[Openvas-commits] r3324 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Mon May 11 12:40:30 CEST 2009 

Author: chandra
Date: 2009-05-11 12:40:28 +0200 (Mon, 11 May 2009)
New Revision: 3324

Removed:
   trunk/openvas-plugins/scripts/gb_merak_mail_server_bof_vuln.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/IceWarp_Merak_Mail_Server_34739.nasl
Log:
Deleted a duplicate script

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-05-11 10:38:35 UTC (rev 3323)
+++ trunk/openvas-plugins/ChangeLog	2009-05-11 10:40:28 UTC (rev 3324)
@@ -1,4 +1,11 @@
 2009-05-11 Chandrashekhar B <bchandra at secpod.com>
+	* scripts/gb_merak_mail_server_bof_vuln.nasl:
+	Deleted as it was duplicate
+
+	* scripts/IceWarp_Merak_Mail_Server_34739.nasl:
+	Updated
+
+2009-05-11 Chandrashekhar B <bchandra at secpod.com>
 	* scripts/gb_ibm_db2_info_disc_vuln_lin.nasl,
 	scripts/gb_twiki_csrf_vuln.nasl,
 	scripts/gb_foswiki_detect.nasl,

Modified: trunk/openvas-plugins/scripts/IceWarp_Merak_Mail_Server_34739.nasl
===================================================================
--- trunk/openvas-plugins/scripts/IceWarp_Merak_Mail_Server_34739.nasl	2009-05-11 10:38:35 UTC (rev 3323)
+++ trunk/openvas-plugins/scripts/IceWarp_Merak_Mail_Server_34739.nasl	2009-05-11 10:40:28 UTC (rev 3324)
@@ -54,25 +54,19 @@
   Risk factor: Medium";
 
   script_description(english:desc["english"]);
-  script_dependencies("find_service.nes");
-  script_require_ports("Services/smtp", 25);
+  script_dependencies("gb_merak_mail_server_detect.nasl");
+  script_require_keys("MerakMailServer/Ver");
   exit(0);
 }
 
-include("smtp_func.inc");
 
-port = get_kb_item("Services/smtp");
-if(!port){
-  port = 25;
+include("version_func.inc");
+  
+merakVer = get_kb_item("MerakMailServer/Ver");
+if(merakVer == NULL){
+  exit(0);
+} 
+ 
+if(version_is_less_equal(version:merakVer, test_version:"9.4.1")){
+  security_hole(0);
 }
-
-if(get_port_state(port))
-{
-  response = get_smtp_banner(port);
-  if("IceWarp" >< response)
-  {
-    if(egrep(pattern:"IceWarp 9.4.1" , string:response)){
-      security_warning(port);
-    }
-  }
-}

Deleted: trunk/openvas-plugins/scripts/gb_merak_mail_server_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_merak_mail_server_bof_vuln.nasl	2009-05-11 10:38:35 UTC (rev 3323)
+++ trunk/openvas-plugins/scripts/gb_merak_mail_server_bof_vuln.nasl	2009-05-11 10:40:28 UTC (rev 3324)
@@ -1,87 +0,0 @@
-###############################################################################
-# OpenVAS Vulnerability Test
-# $Id: gb_merak_mail_server_bof_vuln.nasl 2137 2009-05-07 15:21:13Z may $
-#
-# Merak Mail Server Stack Overflow Vulnerability
-#
-# Authors:
-# Sujit Ghosal <sghosal at secpod.com>
-#
-# Copyright:
-# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version 2
-# (or any later version), as published by the Free Software Foundation.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-###############################################################################
-
-if(description)
-{
-  script_id(800705);
-  script_version("$Revision: 1.0 $");
-  script_cve_id("CVE-2009-1516");
-  script_bugtraq_id(34739);
-  script_name(english:"Merak Mail Server Stack Overflow Vulnerability");
-  desc["english"] = "
-
-  Overview: The host is running Merak Mail Server and is prone to Stack
-  Overflow vulnerability.
-
-  Vulnerability:
-  This flaw is due to IceWarpServer.APIObject ActiveX Control in api.dll
-  which allows context-dependent attackers to execute large value in the
-  second argument to Base64FileEncode function.
-
-  Impact:
-  Successful exploitation will enable the attacker cause arbitrary code
-  execution in the context of the affected mail server.
-
-  Impact Level: Application
-
-  Affected Software/OS:
-  Merak Mail Server 9.4.1 or prior.
-
-  Fix: No solution or patch is available as on 11th May, 2009. Information
-  regarding this issue will be updated once the solution details are available.
-  For further updates refer,
-  http://www.icewarp.it/downloads/windows_platform/index.php
-  http://www.icewarp.it/downloads/linux_platform/index.php
-
-  References:
-  http://www.milw0rm.com/exploits/8542
-
-  CVSS Score:
-    CVSS Base Score     : 7.5 (AV:N/AC:L/Au:NR/C:P/I:P/A:P)
-    CVSS Temporal Score : 6.7
-  Risk factor: High";
-
-  script_description(english:desc["english"]);
-  script_summary(english:"Check for the version of Merak Mail Server");
-  script_category(ACT_GATHER_INFO);
-  script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
-  script_family(english:"Buffer overflow");
-  script_dependencies("gb_merak_mail_server_detect.nasl");
-  script_require_keys("MerakMailServer/Ver");
-  exit(0);
-}
-
-
-include("version_func.inc");
-
-merakVer = get_kb_item("MerakMailServer/Ver");
-if(merakVer == NULL){
-  exit(0);
-}
-
-if(version_is_less_equal(version:merakVer, test_version:"9.4.1")){
-  security_hole(0);
-}

More information about the Openvas-commits mailing list