[Openvas-commits] r5718 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Mon Oct 26 10:03:25 CET 2009


Author: mime
Date: 2009-10-26 10:02:32 +0100 (Mon, 26 Oct 2009)
New Revision: 5718

Added:
   trunk/openvas-plugins/scripts/mapserver_36802.nasl
   trunk/openvas-plugins/scripts/ping_host.nasl
   trunk/openvas-plugins/scripts/proftpd_36804.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/cve_current.txt
   trunk/openvas-plugins/scripts/admbook_cmd_exec.nasl
   trunk/openvas-plugins/scripts/alcatel_backdoor_switch.nasl
   trunk/openvas-plugins/scripts/amap.nasl
   trunk/openvas-plugins/scripts/apcupsd_overflows.nasl
   trunk/openvas-plugins/scripts/asterisk_null_pointer_dereference.nasl
   trunk/openvas-plugins/scripts/asterisk_sdp_header_overflow.nasl
   trunk/openvas-plugins/scripts/binlogin_overflow_telnet.nasl
   trunk/openvas-plugins/scripts/chipmunk_forum_xss.nasl
   trunk/openvas-plugins/scripts/cobalt_overflow_cgi.nasl
   trunk/openvas-plugins/scripts/cvstrac_account_deletion.nasl
   trunk/openvas-plugins/scripts/cvstrac_cgi_overflows.nasl
   trunk/openvas-plugins/scripts/cvstrac_db_plaintext_pass.nasl
   trunk/openvas-plugins/scripts/cvstrac_filediff.nasl
   trunk/openvas-plugins/scripts/cvstrac_history_overflow.nasl
   trunk/openvas-plugins/scripts/cvstrac_invalid_ticket_dos.nasl
   trunk/openvas-plugins/scripts/cvstrac_jail_escape.nasl
   trunk/openvas-plugins/scripts/cvstrac_malformed_uri_dos.nasl
   trunk/openvas-plugins/scripts/cvstrac_ticket_title.nasl
   trunk/openvas-plugins/scripts/cvstrac_timeline_overflow.nasl
   trunk/openvas-plugins/scripts/datawizard_ftpxq_test_accts.nasl
   trunk/openvas-plugins/scripts/elog_logbook_global_dos.nasl
   trunk/openvas-plugins/scripts/finger_akfingerd.nasl
   trunk/openvas-plugins/scripts/firewall_detect.nasl
   trunk/openvas-plugins/scripts/free_articles_directory_file_includes.nasl
   trunk/openvas-plugins/scripts/ftpd_any_cmd.nasl
   trunk/openvas-plugins/scripts/gcards_dir_transversal.nasl
   trunk/openvas-plugins/scripts/http_ids_evasion.nasl
   trunk/openvas-plugins/scripts/http_keepalive.inc
   trunk/openvas-plugins/scripts/ids_evasion.nasl
   trunk/openvas-plugins/scripts/kerio_webmail_multiple_flaws.nasl
   trunk/openvas-plugins/scripts/kiwi_cattools_tftpd_dir_traversal.nasl
   trunk/openvas-plugins/scripts/mercur_imap_buffer_overflow.nasl
   trunk/openvas-plugins/scripts/mtl_remote_file_include.nasl
   trunk/openvas-plugins/scripts/myevent_multiple_flaws.nasl
   trunk/openvas-plugins/scripts/netscaler_web_login.nasl
   trunk/openvas-plugins/scripts/netstat_portscan.nasl
   trunk/openvas-plugins/scripts/nisd_overflow.nasl
   trunk/openvas-plugins/scripts/nmap.nasl
   trunk/openvas-plugins/scripts/packeteer_web_login.nasl
   trunk/openvas-plugins/scripts/packeteer_web_version.nasl
   trunk/openvas-plugins/scripts/phplistpro_remote_file_include.nasl
   trunk/openvas-plugins/scripts/sambar_default_accounts.nasl
   trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl
   trunk/openvas-plugins/scripts/sip.inc
   trunk/openvas-plugins/scripts/smb_nt.inc
   trunk/openvas-plugins/scripts/smb_registry_access.nasl
   trunk/openvas-plugins/scripts/smb_virii.nasl
   trunk/openvas-plugins/scripts/smtp_settings.nasl
   trunk/openvas-plugins/scripts/snmpwalk_portscan.nasl
   trunk/openvas-plugins/scripts/sslv2_hello_overflow.nasl
   trunk/openvas-plugins/scripts/subversion_1_0_5.nasl
   trunk/openvas-plugins/scripts/subversion_1_0_6.nasl
   trunk/openvas-plugins/scripts/subversion_1_0_8.nasl
   trunk/openvas-plugins/scripts/sybase_asa_default_password.nasl
   trunk/openvas-plugins/scripts/webalbum_local_file_include.nasl
   trunk/openvas-plugins/scripts/webcalendar_info_disclosure.nasl
   trunk/openvas-plugins/scripts/www_too_long_method.nasl
   trunk/openvas-plugins/scripts/xst_http_trace.nasl
   trunk/openvas-plugins/scripts/yppasswdd.nasl
   trunk/openvas-plugins/scripts/zeroblog_xss.nasl
Log:
Added new plugins. Replaced nessus by openvas

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/ChangeLog	2009-10-26 09:02:32 UTC (rev 5718)
@@ -1,3 +1,76 @@
+2009-10-26  Michael Meyer <michael.meyer at intevation.de>
+
+	* scripts/firewall_detect.nasl,
+	scripts/finger_akfingerd.nasl,
+	scripts/cvstrac_malformed_uri_dos.nasl,
+	scripts/packeteer_web_version.nasl,
+	scripts/www_too_long_method.nasl,
+	scripts/chipmunk_forum_xss.nasl,
+	scripts/mercur_imap_buffer_overflow.nasl,
+	scripts/sslv2_hello_overflow.nasl,
+	scripts/xst_http_trace.nasl,
+	scripts/ftpd_any_cmd.nasl,
+	scripts/cobalt_overflow_cgi.nasl,
+	scripts/packeteer_web_login.nasl,
+	scripts/cvstrac_filediff.nasl,
+	scripts/binlogin_overflow_telnet.nasl,
+	scripts/cvstrac_ticket_title.nasl,
+	scripts/cvstrac_jail_escape.nasl,
+	scripts/smtp_settings.nasl,
+	scripts/subversion_1_0_8.nasl,
+	scripts/subversion_1_0_5.nasl,
+	scripts/myevent_multiple_flaws.nasl,
+	scripts/cvstrac_history_overflow.nasl,
+	scripts/webalbum_local_file_include.nasl,
+	scripts/cvstrac_timeline_overflow.nasl,
+	scripts/phplistpro_remote_file_include.nasl,
+	scripts/kerio_webmail_multiple_flaws.nasl,
+	scripts/free_articles_directory_file_includes.nasl,
+	scripts/yppasswdd.nasl,
+	scripts/netscaler_web_login.nasl,
+	scripts/elog_logbook_global_dos.nasl,
+	scripts/admbook_cmd_exec.nasl,
+	scripts/gcards_dir_transversal.nasl,
+	scripts/cvstrac_account_deletion.nasl,
+	scripts/http_keepalive.inc,
+	scripts/apcupsd_overflows.nasl,
+	scripts/sybase_asa_default_password.nasl,
+	scripts/http_ids_evasion.nasl,
+	scripts/datawizard_ftpxq_test_accts.nasl,
+	scripts/nisd_overflow.nasl,
+	scripts/webcalendar_info_disclosure.nasl,
+	scripts/cvstrac_invalid_ticket_dos.nasl,
+	scripts/cvstrac_cgi_overflows.nasl,
+	scripts/smb_registry_access.nasl,
+	scripts/smb_nt.inc,
+	scripts/zeroblog_xss.nasl,
+	scripts/asterisk_null_pointer_dereference.nasl,
+	scripts/sip.inc,
+	scripts/mtl_remote_file_include.nasl,
+	scripts/smb_virii.nasl,
+	scripts/asterisk_sdp_header_overflow.nasl,
+	scripts/subversion_1_0_6.nasl,
+	scripts/ids_evasion.nasl,
+	scripts/cvstrac_db_plaintext_pass.nasl,
+	scripts/alcatel_backdoor_switch.nasl,
+	scripts/kiwi_cattools_tftpd_dir_traversal.nasl,
+	scripts/sambar_default_accounts.nasl:
+	Replaced "nessus" by "openvas".
+
+	* scripts/secpod_kvirc_detect_win.nasl:
+	Fixed "nasl_array_iterator: unhandled type 57 (0x39)"
+
+	* scripts/proftpd_36804.nasl,
+	scripts/mapserver_36802.nasl,
+	scripts/ping_host.nasl:
+	Added new plugins.
+
+	* scripts/snmpwalk_portscan.nasl,
+	scripts/nmap.nasl,
+	scripts/netstat_portscan.nasl,
+	scripts/amap.nasl:
+	Added dependency ping_host.nasl
+
 2009-10-23  Chandrashekhar B <bchandra at secpod.com>
 
 	* scripts/gb_pidgin_oscar_dos_vuln_oct09_lin.nasl,

Modified: trunk/openvas-plugins/cve_current.txt
===================================================================
--- trunk/openvas-plugins/cve_current.txt	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/cve_current.txt	2009-10-26 09:02:32 UTC (rev 5718)
@@ -181,5 +181,5 @@
 CVE-2009-3695			SecPod
 CVE-2009-3698			SecPod
 CVE-2009-2999			SecPod
-CVE-2009-3639			Greenbone			R
-CVE-2009-2281			Greenbone			R
+CVE-2009-3639			Greenbone	svn		R
+CVE-2009-2281			Greenbone	svn		R

Modified: trunk/openvas-plugins/scripts/admbook_cmd_exec.nasl
===================================================================
--- trunk/openvas-plugins/scripts/admbook_cmd_exec.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/admbook_cmd_exec.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -89,9 +89,9 @@
   req = http_get(
     item:string(
       dir, "/write.php?",
-      "name=nessus&",
-      "email=nessus@", this_host(), "&",
-      "message=", urlencode(str:string("Nessus ran ", SCRIPT_NAME, " at ", unixtime()))
+      "name=openvas&",
+      "email=openvas@", this_host(), "&",
+      "message=", urlencode(str:string("OpenVAS ran ", SCRIPT_NAME, " at ", unixtime()))
     ),
     port:port
   );

Modified: trunk/openvas-plugins/scripts/alcatel_backdoor_switch.nasl
===================================================================
--- trunk/openvas-plugins/scripts/alcatel_backdoor_switch.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/alcatel_backdoor_switch.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -77,7 +77,7 @@
   data = get_telnet_banner(port:port);
  if(data)
   {
-  security_note(port:port,data:string("The banner:\n",data,"\nshould be reported to deraison at nessus.org\n"));
+  security_note(port:port,data:string("The banner:\n",data,"\nshould be reported to openvas-plugins at wald.intevation.org\n"));
   security_hole(port);
   register_service(port: port, proto: "aos");
   }

Modified: trunk/openvas-plugins/scripts/amap.nasl
===================================================================
--- trunk/openvas-plugins/scripts/amap.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/amap.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -29,9 +29,7 @@
  family = "Port scanners";
  script_family(family);
 
-# commented out dependency on proprietary plugin, once when we implement
-# it, we can uncomment it
-#  script_dependencies("ping_host.nasl");
+ script_dependencies("ping_host.nasl");
 
  script_add_preference(name: "File containing machine readable results : ", value: "", type: "file");
 

Modified: trunk/openvas-plugins/scripts/apcupsd_overflows.nasl
===================================================================
--- trunk/openvas-plugins/scripts/apcupsd_overflows.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/apcupsd_overflows.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -23,7 +23,7 @@
 is vulnerable to a buffer overflow which could
 allow an attacker to gain a root shell on this host.
 
-*** Nessus solely relied on the version number of the 
+*** OpenVAS solely relied on the version number of the 
 *** remote server, so this might be a false positive
 
 Risk factor : High";

Modified: trunk/openvas-plugins/scripts/asterisk_null_pointer_dereference.nasl
===================================================================
--- trunk/openvas-plugins/scripts/asterisk_null_pointer_dereference.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/asterisk_null_pointer_dereference.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -125,10 +125,10 @@
     "REGISTER\r\n",
     "Via: SIP/2.0/UDP ", this_host(), ":", port, "\r\n",
     "To: User <sip:user@", get_host_name(), ":", port, ">\r\n",
-    "From: OpenVAS <sip:nessus@", this_host(), ":", port, ">\r\n",
+    "From: OpenVAS <sip:openvas@", this_host(), ":", port, ">\r\n",
     "Call-ID: ", rand(), "\r\n",
     "CSeq: ", rand(), " OPTIONS\r\n",
-    "Contact: OpenVAS <sip:nessus@", this_host(), ">\r\n",
+    "Contact: OpenVAS <sip:openvas@", this_host(), ">\r\n",
     "Max-Forwards: 0\r\n",
     "Accept: application/sdp\r\n",
     "Content-Length: 0\r\n\r\n");
@@ -139,7 +139,6 @@
 exp = sip_send_recv(port:port, data:bad_register);
 if (isnull(exp)) {
     res = sip_send_recv(port:port, data:option);
-    display(res); 
     if (isnull(res)) {
         security_hole(port);
         exit(0);

Modified: trunk/openvas-plugins/scripts/asterisk_sdp_header_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/asterisk_sdp_header_overflow.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/asterisk_sdp_header_overflow.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -77,7 +77,7 @@
         "From: <sip:", this_host(), ":", port, ">\r\n",
         "Call-ID: ", rand(), "\r\n",
         "CSeq: ", rand(), " OPTIONS\r\n",
-        "Contact: <sip:nessus@", this_host(), ">\r\n",
+        "Contact: <sip:openvas@", this_host(), ">\r\n",
         "Max-Forwards: 10\r\n",
         "Content-Length: 0\r\n\r\n");
 
@@ -132,7 +132,7 @@
     "From: <sip:", this_host(), ":", port, ">\r\n",
     "Call-ID: ", rand(), "\r\n",
     "CSeq: ", rand(), " OPTIONS\r\n",
-    "Contact: <sip:nessus@", this_host(), ">\r\n",
+    "Contact: <sip:openvas@", this_host(), ">\r\n",
     "Max-Forwards: 0\r\n",
     "Content-Length: 0\r\n\r\n");
 

Modified: trunk/openvas-plugins/scripts/binlogin_overflow_telnet.nasl
===================================================================
--- trunk/openvas-plugins/scripts/binlogin_overflow_telnet.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/binlogin_overflow_telnet.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -71,7 +71,7 @@
    {
 
  buffer = telnet_negotiate(socket:soc);
- send(socket:soc, data:string("nessus ", env, "\r\n"));
+ send(socket:soc, data:string("openvas ", env, "\r\n"));
  r = recv(socket:soc, length:4096);
  close(soc);
  if("word:" >< r)

Modified: trunk/openvas-plugins/scripts/chipmunk_forum_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/chipmunk_forum_xss.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/chipmunk_forum_xss.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -65,7 +65,7 @@
 if (!can_host_php(port:port)) exit(0);
 if (get_kb_item(string("www/", port, "/generic_xss"))) exit(0);
 
-xss = "'</a><IFRAME SRC=javascript:alert(%27XSS%20DETECTED%20BY%20NESSUS%27)></IFRAME>";
+xss = "'</a><IFRAME SRC=javascript:alert(%27XSS%20DETECTED%20BY%20OpenVAS%27)></IFRAME>";
 exss = urlencode(str:xss);
 
 #if (thorough_tests) dirs = make_list("/board", "/forum", "/", cgi_dirs());

Modified: trunk/openvas-plugins/scripts/cobalt_overflow_cgi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cobalt_overflow_cgi.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cobalt_overflow_cgi.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -17,7 +17,7 @@
 Some versions of this CGI allow remote users to execute arbitrary commands
 with the privileges of the web server.
 
-*** Nessus just checked the presence of this file 
+*** OpenVAS just checked the presence of this file 
 *** but did not try to exploit the flaw, so this might
 *** be a false positive
    

Modified: trunk/openvas-plugins/scripts/cvstrac_account_deletion.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_account_deletion.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_account_deletion.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -23,7 +23,7 @@
 giving them elevated access and potentially control
 over other user accounts.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/cvstrac_cgi_overflows.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_cgi_overflows.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_cgi_overflows.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -24,7 +24,7 @@
 this flaw, would be able to execute arbitrary code on the 
 remote system.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/cvstrac_db_plaintext_pass.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_db_plaintext_pass.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_db_plaintext_pass.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -21,7 +21,7 @@
 This version contains a flaw related to *.db files that 
 may allow an attacker to gain access to plaintext passwords.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/cvstrac_filediff.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_filediff.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_filediff.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -26,7 +26,7 @@
 which, when exploited, can lead to a remote attacker 
 executing arbitrary commands on the system.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/cvstrac_history_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_history_overflow.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_history_overflow.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -22,7 +22,7 @@
 function in history.c that may allow an attacker to cause a 
 buffer overflow and execute arbitrary code on the remote system.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/cvstrac_invalid_ticket_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_invalid_ticket_dos.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_invalid_ticket_dos.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -23,7 +23,7 @@
 An attacker, exploiting this flaw, would be able to remotely
 shut down the cvstrac server.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/cvstrac_jail_escape.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_jail_escape.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_jail_escape.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -23,7 +23,7 @@
 attacker, exploiting this flaw, would be able to access files
 outside of the web root.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/cvstrac_malformed_uri_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_malformed_uri_dos.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_malformed_uri_dos.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -25,7 +25,7 @@
 Upon sending a malformed link, the cvstrac server would go into
 an infinite loop, rendering the services as unavailable.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/cvstrac_ticket_title.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_ticket_title.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_ticket_title.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -22,7 +22,7 @@
 containing a semi-colon (';') that may allow an attacker 
 to execute arbitrary commands on the system.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/cvstrac_timeline_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_timeline_overflow.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/cvstrac_timeline_overflow.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -23,7 +23,7 @@
 An attacker, exploiting this flaw, would be potentially able to
 run exploit code on the remote machine.
 
-***** Nessus has determined the vulnerability exists on the target
+***** OpenVAS has determined the vulnerability exists on the target
 ***** simply by looking at the version number(s) of CVSTrac
 ***** installed there. 
 

Modified: trunk/openvas-plugins/scripts/datawizard_ftpxq_test_accts.nasl
===================================================================
--- trunk/openvas-plugins/scripts/datawizard_ftpxq_test_accts.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/datawizard_ftpxq_test_accts.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -131,11 +131,11 @@
   if ("test/test" >< info)
     info = string(info, "\n",
       "Note that the test account reportedly allows write access to the entire\n",
-      "filesystem, although Nessus did not attempt to verify this.\n");
+      "filesystem, although OpenVAS did not attempt to verify this.\n");
 
   if (contents)
     info = string(info, "\n",
-      "In addition, Nessus was able to use one of the accounts to read ", file, " :\n",
+      "In addition, OpenVAS was able to use one of the accounts to read ", file, " :\n",
       "\n",
       contents);
 

Modified: trunk/openvas-plugins/scripts/elog_logbook_global_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/elog_logbook_global_dos.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/elog_logbook_global_dos.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -36,7 +36,7 @@
 See also :
 
 http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0198.html
-http://www.nessus.org/u?67c4b2ac
+http://savannah.psi.ch/websvn/log.php?repname=elog&path=/trunk/&rev=1749&sc=1&isdir=1
 http://midas.psi.ch/elogs/Forum/2053
 
 Solution : 

Modified: trunk/openvas-plugins/scripts/finger_akfingerd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/finger_akfingerd.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/finger_akfingerd.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -58,7 +58,7 @@
  soc = open_sock_tcp(port);
  if(soc)
  {
-  buf = string("nessusIs4Scanning2You at 127.0.0.1@127.0.0.1\r\n"); #send request for forwarded finger query
+  buf = string("openvasIs4Scanning2You at 127.0.0.1@127.0.0.1\r\n"); #send request for forwarded finger query
   send(socket:soc, data:buf);
   data = recv(socket:soc, length:96);
   close(soc);

Modified: trunk/openvas-plugins/scripts/firewall_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/firewall_detect.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/firewall_detect.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -44,7 +44,7 @@
 include("global_settings.inc");
 
 if ( report_paranoia < 2 ) exit(0);
-if ( ! get_kb_item("Host/scanners/nessus_tcp_scanner") ) exit(0);
+if ( ! get_kb_item("Host/scanners/openvas_tcp_scanner") ) exit(0);
 
 open = int(get_kb_item("TCPScanner/OpenPortsNb"));
 closed = int(get_kb_item("TCPScanner/ClosedPortsNb"));

Modified: trunk/openvas-plugins/scripts/free_articles_directory_file_includes.nasl
===================================================================
--- trunk/openvas-plugins/scripts/free_articles_directory_file_includes.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/free_articles_directory_file_includes.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -123,7 +123,7 @@
         "Plugin output :\n",
         "\n",
         "Here are the contents of the file '/etc/passwd' that\n",
-        "Nessus was able to read from the remote host :\n",
+        "OpenVAS was able to read from the remote host :\n",
         "\n",
         content
       );

Modified: trunk/openvas-plugins/scripts/ftpd_any_cmd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ftpd_any_cmd.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/ftpd_any_cmd.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -48,7 +48,7 @@
 login = get_kb_item("ftp/login");
 pass = get_kb_item("ftp/password");
 if (! login) login = "anonymous";
-if (! pass) pass = "bounce at nessus.org";
+if (! pass) pass = "bounce at openvas.org";
 
 port = get_kb_item("Services/ftp");
 if (! port) port = 21; 

Modified: trunk/openvas-plugins/scripts/gcards_dir_transversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gcards_dir_transversal.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/gcards_dir_transversal.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -29,7 +29,7 @@
 See also :
 
 http://retrogod.altervista.org/gcards_145_xpl.html
-http://www.nessus.org/u?5e89025e
+http://www.gregphoto.net/index.php/2006/03/27/gcards-146-released-due-to-security-issues/
 
 Solution :
 
@@ -121,7 +121,7 @@
         "Plugin output :\n",
         "\n",
         "Here are the contents of the file '/etc/passwd' that\n",
-        "Nessus was able to read from the remote host :\n",
+        "OpenVAS was able to read from the remote host :\n",
         "\n",
         content
       );

Modified: trunk/openvas-plugins/scripts/http_ids_evasion.nasl
===================================================================
--- trunk/openvas-plugins/scripts/http_ids_evasion.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/http_ids_evasion.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -19,7 +19,7 @@
  script_name(name);
  
  desc = "
-This plugin configures Nessus for NIDS evasion (see the 'Prefs' panel).
+This plugin configures OpenVAS for NIDS evasion (see the 'Prefs' panel).
 NIDS evasion options are useful if you want to determine
 the quality of the expensive NIDS you just bought.
 

Modified: trunk/openvas-plugins/scripts/http_keepalive.inc
===================================================================
--- trunk/openvas-plugins/scripts/http_keepalive.inc	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/http_keepalive.inc	2009-10-26 09:02:32 UTC (rev 5718)
@@ -63,7 +63,7 @@
 'Connection: Keep-Alive\r\n',
 'Host: ', get_host_name(), '\r\n',
 'Pragma: no-cache\r\n',
-'User-Agent: Mozilla/4.75 [en] (X11, U; Nessus)\r\n\r\n');
+'User-Agent: Mozilla/4.75 [en] (X11, U; OpenVAS)\r\n\r\n');
 
   soc = http_open_socket(port);
   if(!soc)return -2;

Modified: trunk/openvas-plugins/scripts/ids_evasion.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ids_evasion.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/ids_evasion.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -23,7 +23,7 @@
  script_name(name);
  
  desc = "
-This plugin configures Nessus for NIDS evasion (see the 'Prefs' panel).
+This plugin configures OpenVAS for NIDS evasion (see the 'Prefs' panel).
 NIDS evasion options are useful if you want to determine
 the quality of the expensive NIDS you just bought.
 
@@ -51,7 +51,7 @@
   reach the remote host or which do not determine if the 
   remote host actually receives the packets seen ;
 
-- Fake RST : each time a connection is established, Nessus
+- Fake RST : each time a connection is established, OpenVAS 
   will send a RST packet with a bogus tcp checksum or
   a bogus ttl (depending on the options you chose above),
   thus making the IDS believe the connection was closed

Modified: trunk/openvas-plugins/scripts/kerio_webmail_multiple_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/kerio_webmail_multiple_flaws.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/kerio_webmail_multiple_flaws.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -52,7 +52,7 @@
 This could also cause a denial of service in the server.
 
 
-*** This might be a false positive, as Nessus did not have
+*** This might be a false positive, as OpenVAS did not have
 *** the proper credentials to determine if the remote Kerio
 *** is affected by this flaw.
 

Modified: trunk/openvas-plugins/scripts/kiwi_cattools_tftpd_dir_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/kiwi_cattools_tftpd_dir_traversal.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/kiwi_cattools_tftpd_dir_traversal.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -89,7 +89,7 @@
 {
     report = string(
 	desc, "\n\n", "Plugin output :\n\n",
-	 "Here are the contents of the file '\\boot.ini' that Nessus\n",
+	 "Here are the contents of the file '\\boot.ini' that OpenVAS\n",
           "was able to read from the remote host :\n", get);
     security_hole(port:port, protocol:"udp", data:report);
 }

Added: trunk/openvas-plugins/scripts/mapserver_36802.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mapserver_36802.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/mapserver_36802.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -0,0 +1,90 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# MapServer HTTP Request Processing Integer Overflow Vulnerability
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100317);
+ script_bugtraq_id(36802);
+ script_cve_id("CVE-2009-2281");
+ script_version ("1.0-$Revision$");
+
+ script_name("MapServer HTTP Request Processing Integer Overflow Vulnerability");
+
+desc = "Overview:
+MapServer is prone to a remote integer-overflow vulnerability.
+
+An attacker can exploit this issue to execute arbitrary code.
+Successful exploits will compromise affected computers. Failed exploit
+attempts will result in a denial-of-service condition.
+
+This issue affects MapServer 4.10.x; other versions may be
+vulnerable as well.
+
+NOTE: This issue reportedly stems from an incomplete fix for CVE-2009-
+      0840, which was discussed in BID 34306 (MapServer Multiple
+      Security Vulnerabilities).
+
+Solution:
+Updates are available. Please see the references for details.
+
+References:
+http://www.securityfocus.com/bid/36802
+http://mapserver.gis.umn.edu/
+
+Risk factor : Medium";
+
+ script_description(desc);
+ script_summary("Determine if MapServer is prone to a remote integer-overflow vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_family("Web application abuses");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("gb_mapserver_detect.nasl");
+ script_require_ports("Services/www", 80);
+ script_exclude_keys("Settings/disable_cgi_scanning");
+ exit(0);
+}
+
+include("http_func.inc");
+include("http_keepalive.inc");
+include("version_func.inc");
+
+port = get_http_port(default:80);
+if(!get_port_state(port))exit(0);
+
+if(!version = get_kb_item(string("www/", port, "/MapServer")))exit(0);
+
+if(!isnull(version)) {
+
+  if(version_in_range(version: version, test_version: "5.4", test_version2: "5.4.2")   ||
+     version_in_range(version: version, test_version: "5.2", test_version2: "5.2.3")   ||
+     version_in_range(version: version, test_version: "5.0", test_version2: "5.0.3")   ||
+     version_in_range(version: version, test_version: "4.10", test_version2: "4.10.5")) {
+      security_warning(port:port);
+      exit(0);
+  }
+}
+
+exit(0);


Property changes on: trunk/openvas-plugins/scripts/mapserver_36802.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Modified: trunk/openvas-plugins/scripts/mercur_imap_buffer_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mercur_imap_buffer_overflow.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/mercur_imap_buffer_overflow.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -81,7 +81,7 @@
  
   report = string(desc, "\n\n",
 	"Note :\n\n",
-	"*** Nessus did only check for this vulnerability,\n",
+	"*** OpenVAS did only check for this vulnerability,\n",
 	"*** by using the banner of the remote IMAP4 service.\n",
  	"*** This might be a false positive.\n\n"); 
   

Modified: trunk/openvas-plugins/scripts/mtl_remote_file_include.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mtl_remote_file_include.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/mtl_remote_file_include.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -111,7 +111,7 @@
         "Plugin output :\n",
         "\n",
         "Here are the contents of the file '/etc/passwd' that\n",
-        "Nessus was able to read from the remote host :\n",
+        "OpenVAS was able to read from the remote host :\n",
         "\n",
         content
       );

Modified: trunk/openvas-plugins/scripts/myevent_multiple_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/myevent_multiple_flaws.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/myevent_multiple_flaws.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -129,7 +129,7 @@
         "Plugin output :\n",
         "\n",
         "Here are the contents of the file '/etc/passwd' that\n",
-        "Nessus was able to read from the remote host :\n",
+        "OpenVAS was able to read from the remote host :\n",
         "\n",
         content
       );

Modified: trunk/openvas-plugins/scripts/netscaler_web_login.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netscaler_web_login.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/netscaler_web_login.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -20,7 +20,7 @@
 
 Description :
 
-Nessus successfully logged into the remote Citrix NetScaler web
+OpenVAS successfully logged into the remote Citrix NetScaler web
 management interface using the supplied credentials and stored the
 authentication cookie for later use. 
 

Modified: trunk/openvas-plugins/scripts/netstat_portscan.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netstat_portscan.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/netstat_portscan.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -27,11 +27,7 @@
  script_copyright("This script is Copyright (C) 2004 Michel Arboi");
  family = "Port scanners";
  script_family(family);
-
-# commented out dependency on proprietary plugin, once when we implement
-# it, we can uncomment it
-# script_dependencies("ping_host.nasl", "ssh_authorization.nasl");
- script_dependencies("ssh_authorization.nasl");
+ script_dependencies("ping_host.nasl","ssh_authorization.nasl");
  exit(0);
 }
 

Modified: trunk/openvas-plugins/scripts/nisd_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/nisd_overflow.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/nisd_overflow.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -70,7 +70,7 @@
 to a buffer overflow which allows any user to obtain a root
 shell on this host.
 
-*** Nessus did not actually check for this flaw, so this 
+*** OpenVAS did not actually check for this flaw, so this 
 *** might be a false positive
 
 Solution : disable this service if you don't useit, or apply

Modified: trunk/openvas-plugins/scripts/nmap.nasl
===================================================================
--- trunk/openvas-plugins/scripts/nmap.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/nmap.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -32,9 +32,7 @@
  family = "Port scanners";
  script_family(family);
 
-# commented out dependency on proprietary plugin, once when we implement
-# it, we can uncomment it
-# script_dependencies("ping_host.nasl");
+ script_dependencies("ping_host.nasl");
 
  v = pread(cmd: "nmap", argv: make_list("nmap", "-V"));
  if (v != NULL)

Modified: trunk/openvas-plugins/scripts/packeteer_web_login.nasl
===================================================================
--- trunk/openvas-plugins/scripts/packeteer_web_login.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/packeteer_web_login.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -17,7 +17,7 @@
 
 Description :
 
-Nessus was able to log onto the remote Packeteer web management
+OpenVAS was able to log onto the remote Packeteer web management
 interface with the given credentials and has stored the authentication
 cookie in the KB for use with other plugins. 
 

Modified: trunk/openvas-plugins/scripts/packeteer_web_version.nasl
===================================================================
--- trunk/openvas-plugins/scripts/packeteer_web_version.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/packeteer_web_version.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -10,7 +10,7 @@
 
 Description :
 
-Nessus was able to determine the software version of the Packeteer web
+OpenVAS was able to determine the software version of the Packeteer web
 management interface running on the remote host. 
 
 Risk factor :

Modified: trunk/openvas-plugins/scripts/phplistpro_remote_file_include.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phplistpro_remote_file_include.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/phplistpro_remote_file_include.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -116,7 +116,7 @@
         "Plugin output :\n",
         "\n",
         "Here are the repeated contents of the file '/etc/passwd' that\n",
-        "Nessus was able to read from the remote host :\n",
+        "OpenVAS was able to read from the remote host :\n",
         "\n",
         content
       );

Added: trunk/openvas-plugins/scripts/ping_host.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ping_host.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/ping_host.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -0,0 +1,103 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# Ping Host 
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100315);
+ script_version ("1.0-$Revision$");
+
+ script_name("Ping Host");
+
+ desc = "This plugin try to determine if the remote host is up.
+
+Risk factor : Informational";
+
+ script_description(desc);
+ script_summary("Ping the remote host");
+ script_category(ACT_SCANNER);
+ script_family("Port scanners");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+
+ script_add_preference(name:"Report about unrechable Hosts", type:"checkbox", value:"no");
+ script_add_preference(name:"Mark unrechable Hosts as dead (not scanning)", type:"checkbox", value:"yes");
+
+ exit(0);
+}
+
+set_kb_item(name: "/tmp/start_time", value: unixtime());
+if(islocalhost())exit(0);
+
+# Try ICMP (Ping) first
+ICMP_ECHO_REQUEST = 8;
+IP_ID = 0xBABA;
+ICMP_ID = rand() % 65536;
+
+ip_packet =
+        forge_ip_packet(ip_tos : 6,
+                        ip_id  : IP_ID,
+                        ip_off : IP_DF,
+                        ip_p   : IPPROTO_ICMP,
+                        ip_src : this_host());
+
+icmp_packet =
+       forge_icmp_packet(icmp_type : ICMP_ECHO_REQUEST,
+                         icmp_code : 123,
+                         icmp_seq  : 256,
+                         icmp_id   : ICMP_ID,
+                         ip        : ip_packet);
+attempt = 2;
+ret = NULL;
+
+filter = "icmp and dst host " + this_host() + " and src host " + get_host_ip() + " and icmp[0] = 0 " + " and icmp[4:2] = " + ICMP_ID;
+
+while (!ret && attempt--) {
+ ret = send_packet(icmp_packet, pcap_active: TRUE, pcap_filter: filter, pcap_timeout: 3);
+ if(ret) {
+  set_kb_item(name: "/tmp/ping/ICMP", value: 1);
+  exit(0);
+ }
+}
+
+# ICMP fails. Try TCP SYN 
+if(tcp_ping()) {
+  set_kb_item(name: "/tmp/ping/TCP", value: 1);
+  exit(0);
+}  
+
+# Host seems to be dead.
+report_dead = script_get_preference("Report about unrechable Hosts");
+mark_dead   = script_get_preference("Mark unrechable Hosts as dead (not scanning)");
+
+if("yes" >< report_dead) {
+  data = string("The remote host ", get_host_ip(), " is considered as dead.\nOpenVAS has not scanned this host.\n");
+  log_message(data:data, port:0);
+}
+
+if("yes" >< mark_dead) {
+  set_kb_item(name:"Host/ping_failed", value: 1);
+}  
+exit(0);
+


Property changes on: trunk/openvas-plugins/scripts/ping_host.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Added: trunk/openvas-plugins/scripts/proftpd_36804.nasl
===================================================================
--- trunk/openvas-plugins/scripts/proftpd_36804.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/proftpd_36804.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -0,0 +1,93 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id$
+#
+# ProFTPD mod_tls Module NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
+#
+# Authors:
+# Michael Meyer
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if (description)
+{
+ script_id(100316);
+ script_bugtraq_id(36804);
+ script_cve_id("CVE-2009-3639");
+ script_version ("1.0-$Revision$");
+
+ script_name("ProFTPD mod_tls Module NULL Character CA SSL Certificate Validation Security Bypass Vulnerability");
+
+desc = "Overview:
+ProFTPD is prone to a security-bypass vulnerability because the
+application fails to properly validate the domain name in a signed CA
+certificate, allowing attackers to substitute malicious SSL
+certificates for trusted ones.
+
+Successful exploits allows attackers to perform man-in-the-
+middle attacks or impersonate trusted servers, which will aid in
+further attacks.
+
+Versions prior to ProFTPD 1.3.2b are vulnerable.
+
+Solution:
+Updates are available. Please see the references for details.
+
+References:
+http://www.securityfocus.com/bid/36804
+http://bugs.proftpd.org/show_bug.cgi?id=3275
+http://www.proftpd.org
+
+Risk factor : Medium";
+
+ script_description(desc);
+ script_summary("Determine if ProFTPD version is < 1.3.2b");
+ script_category(ACT_GATHER_INFO);
+ script_family("FTP");
+ script_copyright("This script is Copyright (C) 2009 Greenbone Networks GmbH");
+ script_dependencies("secpod_proftpd_server_remote_detect.nasl");
+ script_require_ports("Services/ftp", 21);
+ exit(0);
+}
+
+include("version_func.inc");
+
+port = get_kb_item("Services/ftp");
+if(!port){
+  port = 21;
+}
+
+if(get_kb_item('ftp/'+port+'/broken'))exit(0);
+
+if(!get_port_state(port)){
+  exit(0);
+}
+
+if(!version = get_kb_item(string("ProFTPD/Ver")))exit(0);
+
+if(!isnull(version)) {
+
+    if(version_is_less(version:version, test_version:"1.3.2b")) {
+        security_warning(port: port);
+        exit(0);
+
+    }
+}
+
+exit(0);
+


Property changes on: trunk/openvas-plugins/scripts/proftpd_36804.nasl
___________________________________________________________________
Name: svn:keywords
   + Id Revision

Modified: trunk/openvas-plugins/scripts/sambar_default_accounts.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sambar_default_accounts.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/sambar_default_accounts.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -63,7 +63,7 @@
 req = string(
 "POST /session/login HTTP/1.1\r\n",
 "Host: ", get_host_name(), "\r\n",
-"User-Agent: Mozilla/5.0 (Nessus; rv:1.2.1)\r\n",
+"User-Agent: Mozilla/5.0 (OpenVAS; rv:1.2.1)\r\n",
 "Accept: text/xml, text/html\r\n",
 "Accept-Language: us\r\n",
 "Content-Type: application/x-www-form-urlencoded\r\n",

Modified: trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -57,6 +57,11 @@
 }
 
 key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
+
+if(!registry_key_exists(key:key)){
+    exit(0);
+}
+
 foreach item (registry_enum_keys(key:key))
 {
   kvireName = registry_get_sz(key:key + item, item:"DisplayName");

Modified: trunk/openvas-plugins/scripts/sip.inc
===================================================================
--- trunk/openvas-plugins/scripts/sip.inc	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/sip.inc	2009-10-26 09:02:32 UTC (rev 5718)
@@ -29,7 +29,7 @@
         "Via: SIP/2.0/UDP ", this_host(), ":", port, "\r\n",
         "Max-Forwards: 70\r\n",
         "To: <sip:", this_host(), ":", port, ">\r\n",
-        "From: Nessus <sip:", this_host(), ":", port, ">\r\n",
+        "From: OpenVAS <sip:", this_host(), ":", port, ">\r\n",
         "Call-ID: ", rand(), "\r\n",
         "CSeq: 63104 OPTIONS\r\n",
         "Contact: <sip:", this_host(), ">\r\n",

Modified: trunk/openvas-plugins/scripts/smb_nt.inc
===================================================================
--- trunk/openvas-plugins/scripts/smb_nt.inc	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/smb_nt.inc	2009-10-26 09:02:32 UTC (rev 5718)
@@ -292,7 +292,7 @@
   	local_var pass_len_hi, pass_len_lo;
   	extra = 0;
   	native_os = "Unix";
-  	native_lanmanager = "Nessus";
+  	native_lanmanager = "OpenVAS";
 
   	if(!domain){
 		domain = "MYGROUP";
@@ -390,7 +390,7 @@
   
   	extra = 0;
   	native_os = "Unix";
-  	native_lanmanager = "Nessus";
+  	native_lanmanager = "OpenVAS";
   	if(!domain)domain = "WORKGROUP";
 
   	if(domain){

Modified: trunk/openvas-plugins/scripts/smb_registry_access.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smb_registry_access.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/smb_registry_access.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -132,7 +132,7 @@
  if(!r)
  {
 	security_note(data:"It was not possible to connect to PIPE\winreg on "+
-                           "the remote host. If you\nintend to use Nessus to "+
+                           "the remote host. If you\nintend to use OpenVAS to "+
                            "perform registry-based checks, the registry "+
                            "checks\nwill not work because the 'Remote "+
                            "Registry Access' service (winreg) has been\n" +

Modified: trunk/openvas-plugins/scripts/smb_virii.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smb_virii.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/smb_virii.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -14,7 +14,7 @@
  
  desc = "
 This script checks for the presence of different virii on the remote
-host, by using the SMB credentials you provide Nessus with.
+host, by using the SMB credentials you provide OpenVAS with.
 
 - W32/Badtrans-B
 - JS_GIGGER.A at mm

Modified: trunk/openvas-plugins/scripts/smtp_settings.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smtp_settings.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/smtp_settings.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -25,11 +25,11 @@
 
 The checks that rely on this are SMTP or DNS relay checks.
 
-By default, nessus.org is being used. However, under some
+By default, openvas.org is being used. However, under some
 circumstances, this may make leak packets from your network
 to this domain, thus compromising the privacy of your tests.
 
-While the owner of 'nessus.org' is not known to keep logs of
+While the owner of 'openvas.org' is not known to keep logs of
 such packet traces, you may want to change this value to
 maximize your privacy.
 
@@ -67,7 +67,7 @@
 fromaddr = script_get_preference("From address : ");
 toaddr = script_get_preference("To address : ");
 
-if (!fromaddr) fromaddr = "nessus at example.com";
+if (!fromaddr) fromaddr = "openvas at example.com";
 if (! toaddr) toaddr = "postmaster@[AUTO_REPLACED_IP]";
 
 if ("AUTO_REPLACED_IP" >< toaddr) { 

Modified: trunk/openvas-plugins/scripts/snmpwalk_portscan.nasl
===================================================================
--- trunk/openvas-plugins/scripts/snmpwalk_portscan.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/snmpwalk_portscan.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -28,9 +28,7 @@
  family = "Port scanners";
  script_family(family);
 
-# commented out dependency on proprietary plugin, once when we implement
-# it, we can uncomment it
-# script_dependencies("ping_host.nasl");
+ script_dependencies("ping_host.nasl");
 
  script_add_preference(name: "Community name :", type: "entry", value: "public");
  script_add_preference(name: "SNMP protocol :", type: "radio", value: "1;2c");

Modified: trunk/openvas-plugins/scripts/sslv2_hello_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sslv2_hello_overflow.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/sslv2_hello_overflow.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -82,7 +82,7 @@
                  0x02, 0x00, 0x03, 0x00,
                  0x00, 0x00, 0x10, 0x07,
                  0x00, 0xc0) 
-                 + crap(16, "NESSUS");
+                 + crap(16, "OpenVAS");
 
 send(socket:soc, data:req);
 res = recv(socket:soc, length:64);
@@ -102,7 +102,7 @@
                  0x02, 0x00, 0x03, 0x00,
                  0x00, 0x00, 0x38, 0x07,
                  0x00, 0xc0) 
-                 + crap(16, data:"NESSUS")
+                 + crap(16, data:"OpenVAS")
                  + crap(40, data:"VULN");
 
 send(socket:soc, data:req);

Modified: trunk/openvas-plugins/scripts/subversion_1_0_5.nasl
===================================================================
--- trunk/openvas-plugins/scripts/subversion_1_0_5.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/subversion_1_0_5.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -53,7 +53,7 @@
 if (! get_tcp_port_state(port))
 	exit(0);
 
-dat = string("( 2 ( edit-pipeline ) 24:svn://host/svn/nessusr0x ) ");
+dat = string("( 2 ( edit-pipeline ) 24:svn://host/svn/OpenVASr0x ) ");
 
 soc = open_sock_tcp(port);
 if (!soc)

Modified: trunk/openvas-plugins/scripts/subversion_1_0_6.nasl
===================================================================
--- trunk/openvas-plugins/scripts/subversion_1_0_6.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/subversion_1_0_6.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -52,7 +52,7 @@
 if (! get_tcp_port_state(port))
 	exit(0);
 
-dat = string("( 2 ( edit-pipeline ) 24:svn://host/svn/nessusr0x ) ");
+dat = string("( 2 ( edit-pipeline ) 24:svn://host/svn/OpenVASr0x ) ");
 
 soc = open_sock_tcp(port);
 if (!soc)

Modified: trunk/openvas-plugins/scripts/subversion_1_0_8.nasl
===================================================================
--- trunk/openvas-plugins/scripts/subversion_1_0_8.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/subversion_1_0_8.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -54,7 +54,7 @@
 if (! get_tcp_port_state(port))
 	exit(0);
 
-dat = string("( 2 ( edit-pipeline ) 24:svn://host/svn/nessusr0x ) ");
+dat = string("( 2 ( edit-pipeline ) 24:svn://host/svn/OpenVASr0x ) ");
 
 soc = open_sock_tcp(port);
 if (!soc)

Modified: trunk/openvas-plugins/scripts/sybase_asa_default_password.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sybase_asa_default_password.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/sybase_asa_default_password.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -84,7 +84,7 @@
 );
 pkt_bulk_copy = raw_string(0x00);
 pkt_magic2 = crap(data:nul, length:9);
-pkt_client = raw_string("nessus", crap(data:nul, length:24), 0x06);
+pkt_client = raw_string("OpenVA", crap(data:nul, length:24), 0x06);
 # database is here
 pkt_magic3 = raw_string(0x00);
 # password repeats here but with length first!

Modified: trunk/openvas-plugins/scripts/webalbum_local_file_include.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webalbum_local_file_include.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/webalbum_local_file_include.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -97,7 +97,7 @@
       "Plugin output :\n",
       "\n",
       "Here are the contents of the file '/etc/passwd' that\n",
-      "Nessus was able to read from the remote host :\n",
+      "OpenVAS was able to read from the remote host :\n",
       "\n",
       content
     );

Modified: trunk/openvas-plugins/scripts/webcalendar_info_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webcalendar_info_disclosure.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/webcalendar_info_disclosure.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -31,7 +31,7 @@
 
 http://www.securityfocus.com/archive/1/433053/30/0/threaded
 http://www.securityfocus.com/archive/1/436263/30/0/threaded
-http://www.nessus.org/u?2fe61fc9
+http://sourceforge.net/project/shownotes.php?group_id=3870&release_id=423010
 
 Solution :
 
@@ -85,8 +85,8 @@
   if ("webcalendar_session=deleted; expires" >< res && '<input name="login" id="user"' >< res)
   {
     postdata=string(
-	  "login=nessus", unixtime(), "&",
-	  "password=nessus"
+	  "login=openvas", unixtime(), "&",
+	  "password=openvas"
     );
     req = string(
    "POST ", url, " HTTP/1.1\r\n",

Modified: trunk/openvas-plugins/scripts/www_too_long_method.nasl
===================================================================
--- trunk/openvas-plugins/scripts/www_too_long_method.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/www_too_long_method.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -52,7 +52,7 @@
 
 include("http_func.inc");
 
-r = string(crap(data:"HEADNESSUSNESSUS", length: 2048), " / HTTP/1.0\r\n\r\n");
+r = string(crap(data:"HEADOPENVASOPENVAS", length: 2048), " / HTTP/1.0\r\n\r\n");
 
 port = get_http_port(default:80);
 

Modified: trunk/openvas-plugins/scripts/xst_http_trace.nasl
===================================================================
--- trunk/openvas-plugins/scripts/xst_http_trace.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/xst_http_trace.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -119,7 +119,7 @@
 		"\n\nPlugin output :\n\n",
 		report);
 
-file = "/Nessus"+rand() + ".html";	# Does not exist
+file = "/OpenVAS"+rand() + ".html";	# Does not exist
 
     cmd1 = http_get(item: file, port:port);
     cmd2 = cmd1;

Modified: trunk/openvas-plugins/scripts/yppasswdd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/yppasswdd.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/yppasswdd.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -100,7 +100,7 @@
 to a buffer overflow which would allow any user to obtain a root
 shell on this host.
 
-*** Nessus reports this vulnerability using only
+*** OpenVAS reports this vulnerability using only
 *** information that was gathered. Use caution
 *** when testing without safe checks enabled.
 

Modified: trunk/openvas-plugins/scripts/zeroblog_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/zeroblog_xss.nasl	2009-10-26 08:44:40 UTC (rev 5717)
+++ trunk/openvas-plugins/scripts/zeroblog_xss.nasl	2009-10-26 09:02:32 UTC (rev 5718)
@@ -62,7 +62,7 @@
 if (!can_host_php(port:port)) exit(0);
 if (get_kb_item(string("www/", port, "/generic_xss"))) exit(0);
 
-xss = "'<IFRAME SRC=javascript:alert(%27XSS DETECTED BY NESSUS%27)></IFRAME>";
+xss = "'<IFRAME SRC=javascript:alert(%27XSS DETECTED BY OpenVAS%27)></IFRAME>";
 exss = urlencode(str:xss);
 
 if (thorough_tests) dirs = make_list("/zeroblog", "/", "/blog", cgi_dirs());



More information about the Openvas-commits mailing list