-053116-0108-99",
+ "http://www.spywareguide.com/product_show.php?id=458",
+ "http://www.spywareguide.com/product_show.php?id=648",
+ "http://www.kephyr.com/spywarescanner/library/mirartoolbar.winnb42/index.phtml",
+ "http://www.trendmicro.com/vinfo/grayware/ve_graywareDetails.asp?GNAME=ADW_SUPERBAR.A",
+ "http://www.kephyr.com/spywarescanner/library/relatedlinks.lbbho/index.phtml",
+ "http://de.trendmicro-europe.com/enterprise/vinfo/encyclopedia.php?LYstr=VMAINDATA&vNav=3&VName=TROJ_WINSHOW.AF",
+ "http://www.spywareguide.com/product_show.php?id=813",
+ "http://www.symantec.com/security_response/print_writeup.jsp?docid=2003-080414-3713-99",
+ "http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453079049",
+ "http://www.superantispyware.com/definition/halflemon/",
+ "http://research.sunbelt-software.com/threatdisplay.aspx?name=Trojan-Downloader.Matcash&threatid=89006",
+ "http://vil.nai.com/vil/Content/v_142599.htm",
+ "http://vil.nai.com/vil/content/v_141822.htm",
+ "http://vil.nai.com/vil/content/v_142672.htm",
+ "http://vil.nai.com/vil/content/v_138384.htm",
+ "http://vil.nai.com/vil/content/v_138384.htm",
+ "http://vil.nai.com/vil/content/v_139523.htm",
+ "http://vil.nai.com/vil/content/v_142381.htm",
+ "http://vil.nai.com/vil/content/v_132034.htm",
+ "http://vil.nai.com/vil/content/v_140376.htm",
+ "http://vil.nai.com/vil/content/v_142395.htm",
+ "http://vil.nai.com/vil/content/v_132847.htm",
+ "http://vil.nai.com/vil/content/v_140856.htm",
+ "http://vil.nai.com/vil/content/v_137381.htm",
+ "http://vil.nai.com/vil/content/v_134309.htm",
+ "http://vil.nai.com/vil/content/v_137508.htm",
+ "http://vil.nai.com/vil/content/v_127690.htm",
+ "http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453072526",
+ "http://www.f-secure.com/v-descs/trojan-spy_w32_banker_cpv.shtml",
+ "http://www.viruslist.com/en/viruses/encyclopedia?virusid=74127",
+ "http://www.viruslist.com/en/viruses/encyclopedia?virusid=75772");
+
+i = 0;
+flag = 0;
+actvxInfo = "";
+foreach id (clsid)
+{
+ if(is_killbit_set(clsid:id) == 0)
+ {
+ actvxInfo = actvxInfo + "\n\nCLSID : " + id + "\nReference : " + refeList[i];
+ flag = 1;
+ }
+ i++;
+}
+
+if(flag == 1){
+ solution = string("Workaround: Set the killbit for the above CLSID(s).\n",
+ "Refer http://support.microsoft.com/kb/240797");
+ security_warning(data:string(desc["english"], "\n\nThe following clsid(s) ",
+ "were found on the remote host, which are ",
+ "related to dangerous ActiveX controls.",
+ actvxInfo, "\n\n", solution));
+}
Property changes on: trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl
___________________________________________________________________
Name: svn:executable
+ *
More information about the Openvas-commits
mailing list