[Openvas-commits] r5842 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Wed Nov 11 19:07:41 CET 2009
Author: chandra
Date: 2009-11-11 19:07:38 +0100 (Wed, 11 Nov 2009)
New Revision: 5842
Added:
trunk/openvas-plugins/scripts/secpod_ms09-064.nasl
trunk/openvas-plugins/scripts/secpod_ms09-065.nasl
trunk/openvas-plugins/scripts/secpod_ms09-067.nasl
trunk/openvas-plugins/scripts/secpod_ms09-068.nasl
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/scripts/secpod_ms_office_detection_900025.nasl
Log:
Added MS Bulletin plugins - Nov09
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2009-11-11 14:56:44 UTC (rev 5841)
+++ trunk/openvas-plugins/ChangeLog 2009-11-11 18:07:38 UTC (rev 5842)
@@ -1,3 +1,14 @@
+2009-11-11 Chandrashekhar B <bchandra at secpod.com>
+
+ * scripts/secpod_ms09-068.nasl,
+ scripts/secpod_ms09-065.nasl,
+ scripts/secpod_ms09-067.nasl,
+ scripts/secpod_ms09-064.nasl:
+ Added MS Bulletin plugins for Nov-09.
+
+ * scripts/secpod_ms_office_detection_900025.nasl:
+ Addressed an issue with version detection.
+
2009-11-11 Thomas Reinke <reinke at securityspace.com>
* scripts/deb_1921_1.nasl,
scripts/deb_1922_1.nasl,
Added: trunk/openvas-plugins/scripts/secpod_ms09-064.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms09-064.nasl 2009-11-11 14:56:44 UTC (rev 5841)
+++ trunk/openvas-plugins/scripts/secpod_ms09-064.nasl 2009-11-11 18:07:38 UTC (rev 5842)
@@ -0,0 +1,110 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ms09-064.nasl 5695 2009-11-11 21:34:09Z nov $
+#
+# MS Windows License Logging Server Remote Code Execution Vulnerability (974783)
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(901047);
+ script_version("$Revision: 1.0 $");
+ script_cve_id("CVE-2009-2523");
+ script_bugtraq_id(36921);
+ script_name("MS Windows License Logging Server Remote Code Execution Vulnerability (974783)");
+ desc = "
+ Overview: This host has critical security update missing according to
+ Microsoft Bulletin MS09-064.
+
+ Vulnerability Insight:
+ This issue is caused by a buffer overflow error in 'Llssrv.exe' when handling
+ specially crafted RPC packets.
+
+ Impact:
+ Successful exploitation will let the remote attackers to crash an affected
+ Service or execute arbitrary code on the victim's system.
+
+ Impact Level: System/Aplication.
+
+ Affected Software/OS:
+ Microsoft Windows 2K Service Pack 4 and prior.
+
+ Fix:
+ Run Windows Update and update the listed hotfixes or download and
+ update mentioned hotfixes in the advisory from the below link,
+ http://www.microsoft.com/technet/security/bulletin/ms09-064.mspx
+
+ References:
+ http://support.microsoft.com/kb/974783
+ http://www.vupen.com/english/advisories/2009/3190
+ http://www.microsoft.com/technet/security/bulletin/ms09-064.mspx
+
+ Risk factor: Critical";
+
+ script_description(desc);
+ script_summary("Check for the version of 'Llssrv.exe' file");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2009 SecPod");
+ script_family("Windows : Microsoft Bulletins");
+ script_dependencies("secpod_reg_enum.nasl");
+ script_require_ports(139, 445);
+ exit(0);
+}
+
+
+include("smb_nt.inc");
+include("secpod_reg.inc");
+include("version_func.inc");
+include("secpod_smb_func.inc");
+
+if(hotfix_check_sp(win2k:5) <= 0){
+ exit(0);
+}
+
+if(!registry_key_exists(key:"SYSTEM\CurrentControlSet\Services"+
+ "\LicenseService")){
+ exit(0);
+}
+
+# MS09-064 Hotfix check
+if(hotfix_missing(name:"974783") == 0){
+ exit(0);
+}
+
+exePath = registry_get_sz(key:"SOFTWARE\Microsoft\COM3\Setup",
+ item:"Install Path");
+if(!exePath){
+ exit(0);
+}
+
+share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:exePath);
+file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:exePath +
+ "\Llssrv.exe");
+exeVer = GetVer(file:file, share:share);
+if(!exeVer){
+ exit(0);
+}
+
+# Grep for Llssrv.exe version < 5.0.2195.7337
+if(version_is_less(version:exeVer, test_version:"5.0.2195.7337")){
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/secpod_ms09-065.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms09-065.nasl 2009-11-11 14:56:44 UTC (rev 5841)
+++ trunk/openvas-plugins/scripts/secpod_ms09-065.nasl 2009-11-11 18:07:38 UTC (rev 5842)
@@ -0,0 +1,157 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ms09-065.nasl 5694 2009-11-11 09:20:09Z nov $
+#
+# Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (969947)
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(900886);
+ script_version("$Revision: 1.0 $");
+ script_cve_id("CVE-2009-1127", "CVE-2009-2513", "CVE-2009-2514");
+ script_bugtraq_id(36939, 36941, 36029);
+ script_name("Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (969947)");
+ desc = "
+ Overview: This host has critical security update missing according to
+ Microsoft Bulletin MS09-065.
+
+ Vulnerability Insight:
+ - An error in the Win32k kernel-mode driver 'Win32k.sys' when parsing
+ font code can be exploited to execute arbitrary code if a user
+ views content rendered in a specially crafted Embedded OpenType (EOT)
+ font, when a user visits a malicious web site.
+ - Some vulnerabilities in the Win32k kernel-mode driver can be exploited by
+ malicious, local users to gain escalated privileges.
+ - An error in the Win32k kernel-mode driver 'Win32k.sys' when handling input
+ passed through the kernel component of GDI (Graphics Device Interface) can
+ be exploited to execute arbitrary code in kernel mode.
+
+ Impact:
+ Successful exploitation could allow attackers to remote attackers to compromise
+ a vulnerable system or by local attackers to gain elevated privileges.
+
+ Impact Level: System
+
+ Affected Software/OS:
+ Microsoft Windows 2K Service Pack 4 and prior.
+ Microsoft Windows XP Service Pack 3 and prior.
+ Microsoft Windows 2K3 Service Pack 2 and prior.
+
+ Fix:
+ Run Windows Update and update the listed hotfixes or download and
+ update mentioned hotfixes in the advisory from the below link,
+ http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx
+
+ References:
+ http://secunia.com/advisories/37318/
+ http://support.microsoft.com/kb/969947
+ http://www.vupen.com/english/advisories/2009/3191
+ http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx
+
+ Risk factor: Critical";
+
+ script_description(desc);
+ script_summary("Check for the version of Win32k.sys file");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2009 SecPod");
+ script_family("Windows : Microsoft Bulletins");
+ script_dependencies("secpod_reg_enum.nasl");
+ script_require_ports(139, 445);
+ exit(0);
+}
+
+
+include("smb_nt.inc");
+include("secpod_reg.inc");
+include("version_func.inc");
+include("secpod_smb_func.inc");
+
+if(hotfix_check_sp(win2k:5, xp:4, win2003:3) <= 0){
+ exit(0);
+}
+
+# MS09-065 Hotfix Check
+if(hotfix_missing(name:"969947") == 0){
+ exit(0);
+}
+
+sysPath = registry_get_sz(key:"SOFTWARE\Microsoft\COM3\Setup",
+ item:"Install Path");
+if(!sysPath){
+ exit(0);
+}
+
+share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:sysPath);
+file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1",
+ string:sysPath + "\Win32k.sys");
+sysVer = GetVer(file:file, share:share);
+if(!sysVer){
+ exit(0);
+}
+
+# Windows 2K
+if(hotfix_check_sp(win2k:5) > 0)
+{
+ # Grep for Win32k.sys version < 5.0.2195.7322
+ if(version_is_less(version:sysVer, test_version:"5.0.2195.7322")){
+ security_hole(0);
+ }
+}
+
+# Windows XP
+else if(hotfix_check_sp(xp:4) > 0)
+{
+ SP = get_kb_item("SMB/WinXP/ServicePack");
+ if("Service Pack 2" >< SP)
+ {
+ # Grep for Win32k.sys < 5.1.2600.3614
+ if(version_is_less(version:sysVer, test_version:"5.1.2600.3614")){
+ security_hole(0);
+ }
+ exit(0);
+ }
+ else if("Service Pack 3" >< SP)
+ {
+ # Grep for Win32k.sys < 5.1.2600.5863
+ if(version_is_less(version:sysVer, test_version:"5.1.2600.5863")){
+ security_hole(0);
+ }
+ exit(0);
+ }
+ security_hole(0);
+}
+
+# Windows 2003
+else if(hotfix_check_sp(win2003:3) > 0)
+{
+ SP = get_kb_item("SMB/Win2003/ServicePack");
+ if("Service Pack 2" >< SP)
+ {
+ # Grep for Win32k.sys version < 5.2.3790.4571
+ if(version_is_less(version:sysVer, test_version:"5.2.3790.4571")){
+ security_hole(0);
+ }
+ exit(0);
+ }
+ security_hole(0);
+}
Property changes on: trunk/openvas-plugins/scripts/secpod_ms09-065.nasl
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/openvas-plugins/scripts/secpod_ms09-067.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms09-067.nasl 2009-11-11 14:56:44 UTC (rev 5841)
+++ trunk/openvas-plugins/scripts/secpod_ms09-067.nasl 2009-11-11 18:07:38 UTC (rev 5842)
@@ -0,0 +1,139 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ms09-067.nasl 5697 2009-11-11 11:32:09Z nov $
+#
+# Microsoft Office Excel Multiple Vulnerabilities (972652)
+#
+# Authors:
+# Sharath S <sharaths at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(900887);
+ script_version("$Revision: 1.0 $");
+ script_cve_id("CVE-2009-3127", "CVE-2009-3128", "CVE-2009-3129", "CVE-2009-3130",
+ "CVE-2009-3131", "CVE-2009-3132", "CVE-2009-3133", "CVE-2009-3134");
+ script_bugtraq_id(36943, 36944, 36945, 36946, 36908, 36909, 36911, 36912);
+ script_name("Microsoft Office Excel Multiple Vulnerabilities (972652)");
+ desc = "
+ Overview: This host has critical security update missing according to
+ Microsoft Bulletin MS09-067.
+
+ Vulnerability Insight:
+ - An error in the parsing of Excel spreadsheets can be exploited to corrupt
+ memory via a specially crafted Excel file.
+ - An error in the processing of certain record objects can be
+ exploited to corrupt memory via a specially crafted Excel file.
+ - Another error in the processing of certain record objects can be
+ exploited to corrupt memory via a specially crafted Excel file.
+ - An error in the processing of Binary File Format (BIFF) records
+ can be exploited to cause a heap-based buffer overflow via a specially
+ crafted Excel file.
+ - An error in the handling of formulas embedded inside a cell can
+ be exploited to corrupt memory via a specially crafted Excel file.
+ - An error when loading Excel formulas can be exploited to corrupt
+ a pointer when a specially crafted Excel file is being opened.
+ - An error when loading Excel records can be exploited to corrupt
+ memory via a specially crafted Excel file.
+ - An error when processing Excel record objects can be exploited
+ via a specially crafted Excel file.
+
+ Impact:
+ Successful exploitation could execute arbitrary code on the remote system
+ and corrupt memory, buffer overflow via a specially crafted Excel file.
+
+ Impact Level: System/Application
+
+ Affected Software/OS:
+ Microsoft Excel Viewer 2003/2007
+ Microsoft Office Excel 2002/2003/2007
+ Microsoft Office Compatibility Pack for Word,Excel,PowerPoint 2007 File Formats SP 1/2
+
+ Fix:
+ Run Windows Update and update the listed hotfixes or download and
+ update mentioned hotfixes in the advisory from the below link,
+ http://www.microsoft.com/technet/security/bulletin/ms09-067.mspx
+
+ References:
+ http://secunia.com/advisories/37299/
+ http://support.microsoft.com/kb/972652
+ http://www.microsoft.com/technet/security/bulletin/ms09-067.mspx
+
+ Risk factor: High";
+
+ script_description(desc);
+ script_summary("Check for the version of Office Excel and Excel Viewer");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2009 SecPod");
+ script_family("Windows : Microsoft Bulletins");
+ script_dependencies("secpod_office_products_version_900032.nasl",
+ "secpod_ms_office_detection_900025.nasl");
+ script_require_keys("SMB/Office/Excel/Version");
+ script_require_ports(139, 445);
+ exit(0);
+}
+
+
+include("secpod_reg.inc");
+include("version_func.inc");
+
+if(hotfix_check_sp(win2k:5, xp:4, win2003:3) <= 0){
+ exit(0);
+}
+
+# Check for Office Excel 2002/2003/2007
+excelVer = get_kb_item("SMB/Office/Excel/Version");
+if(excelVer =~ "^(10|11|12)\..*")
+{
+ # Check for Office Excel 10.0 < 10.0.6856.0 or 11.0 < 11.0.8316.0 or 12.0 < 12.0.6514.5000
+ if(version_in_range(version:excelVer, test_version:"10.0", test_version2:"10.0.6855.9")||
+ version_in_range(version:excelVer, test_version:"11.0", test_version2:"11.0.8315.9")||
+ version_in_range(version:excelVer, test_version:"12.0", test_version2:"12.0.6514.4999"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+}
+
+# Check for Office Compatiability Pack 2007
+if(get_kb_item("SMB/Office/ComptPack/Version") =~ "^12\..*")
+{
+ xlcnvVer = get_kb_item("SMB/Office/XLCnv/Version");
+ if(xlcnvVer)
+ {
+ # Check for Office Excel Converter 2007 version 12.0 < 12.0.6514.5000
+ if(version_in_range(version:xlcnvVer, test_version:"12.0", test_version2:"12.0.6514.4999"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+ }
+}
+
+# For Microsoft Office Excel Viewer 2003/2007
+xlviewVer = get_kb_item("SMB/Office/XLView/Version");
+if(xlviewVer =~ "^(11|12)\..*")
+{
+ # Check for Excel Viewer 11.0 < 11.0.8313.0 (2003) or 12.0 < 12.0.6514.5000 (2007)
+ if(version_in_range(version:xlviewVer, test_version:"11.0", test_version2:"11.0.8312.9") ||
+ version_in_range(version:xlviewVer, test_version:"12.0", test_version2:"12.0.6514.4999")){
+ security_hole(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/secpod_ms09-067.nasl
___________________________________________________________________
Name: svn:executable
+ *
Added: trunk/openvas-plugins/scripts/secpod_ms09-068.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms09-068.nasl 2009-11-11 14:56:44 UTC (rev 5841)
+++ trunk/openvas-plugins/scripts/secpod_ms09-068.nasl 2009-11-11 18:07:38 UTC (rev 5842)
@@ -0,0 +1,113 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ms09-068.nasl 5696 2009-11-11 10:29:41Z nov $
+#
+# Microsoft Office Word Remote Code Execution Vulnerability (976307)
+#
+# Authors:
+# Nikita MR <rnikita at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(900973);
+ script_version("$Revision: 1.0 $");
+ script_cve_id("CVE-2009-3135");
+ script_bugtraq_id(36950);
+ script_name("Microsoft Office Word Remote Code Execution Vulnerability (976307)");
+ desc = "
+ Overview: This host has critical security update missing according to
+ Microsoft Bulletin MS09-068.
+
+ Vulnerability Insight:
+ The flaws are due to memory corruption error when processing a malformed
+ record within a Word document.
+
+ Impact:
+ Successful exploitation could execute arbitrary code on the remote system
+ via a specially crafted Word document.
+
+ Impact Level: System/Application
+
+ Affected Software/OS:
+ Microsoft Office XP/2003.
+ Microsoft Word Viewer 2003.
+
+ Fix:
+ Run Windows Update and update the listed hotfixes or download and
+ update mentioned hotfixes in the advisory from the below link,
+ http://www.microsoft.com/technet/security/bulletin/ms09-068.mspx
+
+ References:
+ http://secunia.com/advisories/37277/
+ http://www.vupen.com/english/advisories/2009/3194
+
+ Risk factor : Critical";
+
+ script_description(desc);
+ script_summary("Check for the vulnerable Word/Word Viewer version");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2009 SecPod");
+ script_family("Windows : Microsoft Bulletins");
+ script_dependencies("secpod_office_products_version_900032.nasl",
+ "secpod_ms_office_detection_900025.nasl");
+ script_require_keys("SMB/Office/Word/Version",
+ "SMB/Office/WordView/Version");
+ script_require_ports(139, 445);
+ exit(0);
+}
+
+
+include("secpod_reg.inc");
+include("version_func.inc");
+
+
+if(hotfix_check_sp(win2k:5, xp:4, win2003:3) <= 0){
+ exit(0);
+}
+
+# Check for Office Word XP/2003
+if(egrep(pattern:"^(10|11)\..*", string:get_kb_item("MS/Office/Ver")))
+{
+ # Grep for Office Word Version from KB
+ wordVer = get_kb_item("SMB/Office/Word/Version");
+ if(wordVer != NULL)
+ {
+ # Check for Office Word 10.0 < 10.0.6856.0 or 11.0 < 11.0.8313.0
+ if(version_in_range(version:wordVer, test_version:"10.0",
+ test_version2:"10.0.6855.9") ||
+ version_in_range(version:wordVer, test_version:"11.0",
+ test_version2:"11.0.8312.9"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+ }
+}
+
+# Check for Word Viewer
+wordviewVer = get_kb_item("SMB/Office/WordView/Version");
+if(wordviewVer != NULL)
+{
+ # Check for Word Viewer 11.0 < 11.0.8313.0
+ if(version_in_range(version:wordviewVer, test_version:"11.0",
+ test_version2:"11.0.8312.9")){
+ security_hole(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/secpod_ms09-068.nasl
___________________________________________________________________
Name: svn:executable
+ *
Modified: trunk/openvas-plugins/scripts/secpod_ms_office_detection_900025.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms_office_detection_900025.nasl 2009-11-11 14:56:44 UTC (rev 5841)
+++ trunk/openvas-plugins/scripts/secpod_ms_office_detection_900025.nasl 2009-11-11 18:07:38 UTC (rev 5842)
@@ -1,44 +1,48 @@
-##############################################################################
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ms_office_detection_900025.nasl 0021 2008-08-13 16:54:55Z aug $
#
-# Microsoft Office Detection
+# Microsoft Office Version Detection
#
-# Copyright: SecPod
+# Authors:
+# Chandan S <schandan at secpod.com>
#
-# Date Written: 2008/08/13
+# Regex pattern modified to match proper Office 2007.
+# - By Chandan S <schandan at secpod.com> On 2009-11-11 #5697
#
-# Revision: 1.1
+# Copyright:
+# Copyright (c) 2008 SecPod, http://www.secpod.com
#
-# Log: schandan
-# Issue #0021
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
#
-# Updated to make use registry_enum_keys() from secpod_smb_func.inc
-# -By Chandan S 10:46:00 2009/04/24
-# ------------------------------------------------------------------------
-# This program was written by SecPod and is licensed under the GNU GPL
-# license. Please refer to the below link for details,
-# http://www.gnu.org/licenses/gpl.html
-# This header contains information regarding licensing terms under the GPL,
-# and information regarding obtaining source code from the Author.
-# Consequently, pursuant to section 3(c) of the GPL, you must accompany the
-# information found in this header with any distribution you make of this
-# Program.
-# ------------------------------------------------------------------------
-##############################################################################
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
if(description)
{
script_id(900025);
- script_copyright("Copyright (C) 2008 SecPod");
script_version("$Revision: 1.1 $");
- script_category(ACT_GATHER_INFO);
- script_family("Windows");
- script_name("Microsoft Office Detection");
- script_summary("Check for version and set KB");
+ script_name("Microsoft Office Version Detection");
desc = "
- Overview : This script will Detect Microsoft Office Version and sets the KB.
+ Overview: This script will Detect Microsoft Office Version and sets the
+ result in KB.
Risk factor : Informational";
+
script_description(desc);
+ script_summary("Set KB for the version of Microsoft Office");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2008 SecPod");
+ script_family("Windows");
script_dependencies("secpod_reg_enum.nasl");
script_require_keys("SMB/WindowsVersion");
script_require_ports(139, 445);
@@ -75,7 +79,7 @@
continue;
}
- if(egrep(pattern:"Microsoft Office (2000|XP|.* Edition 2003$|.*[^)] 2007$)",
+ if(egrep(pattern:"Microsoft Office (2000|XP|.* Edition 2003$|[^L)].* 2007$)",
string:MSOffName))
{
MSOffVer = registry_get_sz(key:key + item, item:"DisplayVersion");
More information about the Openvas-commits
mailing list