[Openvas-commits] r9566 - in trunk/openvas-plugins: . scripts

[scm-commit@wald.intevation.org]

Author: mwiegand
Date: 2010-11-30 12:42:12 +0100 (Tue, 30 Nov 2010)
New Revision: 9566

Added:
   trunk/openvas-plugins/scripts/gb_collabtive_sql_inj_vuln.nasl
   trunk/openvas-plugins/scripts/gb_energine_cookie_sql_inj_vuln.nasl
   trunk/openvas-plugins/scripts/gb_getsimple_cms_detect.nasl
   trunk/openvas-plugins/scripts/gb_getsimple_cms_info_disc_vuln.nasl
   trunk/openvas-plugins/scripts/gb_justsystems_ichitaro_mult_code_exec_vuln.nasl
   trunk/openvas-plugins/scripts/gb_novell_zhm_bof_vuln.nasl
   trunk/openvas-plugins/scripts/gb_novell_zhm_detect.nasl
   trunk/openvas-plugins/scripts/gb_openttd_mult_use_after_free_dos_vuln.nasl
   trunk/openvas-plugins/scripts/gb_phpvidz_info_disc_vuln.nasl
   trunk/openvas-plugins/scripts/gb_proftpd_dos_vuln.nasl
   trunk/openvas-plugins/scripts/gb_proftpd_mult_vuln.nasl
   trunk/openvas-plugins/scripts/gb_zodb_zeo_server_dos_vuln.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/cpe.inc
Log:
(Committed on behalf of Chandrashekhar B)
  * scripts/gb_novell_zhm_bof_vuln.nasl,
  scripts/gb_proftpd_dos_vuln.nasl,
  scripts/gb_zodb_zeo_server_dos_vuln.nasl,
  scripts/gb_getsimple_cms_info_disc_vuln.nasl,
  scripts/gb_phpvidz_info_disc_vuln.nasl,
  scripts/gb_getsimple_cms_detect.nasl,
  scripts/gb_justsystems_ichitaro_mult_code_exec_vuln.nasl,
  scripts/gb_energine_cookie_sql_inj_vuln.nasl,
  scripts/gb_proftpd_mult_vuln.nasl,
  scripts/gb_openttd_mult_use_after_free_dos_vuln.nasl,
  scripts/gb_collabtive_sql_inj_vuln.nasl,
  scripts/gb_novell_zhm_detect.nasl:
  Added new plugins.

  * scripts/cpe.inc:
  Added new CPE's.


Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/ChangeLog	2010-11-30 11:42:12 UTC (rev 9566)
@@ -1,3 +1,22 @@
+2010-11-30  Chandrashekhar B <bchandra at secpod.com>
+
+	* scripts/gb_novell_zhm_bof_vuln.nasl,
+	scripts/gb_proftpd_dos_vuln.nasl,
+	scripts/gb_zodb_zeo_server_dos_vuln.nasl,
+	scripts/gb_getsimple_cms_info_disc_vuln.nasl,
+	scripts/gb_phpvidz_info_disc_vuln.nasl,
+	scripts/gb_getsimple_cms_detect.nasl,
+	scripts/gb_justsystems_ichitaro_mult_code_exec_vuln.nasl,
+	scripts/gb_energine_cookie_sql_inj_vuln.nasl,
+	scripts/gb_proftpd_mult_vuln.nasl,
+	scripts/gb_openttd_mult_use_after_free_dos_vuln.nasl,
+	scripts/gb_collabtive_sql_inj_vuln.nasl,
+	scripts/gb_novell_zhm_detect.nasl:
+	Added new plugins.
+
+	* scripts/cpe.inc:
+	Added new CPE's.
+
 2010-11-29  Michael Meyer <michael.meyer at greenbone.net>
 
 	* scripts/gb_joomla_com_img_44741.nasl,

Modified: trunk/openvas-plugins/scripts/cpe.inc
===================================================================
--- trunk/openvas-plugins/scripts/cpe.inc	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/cpe.inc	2010-11-30 11:42:12 UTC (rev 9566)
@@ -891,7 +891,9 @@
 "BlackBerry/Desktop/Win/Ver", "^([0-9.]+)", "cpe:/a:rim:blackberry_desktop_software:",
 "www/*/FCMS", "^([0-9.]+)", "cpe:/a:haudenschilt:family_connections_cms:",
 "SmartMail/Ver", "^([0-9.]+)", "cpe:/a:smartertools:smartermail:",
-"pyftpdlib/Ver", "^([0-9.]+)", "cpe:/a:g.rodola:pyftpdlib:"
+"pyftpdlib/Ver", "^([0-9.]+)", "cpe:/a:g.rodola:pyftpdlib:",
+"GetSimple_cms", "^([0-9.]+)", "cpe:/a:getsimple:getsimple:",
+"Novell/ZHM/Ver", "^([0-9.]+)", "cpe:/a:novell:zenworks_handheld_management:"
 
 );
 

Added: trunk/openvas-plugins/scripts/gb_collabtive_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_collabtive_sql_inj_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_collabtive_sql_inj_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,87 @@
+##############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_collabtive_sql_inj_vuln.nasl 12245 2010-11-24 16:33:29 nov $
+#
+# Collabtive 'managechat.php' SQL Injection Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801548);
+  script_version("$Revision$: 1.0");
+  script_cve_id("CVE-2010-4269");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Collabtive 'managechat.php' SQL Injection Vulnerability");
+  desc = "
+  Overview: This host is running Collabtive and is prone SQL injection
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaws are caused due to an improper validation of authentication cookies
+  in the 'managechat.php' script when processing the value of parameter 'actions'.
+
+  Impact:
+  Successful exploitation will let the attacker to bypass security
+  restrictions and gain unauthorized administrative access to the vulnerable
+  application.
+
+  Impact Level: Application.
+
+  Affected Software:
+  Collabtive version 0.6.5
+
+  Fix: No solution/patch is available as on 24th November, 2010. Information
+  regarding this issue will updated once the solution details are available.
+  For updates refer, http://www.collabtive.com
+
+  References:
+  http://xforce.iss.net/xforce/xfdb/62930
+  http://www.exploit-db.com/exploits/15381/ ";
+
+  script_description(desc);
+  script_summary("Check Collabtive vulnerable version");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("gb_collabtive_detect.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+port = get_http_port(default:80);
+if(!get_port_state(port)){
+  exit(0);
+}
+
+if(!version = get_version_from_kb(port:port, app:"collabtive")){
+  exit(0);
+}
+
+## Check the AV Arcade version
+if(version_is_equal(version:version, test_version:"0.6.5")){
+  security_hole(port);
+}

Added: trunk/openvas-plugins/scripts/gb_energine_cookie_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_energine_cookie_sql_inj_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_energine_cookie_sql_inj_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,103 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_energine_cookie_sql_inj_vuln.nasl 12094 2010-11-25 11:11:11Z nov $
+#
+# Energine 'NRGNSID' Cookie SQL Injection Vulnerability
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801643);
+  script_version("$Revision$: 1.0");
+  script_cve_id("CVE-2010-4185");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Energine 'NRGNSID' Cookie SQL Injection Vulnerability");
+  desc = "
+  Overview: The host is running Energine and is prone to SQL injection
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused by improper validation of user-supplied input via the
+  'NRGNSID' cookie to 'index.php', which allows attacker to manipulate SQL
+  queries by injecting arbitrary SQL code.
+
+  Impact:
+  Successful exploitation will let the attacker to cause SQL Injection attack
+  and gain sensitive information.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Energine Version 2.3.8 and prior.
+
+  Fix: No solution or patch is available as on 25th November, 2010. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://code.google.com/p/energine/
+
+  References:
+  http://secunia.com/advisories/41973
+  http://www.exploit-db.com/exploits/15327
+  http://www.htbridge.ch/advisory/sql_injection_in_energine.html ";
+
+  script_description(desc);
+  script_summary("Determine if Energine is prone to SQL Injection Vulnerability");
+  script_category(ACT_ATTACK);
+  script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("http_version.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("http_keepalive.inc");
+
+## Get HTTP Port
+port = get_http_port(default:80);
+if(!port){
+  exit(0);
+}
+
+foreach dir(make_list("/energine", "/energine/htdocs", cgi_dirs()))
+{
+  ## Send and Recieve the response
+  req = http_get (item: string (dir,"/"), port:port);
+  res = http_keepalive_send_recv(port:port,data:req);
+
+  ## Confirm the application
+  if(egrep(pattern:"Powered by.*>Energine<", string:res))
+  {
+    ## Try SQL injection
+    req = string(chomp(req), "\r\nCookie:  NRGNSID='\r\n\r\n");
+    res = http_keepalive_send_recv(port:port, data:req);
+
+    ## Confirm exploit worked by checking the response
+    if(("ERR_DATABASE_ERROR" >< res) &&
+       egrep(pattern: "DELETE.*FROM.*WHERE", string:res))
+    {
+      security_hole(port:port);
+      exit(0);
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_getsimple_cms_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_getsimple_cms_detect.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_getsimple_cms_detect.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,75 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_getsimple_cms_detect.nasl 12306 2010-11-25 16:25:36Z nov $
+#
+# GetSimple CMS version detection
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801550);
+  script_version("Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"None");
+  script_name("GetSimple CMS version detection");
+  desc = "
+  Overview: This script finds the running GetSimple CMS version and saves
+  the result in KB. ";
+
+  script_description(desc);
+  script_summary("Set the version of GetSimple CMS in KB");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+  script_family("Service detection");
+  script_family("Web application abuses");
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+## Get HTTP Port
+cmsPort = get_http_port(default:80);
+if(!cmsPort){
+  exit(0);
+}
+
+foreach dir (make_list("/GetSimple", "/GetSimple_2.01" , cgi_dirs()))
+{
+  ## Send and Receive request
+  sndReq = http_get(item:string(dir, "/index.php"), port:cmsPort);
+  rcvRes = http_send_recv(port:cmsPort, data:sndReq);
+
+  ## Confirm application is GetSimple CMS
+  if(">Powered by GetSimple<" >< rcvRes)
+  {
+    ## Grep the version
+    cmsVer = eregmatch(pattern:"> Version ([0-9.]+)<" , string:rcvRes);
+    if(cmsVer[1] != NULL)
+    {
+      set_kb_item(name:"www/" + cmsPort + "/GetSimple_cms",
+                value:cmsVer[1] + " under " + dir);
+      security_note(data:"GetSimple version " + cmsVer[1] + " running at location "
+                    + dir + " was detected on the host");
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_getsimple_cms_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_getsimple_cms_info_disc_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_getsimple_cms_info_disc_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,85 @@
+##############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_getsimple_cms_info_disc_vuln.nasl 12306 2010-11-25 16:33:29 nov $
+#
+# GetSimple CMS Administrative Credentials Disclosure Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801551);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("GetSimple CMS Administrative Credentials Disclosure Vulnerability");
+  desc = "
+  Overview: This host is running GetSimple CMS and is prone to administrative
+  credentials disclosure vulnerability.
+
+  Vulnerability Insight:
+  GetSimple does not use a SQL Database. Instead it uses a '.xml' files located
+  at  '/GetSimple/data'. The administrators username and password hash can be
+  obtained by navigating to the '/data/other/user.xml' xml file.
+
+  Impact:
+  Successful exploitation will allow remote attackers to obtain sensitive
+  information.
+
+  Impact Level: Application.
+
+  Affected Software:
+  GetSimple CMS 2.01 and 2.02
+
+  Fix: Apply the patch or upagrade to GetSimple CMS 2.03 or later,
+  For updates refer, http://get-simple.info/download/
+
+  References:
+  http://www.exploit-db.com/exploits/15605/ ";
+
+  script_description(desc);
+  script_summary("Check iformation disclosure vulnerability in GetSimple CMS");
+  script_category(ACT_ATTACK);
+  script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("gb_getsimple_cms_detect.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+include("http_func.inc");
+include("version_func.inc");
+include("http_keepalive.inc");
+
+gscmsPort = get_http_port(default:80);
+if(!gscmsPort){
+  exit(0);
+}
+
+if(!dir = get_dir_from_kb(port:gscmsPort, app:"GetSimple_cms")){
+  exit(0);
+}
+
+## Try attack and check the response to confirm vulnerability.
+if(http_vuln_check(port:gscmsPort, url:dir + "/data/other/user.xml",
+                   pattern:"(<PWD>.*</PWD>)")){
+  security_hole(port:gscmsPort);
+}

Added: trunk/openvas-plugins/scripts/gb_justsystems_ichitaro_mult_code_exec_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_justsystems_ichitaro_mult_code_exec_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_justsystems_ichitaro_mult_code_exec_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,88 @@
+##############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_justsystems_ichitaro_mult_code_exec_vuln.nasl 12099 2010-11-24 13:13:13 nov $
+#
+# JustSystems Ichitaro Multiple Remote Code Execution Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+################################i###############################################
+
+if(description)
+{
+  script_id(801642);
+  script_version("$Revision$: 1.0");
+  script_cve_id("CVE-2010-3915", "CVE-2010-3916");
+  script_bugtraq_id(44637);
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("JustSystems Ichitaro Multiple Remote Code Execution Vulnerabilities");
+  desc = "
+  Overview: This host is installed JustSystems Ichitaro and is prone to
+  multiple code execution vulnerabilities.
+
+  Vulnerability Insight:
+  The flaws are caused by an unspecified error when processing a malformed
+  document, which could be exploited to execute arbitrary code.
+
+  Impact:
+  Successful exploitation will let the attacker to execute arbitrary code
+  within the context of the vulnerable application.
+
+  Impact Level: Application.
+
+  Affected Software/OS:
+  JustSystems Ichitaro 2004 through 2010
+
+  Fix: Apply the patch, available from below link
+  http://www.justsystems.com/jp/info/js10003.html
+ 
+  *****
+  NOTE: Ignore this warning, if above mentioned workaround is manually applied.
+  *****
+
+  References:
+  http://secunia.com/advisories/42099
+  http://xforce.iss.net/xforce/xfdb/62997
+  http://www.justsystems.com/jp/info/js10003.html
+  http://www.vupen.com/english/advisories/2010/2885 ";
+
+  script_description(desc);
+  script_summary("Check for the version of JustSystems Ichitaro");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+  script_family("General");
+  script_dependencies("gb_justsystems_ichitaro_prdts_detect.nasl");
+  script_require_keys("Ichitaro/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get the version from KB
+ichitaroVer = get_kb_item("Ichitaro/Ver");
+
+if(ichitaroVer)
+{
+  # check for Ichitaro 2004 through 2010
+  if(version_in_range(version:ichitaroVer, test_version:"2004", test_version2:"2010")){
+    security_hole(0);
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_novell_zhm_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_novell_zhm_bof_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_novell_zhm_bof_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,88 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_novell_zhm_bof_vuln.nasl 12300 2010-11-25 16:16:16Z nov $
+#
+# Novell ZENworks Handheld Management 'ZfHIPCND.exe' Buffer Overflow Vulnerability
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801645);
+  script_version("$Revision$: 1.0");
+  script_bugtraq_id(44700);
+  script_cve_id("CVE-2010-4299");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Novell ZENworks Handheld Management 'ZfHIPCND.exe' Buffer Overflow Vulnerability");
+  desc = "
+  Overview: This host is installed with Novell ZENworks Handheld Management
+  and is prone to buffer overflow vulnerability.
+
+  Vulnerability Insight:
+  The flaw exists within module 'ZfHIPCND.exe', which allows remote attackers
+  to execute arbitrary code via a crafted request to TCP port 2400.
+
+  Impact:
+  Successful exploitation could allow remote attackers to execute arbitrary
+  code with SYSTEM privileges or cause denial of service.
+
+  Impact Level: Application/System
+
+  Affected Software/OS:
+  Novell ZENworks Handheld Management 7
+
+  Fix: Apply the patch, available from below link,
+  http://download.novell.com/Download?buildid=Sln2Lkqslmk~
+
+  *****
+  NOTE: Ignore this warning, if above mentioned patch is manually applied.
+  *****
+
+  References:
+  http://secunia.com/advisories/42130
+  http://www.securitytracker.com/id?1024691
+  http://www.zerodayinitiative.com/advisories/ZDI-10-230/
+  http://www.novell.com/support/viewContent.do?externalId=7007135 ";
+
+  script_description(desc);
+  script_summary("Check for the version of Novell ZENworks Handheld Management");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+  script_family("Buffer overflow");
+  script_dependencies("gb_novell_zhm_detect.nasl");
+  script_require_keys("Novell/ZHM/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get version from KB
+zhmVer = get_kb_item("Novell/ZHM/Ver");
+
+if(zhmVer)
+{
+  ##Grep for Novell ZENworks Handheld Management 7
+  if(version_in_range(version:zhmVer, test_version:"7.0", test_version2:"7.0.2.61213")){
+    security_hole(0);
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_novell_zhm_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_novell_zhm_detect.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_novell_zhm_detect.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,77 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_novell_zhm_detect.nasl 12300 2010-11-25 16:16:16Z nov $
+#
+# Novell ZENworks Handheld Management Version Detection
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801644);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"None");
+  script_name("Novell ZENworks Handheld Management Version Detection");
+  desc = "
+  Overview: This script finds the installed Novell ZENworks Handheld Management
+  version and saves the version in KB. ";
+
+  script_description(desc);
+  script_summary("Set the Version of Novell ZENworks Handheld Management in KB");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+  script_family("Service detection");
+  script_dependencies("secpod_reg_enum.nasl");
+  script_require_keys("SMB/WindowsVersion");
+  script_require_ports(139, 445);
+  exit(0);
+}
+
+
+include("smb_nt.inc");
+include("secpod_smb_func.inc");
+
+## Confirm Windows
+if(!get_kb_item("SMB/WindowsVersion")){
+  exit(0);
+}
+
+key = "SOFTWARE\Novell\ZENworks\Handheld Management\Server" ;
+
+##Confirm the application installation
+if(!registry_key_exists(key:key)){
+  exit(0);
+}
+
+##Check the name
+name = registry_get_sz(key:key, item:"Display Name");
+
+if("ZENworks Handheld Management Server" >< name)
+{
+  ## Get Novell ZENworks Handheld Management version from registry
+  ver = registry_get_sz(key:key, item:"Version");
+  if(ver != NULL)
+  {
+    set_kb_item(name:"Novell/ZHM/Ver", value:ver);
+    security_note(data: "Novell ZENworks Handheld Management version " + ver +
+                      " was detected on the host");
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_openttd_mult_use_after_free_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_openttd_mult_use_after_free_dos_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_openttd_mult_use_after_free_dos_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,94 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_openttd_mult_use_after_free_dos_vuln.nasl 12258 2010-11-23 19:00:16Z nov $
+#
+# OpenTTD Multiple use-after-free Denial of Service Vulnerabilities
+#
+# Authors:
+# Veerendra GG <veerendrgg at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(800184);
+  script_version("$Revision$: 1.0");
+  script_cve_id("CVE-2010-4168");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("OpenTTD Multiple use-after-free Denial of Service vulnerability");
+  desc = "
+  Overview: This host is installed with OpenTTD and is prone to multiple
+  denial of service vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to a use-after-free error, when a client disconnects
+  without sending the 'quit' or 'client error' message. This could cause a
+  vulnerable server to read from or write to freed memory leading to a denial
+  of service or it can also lead to arbitrary code execution.
+
+  Impact:
+  Successful exploitation will allow remote attackers to deny service to
+  legitimate users or arbitrary code execution.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  OpenTTD version before 1.0.5
+
+  Fix: Upgrade to the latest version of OpenTTD 1.0.5 or later,
+  For updates refer, http://www.openttd.org
+
+  References:
+  http://security.openttd.org/en/CVE-2010-4168
+  http://security.openttd.org/en/patch/28.patch
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the version of OpenTTD");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2010 SecPod");
+  script_family("Denial of Service");
+  script_dependencies("secpod_reg_enum.nasl");
+  script_require_keys("SMB/WindowsVersion");
+  script_require_ports(139, 445);
+  exit(0);
+}
+
+
+include("smb_nt.inc");
+include("version_func.inc");
+
+
+## Confirm Windows
+if(!get_kb_item("SMB/WindowsVersion")){
+  exit(0);
+}
+
+## Get Openttd Version from Registry
+key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenTTD";
+openttd_ver = registry_get_sz(key:key, item:"DisplayVersion");
+
+if(openttd_ver)
+{
+  ## Check for Version before 1.0.5
+  if(version_is_less(version:openttd_ver, test_version:"1.0.5")){
+    security_warning(0);
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_phpvidz_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_phpvidz_info_disc_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_phpvidz_info_disc_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,95 @@
+##############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_phpvidz_info_disc_vuln.nasl 0012305 2010-11-25 16:33:29 nov $
+#
+# PHPvidz Administrative Credentials Disclosure Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801549);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("PHPvidz Administrative Credentials Disclosure Vulnerability");
+  desc = "
+  Overview: This host is running PHPvidz and is prone to administrative
+  credentials disclosure vulnerability.
+
+  Vulnerability Insight:
+  phpvidz uses a system of flat files to maintain application state.
+  The administrative password is stored within the '.inc' file and
+  is included during runtime.
+
+  Impact:
+  Successful exploitation will allow remote attackers to obtain sensitive
+  information.
+
+  Impact Level: Application.
+
+  Affected Software:
+  PHPvidz version 0.9.5
+
+  Fix: No solution/patch is available as on 25th November, 2010. Information
+  regarding this issue will updated once the solution details are available.
+  For updates refer, http://sourceforge.net/projects/phpvidz/
+
+  References:
+  http://seclists.org/bugtraq/2010/May/129
+  http://www.exploit-db.com/exploits/15606/
+  http://www.mail-archive.com/bugtraq@securityfocus.com/msg33846.html ";
+
+  script_description(desc);
+  script_summary("Check information disclosure vulnerability in PHPvidz");
+  script_category(ACT_ATTACK);
+  script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("http_keepalive.inc");
+
+pcmsPort = get_http_port(default:80);
+if(!pcmsPort){
+  exit(0);
+}
+
+foreach dir (make_list("/phpvidz_0.9.5","/phpvidz"))
+{
+  sndReq = http_get(item:string(dir, "/index.php"), port:pcmsPort);
+  rcvRes = http_send_recv(port:pcmsPort, data:sndReq);
+
+  ## Confirm the application
+  if(">PHPvidz<" >< rcvRes)
+  {
+    ## Try attack and check the response to confirm vulnerability.
+    if(http_vuln_check(port:pcmsPort, url:dir + "/includes/init.inc",
+                       pattern:"(define .'ADMINPASSWORD)"))
+    {
+      security_hole(port:pcmsPort);
+      exit(0);
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_proftpd_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_proftpd_dos_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_proftpd_dos_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,90 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_proftpd_dos_vuln.nasl 12059 2010-11-24 13:13:13Z nov $
+#
+# ProFTPD Denial of Service Vulnerability
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801640);
+  script_version("$Revision$: 1.0");
+  script_cve_id("CVE-2008-7265");
+  script_tag(name:"cvss_base", value:"4.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("ProFTPD Denial of Service Vulnerability");
+  desc = "
+
+  Overview: The host is running ProFTPD and is prone to denial of service
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to an error in 'pr_data_xfer()' function which allows
+  remote authenticated users to cause a denial of service (CPU consumption)
+  via an ABOR command during a data transfer.
+
+  Impact:
+  Successful exploitation will let the attackers to cause a denial of service.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  ProFTPD versions prior to 1.3.2rc3
+
+  Fix: Upgrade to ProFTPD version 1.3.2rc3 or later,
+  For updates refer, http://www.proftpd.org/
+
+  References:
+  http://bugs.proftpd.org/show_bug.cgi?id=3131 ";
+
+  script_description(desc);
+  script_summary("Check for the version of ProFTPD");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+  script_family("FTP");
+  script_dependencies("secpod_proftpd_server_remote_detect.nasl");
+  script_require_keys("Services/ftp", 21);
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get FTP Port
+port = get_kb_item("Services/ftp");
+if(!port){
+  port = 21;
+}
+
+if(!get_port_state(port)){
+  exit(0);
+}
+
+## Get Version from KB
+version = get_kb_item("ProFTPD/Ver");
+if(!isnull(version))
+{
+  ## Check for ProFTPD versions prior to 1.3.2rc3
+  if(version_is_less(version:version,  test_version:"1.3.2.rc3")){
+    security_warning(port);
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_proftpd_mult_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_proftpd_mult_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_proftpd_mult_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_proftpd_mult_vuln.nasl 12059 2010-11-24 12:12:12Z nov $
+#
+# ProFTPD Multiple Remote Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801639);
+  script_version("$Revision$: 1.0");
+  script_cve_id("CVE-2010-3867", "CVE-2010-4221");
+  script_bugtraq_id(44562);
+  script_tag(name:"cvss_base", value:"10");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("ProFTPD Multiple Remote Vulnerabilities");
+  desc = "
+
+  Overview: The host is running ProFTPD and is prone to multiple vulnerabilities.
+
+  Vulnerability Insight:
+  - An input validation error within the 'mod_site_misc' module can be exploited
+    to create and delete directories, create symlinks, and change the time of
+    files located outside a writable directory.
+  - A logic error within the 'pr_netio_telnet_gets()' function in 'src/netio.c'
+    when processing user input containing the Telnet IAC escape sequence can be
+    exploited to cause a stack-based buffer overflow by sending specially
+    crafted input to the FTP or FTPS service.
+
+  Impact:
+  Successful exploitation may allow execution of arbitrary code or cause a
+  denial-of-service.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  ProFTPD versions prior to 1.3.3c
+
+  Fix: Upgrade to ProFTPD version 1.3.3c or later,
+  For updates refer, http://www.proftpd.org/
+
+  References:
+  http://secunia.com/advisories/42052
+  http://bugs.proftpd.org/show_bug.cgi?id=3519
+  http://bugs.proftpd.org/show_bug.cgi?id=3521
+  http://www.zerodayinitiative.com/advisories/ZDI-10-229/ ";
+
+  script_description(desc);
+  script_summary("Check for the version of ProFTPD");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+  script_family("FTP");
+  script_dependencies("secpod_proftpd_server_remote_detect.nasl");
+  script_require_keys("Services/ftp", 21);
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get FTP Port
+port = get_kb_item("Services/ftp");
+if(!port){
+  port = 21;
+}
+
+if(!get_port_state(port)){
+  exit(0);
+}
+
+## Get Version from KB
+version = get_kb_item("ProFTPD/Ver");
+if(!isnull(version))
+{
+  ## Check for ProFTPD versions prior to 1.3.3c
+  if(version_is_less(version:version,  test_version:"1.3.3.c")){
+    security_hole(port);
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_zodb_zeo_server_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_zodb_zeo_server_dos_vuln.nasl	2010-11-30 08:22:00 UTC (rev 9565)
+++ trunk/openvas-plugins/scripts/gb_zodb_zeo_server_dos_vuln.nasl	2010-11-30 11:42:12 UTC (rev 9566)
@@ -0,0 +1,105 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_zodb_zeo_server_dos_vuln.nasl 11740 2010-11-24 18:10:34Z nov $
+#
+# Zope Object Database ZEO Server Denial of Service Vulnerability
+#
+# Authors:
+# Veerendra GG <veerendragg at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(800185);
+  script_version("$Revision$: 1.0");
+  script_cve_id("CVE-2010-3495");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Zope Object Database ZEO Server Denial of Service Vulnerability");
+  desc = "
+  Overview:
+  This host is running Zope Object Database and is prone to denial of service
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused by input validation error in file 'ZEO/StorageServer.py'
+  in 'notifyConnected()' function, when an unexpected value of None for the
+  address or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error encountered.
+
+  Impact:
+  Successful exploitation will let the remote unauthenticated attackers to
+  cause a denial of service.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Zope Object Database (ZODB) before 3.10.0
+
+  Fix: Upgrade to version of Zope Object Database (ZODB) 3.10.0 or later
+  For updates refer, http://www.zodb.org/
+
+  Also apply the patch from,
+  http://launchpadlibrarian.net/10338640/patch.diff
+
+  References:
+  http://secunia.com/advisories/41755
+  https://bugs.launchpad.net/zodb/+bug/135108
+  http://www.openwall.com/lists/oss-security/2010/09/24/3
+
+  ";
+
+  script_description(desc);
+  script_summary("Check ZODB is vulnerable by sending crafted pacakets");
+  script_category(ACT_DENIAL);
+  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+  script_family("Denial of Service");
+  script_dependencies("find_service.nes");
+  script_require_ports(8090, 8100);
+  exit(0);
+}
+
+## Default ZODB Ports 8090, 8100
+## exit if ports are not listening
+zodbPort = 8090 ;
+if(!get_port_state(zodbPort))
+{
+  zodbPort = 8100 ;
+  if(!get_port_state(zodbPort)){
+    exit(0);
+  }
+}
+
+## Open TCP Socket and immediately close the socket
+## without sending any data this will trigger an exception
+## at server side causing denial of service
+soc = open_sock_tcp(zodbPort);
+if(!soc){
+  exit(0);
+}
+close(soc);
+
+sleep(5);
+
+## Check still ZODB is listening
+soc = open_sock_tcp(zodbPort);
+if(!soc){
+  security_warning(zodbPort);
+  exit(0);
+}
+close(soc);