[Openvas-commits] r3455 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Fri May 22 08:49:19 CEST 2009


Author: chandra
Date: 2009-05-22 08:49:17 +0200 (Fri, 22 May 2009)
New Revision: 3455

Added:
   trunk/openvas-plugins/scripts/gb_koschtit_image_gallery_dir_trav_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_java_jre_actvx_ctrl_mult_bof_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_mini_stream_rm_downloader_bof_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_ntp_bof_vuln_may09.nasl
   trunk/openvas-plugins/scripts/secpod_pango_bof_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_pango_detect.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
Checkedin New scripts.

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-05-20 16:41:14 UTC (rev 3454)
+++ trunk/openvas-plugins/ChangeLog	2009-05-22 06:49:17 UTC (rev 3455)
@@ -1,3 +1,12 @@
+2009-05-22 Chandan S <schandan at secpod.com>
+	* scripts/gb_koschtit_image_gallery_dir_trav_vuln.nasl,
+	scripts/secpod_java_jre_actvx_ctrl_mult_bof_vuln.nasl,
+	scripts/secpod_mini_stream_rm_downloader_bof_vuln.nasl,
+	scripts/secpod_ntp_bof_vuln_may09.nasl,
+	scripts/secpod_pango_bof_vuln.nasl,
+	scripts/secpod_pango_detect.nasl:
+	Checkedin New scripts.
+
 2009-05-20 Chandrashekhar B <bchandra at secpod.com>
 	* extra/lsc_generator/test/sanity_test.py,
 	extra/lsc_generator/test/unit_test/test_gentoo.py,

Added: trunk/openvas-plugins/scripts/gb_koschtit_image_gallery_dir_trav_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_koschtit_image_gallery_dir_trav_vuln.nasl	2009-05-20 16:41:14 UTC (rev 3454)
+++ trunk/openvas-plugins/scripts/gb_koschtit_image_gallery_dir_trav_vuln.nasl	2009-05-22 06:49:17 UTC (rev 3455)
@@ -0,0 +1,116 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_koschtit_image_gallery_dir_trav_vuln.nasl 2113 2009-05-21 20:38:56Z may $
+#
+# KoschtIT Image Gallery Multiple Directory Traversal Vulnerabilities
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(800803);
+  script_version("$Revision: 1.0 $");
+  script_cve_id("CVE-2009-1510");
+  script_bugtraq_id(34335);
+  script_name(english:"KoschtIT Image Gallery Multiple Directory Traversal Vulnerabilities");
+  desc["english"] = "
+
+  Overview: This host is running KoschtIT Image Gallery and is prone to multiple
+  Directory Traversal vulnerabilities.
+
+  Vulnerability Insight:
+  Improper validation check while processing user supplied input in the file
+  parameter for the files 'ki_makepic.php' and 'ki_nojsdisplayimage.php' under
+  ki_base directory.
+
+  Impact:
+  Successful exploitation will let the attacker execute arbitrary commands to
+  retrieve local system related files and gain sensitive information.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  KoschtIT Image Gallery version 1.82 and prior
+
+  Fix: Upgrade to KoschtIT Image Gallery version 2.0 Beta 1
+  http://koschtit.tabere.net/en
+
+  References:
+  http://www.milw0rm.com/exploits/8334
+  http://en.securitylab.ru/nvd/378734.php
+  http://koschtit.tabere.net/forum/showthread.php?tid=6
+
+  CVSS Score:
+    CVSS Base Score     : 7.5 (AV:N/AC:L/Au:NR/C:P/I:P/A:P)
+    CVSS Temporal Score : 5.9
+  Risk factor: High";
+
+  script_description(english:desc["english"]);
+  script_summary(english:"Check for the version of KoschtIT Image Gallery");
+  script_category(ACT_GATHER_INFO);
+  script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
+  script_family(english:"Web application abuses");
+  script_dependencies("find_service.nes");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+koschITPort = get_http_port(default:80);
+if(!koschITPort){
+  koschITPort = 80;
+}
+
+if(!get_port_state(koschITPort)){
+  exit(0);
+}
+
+foreach dir (make_list("/kos2", "/koschtit", "/koschtit2", "/", cgi_dirs()))
+{
+  sndReq = http_get(item:string(dir + "/changelog.txt"), port:koschITPort);
+  rcvRes = http_send_recv(port:koschITPort, data:sndReq);
+
+  if("KoschtIT Image Gallery" >< rcvRes)
+  {
+    # Match for KoschtIT Image Gallery Version
+    ver = eregmatch(pattern:"Gallery ([0-9.]+)(beta)?([0-9]+)?", string:rcvRes);
+    if(ver[1] != NULL)
+    {
+      if(ver[1] != NULL && ver[3] != NULL){
+        version = ver[1] + "." + ver[3]; # ver[3] points to beta version.
+      }
+      else
+        version = ver[1];
+    }
+
+    if(version != NULL)
+    {
+      if(version_is_less_equal(version:version, test_version:"1.82"))
+      {
+        security_hole(koschITPort);
+        exit(0);
+      }
+    }
+  }
+}


Property changes on: trunk/openvas-plugins/scripts/gb_koschtit_image_gallery_dir_trav_vuln.nasl
___________________________________________________________________
Name: svn:executable
   + *

Added: trunk/openvas-plugins/scripts/secpod_java_jre_actvx_ctrl_mult_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_java_jre_actvx_ctrl_mult_bof_vuln.nasl	2009-05-20 16:41:14 UTC (rev 3454)
+++ trunk/openvas-plugins/scripts/secpod_java_jre_actvx_ctrl_mult_bof_vuln.nasl	2009-05-22 06:49:17 UTC (rev 3455)
@@ -0,0 +1,121 @@
+#################################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_java_jre_actvx_ctrl_mult_bof_vuln.nasl 2379 2009-05-19 17:35:41Z may $
+#
+# Java JRE deploytk.dll ActiveX Control Multiple BOF Vulnerabilities
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#################################################################################
+
+if(description)
+{
+  script_id(900354);
+  script_version("$Revision: 1.0 $");
+  script_cve_id("CVE-2009-1671", "CVE-2009-1672");
+  script_bugtraq_id(34931);
+  script_name(english:"Java JRE deploytk.dll ActiveX Control Multiple BOF Vulnerabilities");
+  desc["english"] = "
+
+  Overview: This host is installed with Java JRE Deployment Toolkit ActiveX and
+  is prone to multiple buffer overflow vulnerabilities.
+
+  Vulnerability Insight:
+  Multiple buffer overflow are caused due to,
+  - error in deploytk.dll file control while processing the setInstallerType,
+    setAdditionalPackages, compareVersion, getStaticCLSID and launch method.
+  - error in installLatestJRE or installJRE method in deploytk.dll control and
+    it can allow attacker to launch JRE installation processes.
+  - error in launch method can cause script code execution via a .jnlp URL.
+
+  Impact:
+  Attacker may exploit this issue to launch JRE installation and execute
+  arbitrary script code on the victim's system, and can deny the service.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  Sun Java JRE version 6 Update 1 to 6 Update 13 and prior
+  Sun Microsystems, deploytk.dll version 6.0.130.3 and prior
+
+  Fix: No solution or patch is available as on 21st May, 2009. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://java.sun.com
+
+  Workaround:
+  Set the killbit for the CLSID {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}
+  http://support.microsoft.com/kb/240797
+
+  References:
+  http://www.milw0rm.com/exploits/8665
+  http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html
+
+  CVSS Score:
+    CVSS Base Score     : 10.0 (AV:N/AC:L/Au:NR/C:C/I:C/A:C)
+    CVSS Temporal Score : 9.0
+  Risk factor: Critical";
+
+  script_description(english:desc["english"]);
+  script_summary(english:"Check for the Version of deploytk.dll and JAVA JRE");
+  script_category(ACT_GATHER_INFO);
+  script_copyright(english:"Copyright (C) 2009 SecPod");
+  script_family(english:"Buffer overflow");
+  script_dependencies("secpod_reg_enum.nasl", "gb_java_prdts_detect_win.nasl");
+  script_require_keys("SMB/WindowsVersion", "Sun/Java/JRE/Win/Ver");
+  exit(0);
+}
+
+
+include("smb_nt.inc");
+include("version_func.inc");
+include("secpod_activex.inc");
+include("secpod_smb_func.inc");
+
+
+jreVer = get_kb_item("Sun/Java/JRE/Win/Ver");
+if(!jreVer){
+  exit(0);
+}
+
+jreVer = ereg_replace(pattern:"_", string:jreVer, replace: ".");
+if(version_in_range(version:jreVer, test_version:"1.6.0", test_version2:"1.6.0.13"))
+{
+  dllPath = registry_get_sz(key:"SOFTWARE\Microsoft\COM3\Setup",
+                            item:"Install Path");
+  if(!dllPath){
+    exit(0);
+  }
+
+  share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:dllPath);
+  file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1",
+                       string:dllPath + "\deploytk.dll");
+
+  dllVer = GetVer(file:file, share:share);
+  if(!dllVer){
+    exit(0);
+  }
+
+  # Check for version of deploytk.dll
+  if(version_is_less_equal(version:dllVer, test_version:"6.0.130.3"))
+  {
+    if(is_killbit_set(clsid:"{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}") == 0){
+      security_hole(0);
+    }
+  }
+}


Property changes on: trunk/openvas-plugins/scripts/secpod_java_jre_actvx_ctrl_mult_bof_vuln.nasl
___________________________________________________________________
Name: svn:executable
   + *

Added: trunk/openvas-plugins/scripts/secpod_mini_stream_rm_downloader_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_mini_stream_rm_downloader_bof_vuln.nasl	2009-05-20 16:41:14 UTC (rev 3454)
+++ trunk/openvas-plugins/scripts/secpod_mini_stream_rm_downloader_bof_vuln.nasl	2009-05-22 06:49:17 UTC (rev 3455)
@@ -0,0 +1,87 @@
+##############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_mini_stream_rm_downloader_bof_vuln.nasl 2349 2009-05-18 15:15:24Z may $
+#
+# Mini-stream RM Downloader Stack Overflow Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(900645);
+  script_version("Revision: 1.0");
+  script_cve_id("CVE-2009-1646");
+  script_bugtraq_id(34860);
+  script_name(english:"Mini-stream RM Downloader Stack Overflow Vulnerability");
+  desc["english"] = "
+
+  Overview:
+  This host has Mini-Stream RM Downloader installed and is prone to Stack
+  Overflow Vulnerability.
+
+  Vulnerability Insight:
+  Inadequate validation of user supplied data while processing long rtsp URL
+  in .ram files.
+
+  Impact:
+  Successful exploitation will let the attacker execute arbitrary codes through
+  crafting a malicious '.ram' file and can cause application crash in the
+  affected system.
+
+  Impact Level: Application.
+
+  Affected Software/OS:
+  RM Downloader version 3.0.0.9 and prior on Windows
+
+  Fix: No solution or patch is available as on 22nd May, 2009. Information
+  regarding this issue will be updated once the solution details are available
+  For updates refer, http://mini-stream.net/rm-downloader/download
+
+  References:
+  http://www.milw0rm.com/exploits/8628
+  http://en.securitylab.ru/nvd/379630.php
+
+  CVSS Score:
+    CVSS Base Score     : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C)
+    CVSS Temporal Score : 8.4
+  Risk factor : Critical";
+
+  script_description(english:desc["english"]);
+  script_summary(english:"Checks for the version of Mini Stream RM Downloader");
+  script_category(ACT_GATHER_INFO);
+  script_copyright(english:"Copyright (C) 2009 SecPod");
+  script_family(english:"Buffer overflow");
+  script_dependencies("secpod_mini_stream_prdts_detect.nasl");
+  script_require_keys("MiniStream/RMDown/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+rmDown = get_kb_item("MiniStream/RMDown/Ver");
+if(rmDown)
+{
+  # Ministream RM Downloader 3.0.0.9 points to the version 3.0.2.1
+  if(version_is_less_equal(version:rmDown, test_version:"3.0.2.1")){
+    security_hole(0);
+  }
+}

Added: trunk/openvas-plugins/scripts/secpod_ntp_bof_vuln_may09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ntp_bof_vuln_may09.nasl	2009-05-20 16:41:14 UTC (rev 3454)
+++ trunk/openvas-plugins/scripts/secpod_ntp_bof_vuln_may09.nasl	2009-05-22 06:49:17 UTC (rev 3455)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ntp_bof_vuln_may09.nasl 2394 2009-05-20 15:15:28 may $
+#
+# NTP 'ntpd' Autokey Stack Overflow Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(900652);
+  script_version("$Revision: 1.0 $");
+  script_cve_id("CVE-2009-1252");
+  script_bugtraq_id(35017);
+  script_name(english:"NTP 'ntpd' Autokey Stack Overflow Vulnerability");
+  desc["english"] = "
+
+  Overview:
+  This host is running NTP Daemon and is prone to stack overflow vulnerability.
+
+  Vulnerability Insight:
+  This flaw is caused due to configuration error in ntp daemon's NTPv4
+  authentication code. If ntp daemon is configured to use Public Key
+  Cryptography for NTP Packet authentication which lets the attacker send
+  crafted NTP requests.
+
+  Impact:
+  Successful exploitation will let the attacker craft a specially malicious
+  NTP request packet which can crash ntp daemon or can cause arbitrary code
+  execution in the affected machine with local user's privilege.
+
+  Impact level: Application.
+
+  Affected Software/OS:
+  NTP version prior to 4.2.4p7
+  NTP version 4.2.5 to 4.2.5p73
+
+  Fix: Apply the security update according to the OS version.
+  https://admin.fedoraproject.org/updates/search/ntp
+
+  References:
+  https://launchpad.net/bugs/cve/2009-1252
+  http://rhn.redhat.com/errata/RHSA-2009-1040.html
+  https://bugzilla.redhat.com/show_bug.cgi?id=499694
+
+  CVSS Score:
+   CVSS Base Score      : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P)
+   CVSS Temporal Score  : 5.0
+  Risk factor: Medium";
+
+  script_description(english:desc["english"]);
+  script_summary(english:"Check for the version of NTP Daemon");
+  script_category(ACT_GATHER_INFO);
+  script_copyright(english:"Copyright (C) 2009 SecPod");
+  script_family(english:"Buffer overflow");
+  script_dependencies("gb_ntp_detect_lin.nasl");
+  script_require_keys("NTP/Linux/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+ntpPort = 123;
+if(!get_udp_port_state(ntpPort)){
+  exit(0);
+}
+
+ntpVer = get_kb_item("NTP/Linux/Ver");
+if(ntpVer == NULL){
+  exit(0);
+}
+
+if(version_is_less(version:ntpVer, test_version:"4.2.4.p7") ||
+   version_in_range(version:ntpVer, test_version:"4.2.5", test_version2:"4.2.5.p73") ||
+   version_is_equal(version:ntpVer, test_version:"4.2.4.p7.RC2")){
+  security_warning(port:ntpPort, proto:"udp");
+}

Added: trunk/openvas-plugins/scripts/secpod_pango_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_pango_bof_vuln.nasl	2009-05-20 16:41:14 UTC (rev 3454)
+++ trunk/openvas-plugins/scripts/secpod_pango_bof_vuln.nasl	2009-05-22 06:49:17 UTC (rev 3455)
@@ -0,0 +1,87 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_pango_bof_vuln.nasl 2243 2009-05-20 15:05:27Z may $
+#
+# Pango Integer Buffer Overflow Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(900644);
+  script_version("$Revision: 1.0 $");
+  script_cve_id("CVE-2009-1194");
+  script_bugtraq_id(34870);
+  script_name(english:"Pango Integer Buffer Overflow Vulnerability");
+  desc["english"] = "
+
+  Overview: This host has installed with Pango and is prone to Integer Buffer
+  Overflow vulnerability
+
+  Vulnerability Insight:
+  Error in pango_glyph_string_set_size function in pango/glyphstring.c file,
+  which fails to perform adequate boundary checks on user-supplied data before
+  using the data to allocate memory buffers.
+
+  Impact:
+  Successful exploitation will let the attacker to execute arbitrary code via
+  a long glyph string, and can cause denial of service.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Pango version prior to 1.24.0
+
+  Fix:
+  Upgrade to pango version 1.24.0 or later
+  http://ftp.acc.umu.se/pub/GNOME/sources/pango/
+
+  References:
+  http://secunia.com/advisories/35018
+  http://www.debian.org/security/2009/dsa-1798
+  http://www.openwall.com/lists/oss-security/2009/05/07/1
+
+  CVSS Score:
+    CVSS Base Score     : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P)
+    CVSS Temporal Score : 5.0
+  Risk factor: Medium";
+
+  script_description(english:desc["english"]);
+  script_summary(english:"Check for the Version of Pango");
+  script_category(ACT_GATHER_INFO);
+  script_copyright(english:"Copyright (C) 2009 SecPod");
+  script_family(english:"Buffer overflow");
+  script_dependencies("secpod_pango_detect.nasl");
+  script_require_keys("Pango/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+pangoVer = get_kb_item("Pango/Ver");
+if(!pangoVer){
+  exit(0);
+}
+
+if(version_is_less(version:pangoVer, test_version:"1.24.0")){
+  security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/secpod_pango_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_pango_detect.nasl	2009-05-20 16:41:14 UTC (rev 3454)
+++ trunk/openvas-plugins/scripts/secpod_pango_detect.nasl	2009-05-22 06:49:17 UTC (rev 3455)
@@ -0,0 +1,64 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_pango_detect.nasl 2243 2009-05-20 15:21:24Z may $
+#
+# Pango Version Detection
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(900643);
+  script_version("Revision: 1.0 ");
+  script_name(english:"Pango Version Detection");
+  desc["english"] = "
+
+  Overview: This script detects the installed version of Pango and sets the
+  result in KB.
+
+  Risk factor: Informational";
+
+  script_description(english:desc["english"]);
+  script_summary(english:"Set KB for the version of Pango");
+  script_category(ACT_GATHER_INFO);
+  script_copyright(english:"Copyright (C) 2009 SecPod");
+  script_family(english:"Service detection");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+sock = ssh_login_or_reuse_connection();
+if(!sock){
+  exit(0);
+}
+
+paths = find_bin(prog_name:"pango-view", sock:sock);
+foreach pangobin (paths)
+{
+  pangoVer = get_bin_version(full_prog_name:chomp(pangobin), sock:sock,
+                             version_argv:"--version", ver_pattern:"([0-9.]+)");
+  if(pangoVer[1] != NULL){
+    set_kb_item(name:"Pango/Ver", value:pangoVer[1]);
+  }
+}
+ssh_close_connection();



More information about the Openvas-commits mailing list