[Openvas-commits] r9305 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Thu Oct 28 11:50:43 CEST 2010
Author: chandra
Date: 2010-10-28 11:50:37 +0200 (Thu, 28 Oct 2010)
New Revision: 9305
Added:
trunk/openvas-plugins/scripts/gb_adobe_flash_player_untrusted_search_path_vuln_win.nasl
trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_lin.nasl
trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_win.nasl
trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win.nasl
trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win01.nasl
trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_vuln_win_oct10.nasl
trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_xss_vuln_win.nasl
trunk/openvas-plugins/scripts/gb_mozilla_prdts_unspecified_vuln_win.nasl
trunk/openvas-plugins/scripts/gb_opera_mult_vuln_oct10_win.nasl
trunk/openvas-plugins/scripts/gb_pyftpdlib_detect.nasl
trunk/openvas-plugins/scripts/gb_pyftpdlib_dos_vuln.nasl
trunk/openvas-plugins/scripts/gb_pyftpdlib_info_disc_vuln.nasl
trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_dir_trav_vuln.nasl
trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln.nasl
trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_01.nasl
trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_02.nasl
trunk/openvas-plugins/scripts/gb_sun_java_se_mult_vuln_oct10_win.nasl
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/scripts/cpe.inc
trunk/openvas-plugins/scripts/gb_squid_42645.nasl
trunk/openvas-plugins/scripts/gb_twiki_44103.nasl
Log:
Added new plugins
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/ChangeLog 2010-10-28 09:50:37 UTC (rev 9305)
@@ -1,3 +1,31 @@
+2010-10-28 Chandrashekhar B <bchandra at secpod.com>
+
+ * scripts/gb_google_chrome_mult_vuln_oct10_lin.nasl,
+ scripts/gb_opera_mult_vuln_oct10_win.nasl,
+ scripts/gb_pyftpdlib_info_disc_vuln.nasl,
+ scripts/gb_mozilla_prdts_mult_unspecified_vuln_win.nasl,
+ scripts/gb_pyftpdlib_mult_vuln_02.nasl,
+ scripts/gb_google_chrome_mult_vuln_oct10_win.nasl,
+ scripts/gb_pyftpdlib_mult_vuln.nasl,
+ scripts/gb_pyftpdlib_dos_vuln.nasl,
+ scripts/gb_mozilla_prdts_mult_xss_vuln_win.nasl,
+ scripts/gb_adobe_flash_player_untrusted_search_path_vuln_win.nasl,
+ scripts/gb_pyftpdlib_mult_dir_trav_vuln.nasl,
+ scripts/gb_pyftpdlib_mult_vuln_01.nasl,
+ scripts/gb_mozilla_prdts_mult_unspecified_vuln_win01.nasl,
+ scripts/gb_mozilla_prdts_unspecified_vuln_win.nasl,
+ scripts/gb_pyftpdlib_detect.nasl,
+ scripts/gb_mozilla_prdts_mult_vuln_win_oct10.nasl,
+ scripts/gb_sun_java_se_mult_vuln_oct10_win.nasl:
+ Added new plugins.
+
+ * scripts/gb_squid_42645.nasl,
+ scripts/gb_twiki_44103.nasl:
+ Added CVE's.
+
+ * scripts/cpe.inc:
+ Added new CPE.
+
2010-10-26 Michael Meyer <michael.meyer at greenbone.net>
* scripts/secpod_ocs_inventory_ng_detect.nasl:
Modified: trunk/openvas-plugins/scripts/cpe.inc
===================================================================
--- trunk/openvas-plugins/scripts/cpe.inc 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/cpe.inc 2010-10-28 09:50:37 UTC (rev 9305)
@@ -890,7 +890,8 @@
"Google-Chrome/Linux/Ver", "^([0-9.]+)", "cpe:/a:google:chrome:",
"BlackBerry/Desktop/Win/Ver", "^([0-9.]+)", "cpe:/a:rim:blackberry_desktop_software:",
"www/*/FCMS", "^([0-9.]+)", "cpe:/a:haudenschilt:family_connections_cms:",
-"SmartMail/Ver", "^([0-9.]+)", "cpe:/a:smartertools:smartermail:"
+"SmartMail/Ver", "^([0-9.]+)", "cpe:/a:smartertools:smartermail:",
+"pyftpdlib/Ver", "^([0-9.]+)", "cpe:/a:g.rodola:pyftpdlib:"
);
Added: trunk/openvas-plugins/scripts/gb_adobe_flash_player_untrusted_search_path_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_adobe_flash_player_untrusted_search_path_vuln_win.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_adobe_flash_player_untrusted_search_path_vuln_win.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_adobe_flash_player_untrusted_search_path_vuln_win.nasl 11741 2010-10-21 13:33:15Z oct $
+#
+# Adobe Flash Player Untrusted search path vulnerability (Windows)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801465);
+ script_version("Revision$:1.0");
+ script_cve_id("CVE-2010-3976");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Adobe Flash Player Untrusted search path vulnerability (windows)");
+ desc = "
+ Overview: This host is installed with Adobe Flash Player and is prone to
+ untrusted search path vulnerability.
+
+ iVulnerability Insight:
+ The application passes an insufficiently qualified path in loading its
+ external libraries 'dwmapi.dll'.
+
+ Impact:
+ Successful exploitation will let the attackers to trigger user to save a
+ malicious dll file in users Desktop.
+
+ Impact Level: Application/System.
+
+ Affected Software/OS:
+ Adobe Flash Player version 10.1.0 through 10.1.82.76
+
+ Fix: No solution or patch is available as on 06 th September, 2010. Information
+ regarding this issue will be updated once the solution details are available.
+ For updates refer, http://www.adobe.com/support/flashplayer/downloads.html
+
+ References:
+ http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-09/msg00070.html
+ http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/[flash_player]_10.1.x_insecure_dll_hijacking_(dwmapi.dll) ";
+
+ script_description(desc);
+ script_summary("Check for the version of Adobe Flash Player");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("General");
+ script_dependencies("gb_adobe_flash_player_detect_win.nasl");
+ script_require_keys("AdobeFlashPlayer/Win/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+# Check for Adobe Flash Player
+playerVer = get_kb_item("AdobeFlashPlayer/Win/Ver");
+if(playerVer != NULL)
+{
+ if(version_in_range(version:playerVer, test_version:"10.1.0", test_version2:"10.1.82.76")){
+ security_hole(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_adobe_flash_player_untrusted_search_path_vuln_win.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_lin.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_lin.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_google_chrome_mult_vuln_oct10_lin.nasl 11853 2010-10-26 15:50:17 oct $
+#
+# Google Chrome multiple vulnerabilities - October 10(Linux)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801472);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2010-4033", "CVE-2010-4035", "CVE-2010-4034", "CVE-2010-4036",
+ "CVE-2010-4037", "CVE-2010-4038", "CVE-2010-4040", "CVE-2010-4039",
+ "CVE-2010-4041", "CVE-2010-4042");
+ script_bugtraq_id(44241);
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Google Chrome multiple vulnerabilities - October 10(Linux)");
+ desc = "
+ Overview: The host is running Google Chrome and is prone to multiple
+ vulnerabilities.
+
+ Vulnerability Insight:
+ The flaws are caused due to,
+ - An unknown error related to 'autofill/autocomplete' profile spamming.
+ - Memory corruption error when processing malformed forms, which could be
+ exploited to execute arbitrary code.
+ - A memory corruption error related to form 'autofill'.
+ - An error when handling page unloads, which could allow URL spoofing attacks.
+ - An unspecified error which could allow malicious web sites to bypass the
+ pop-up blocker.
+ - An error related to shutdown with 'Web Sockets'.
+ - A bad construction of the 'PATH' variable.
+ - A memory corruption error when processing animated 'GIFs'.
+ - Failure to sandbox worker processes on Linux.
+ - Error in Stale elements in an element map.
+
+ Impact:
+ Successful exploitation could allow the attackers to execute arbitrary code
+ in the context of the browser, cause denial-of-service conditions, carry out
+ spoofing attacks, gain access to sensitive information, and bypass intended
+ security restrictions.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ Google Chrome version prior to 7.0.517.41 on linux
+
+ Fix: Upgrade to the Google Chrome 7.0.517.41 or later,
+ For updates refer, http://www.google.com/chrome
+
+ References:
+ http://secunia.com/advisories/41888
+ http://www.vupen.com/english/advisories/2010/2731
+ http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html ";
+
+ script_description(desc);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_summary("Check the version of Google Chrome");
+ script_category(ACT_GATHER_INFO);
+ script_family("General");
+ script_dependencies("gb_google_chrome_detect_lin.nasl");
+ script_require_keys("Google-Chrome/Linux/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get the version from KB
+chromeVer = get_kb_item("Google-Chrome/Linux/Ver");
+if(!chromeVer){
+ exit(0);
+}
+
+## Check for Google Chrome Version less than 7.0.517.41
+if(version_is_less(version:chromeVer, test_version:"7.0.517.41")){
+ security_hole(0);
+}
Property changes on: trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_lin.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_win.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_win.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,95 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_google_chrome_mult_vuln_oct10_win.nasl 11853 2010-10-26 16:10:17 oct $
+#
+# Google Chrome multiple vulnerabilities - October 10(Windows)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801473);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2010-4033", "CVE-2010-4035", "CVE-2010-4034", "CVE-2010-4036",
+ "CVE-2010-4037", "CVE-2010-4038", "CVE-2010-4040", "CVE-2010-4042");
+ script_bugtraq_id(44241);
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Google Chrome multiple vulnerabilities - October 10(Windows)");
+ desc = "
+ Overview: The host is running Google Chrome and is prone to multiple
+ vulnerabilities.
+
+ Vulnerability Insight:
+ The flaws are caused due to,
+ - An unknown error related to 'autofill/autocomplete' profile spamming.
+ - Memory corruption error when processing malformed forms, which could be
+ exploited to execute arbitrary code.
+ - A memory corruption error related to form 'autofill'.
+ - An error when handling page unloads, which could allow URL spoofing attacks.
+ - An unspecified error which could allow malicious web sites to bypass the
+ pop-up blocker.
+ - An error related to shutdown with 'Web Sockets'.
+ - A memory corruption error when processing animated 'GIFs'.
+ - Error in Stale elements in an element map.
+
+ Impact:
+ Successful exploitation could allow the attackers to execute arbitrary code
+ in the context of the browser, cause denial-of-service conditions, carry out
+ spoofing attacks, gain access to sensitive information, and bypass intended
+ security restrictions.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ Google Chrome version prior to 7.0.517.41
+
+ Fix: Upgrade to the Google Chrome 7.0.517.41 or later,
+ For updates refer, http://www.google.com/chrome
+
+ References:
+ http://secunia.com/advisories/41888
+ http://www.vupen.com/english/advisories/2010/2731
+ http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html ";
+
+ script_description(desc);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_summary("Check the version of Google Chrome");
+ script_category(ACT_GATHER_INFO);
+ script_family("General");
+ script_dependencies("gb_google_chrome_detect_win.nasl");
+ script_require_keys("GoogleChrome/Win/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get the version from KB
+chromeVer = get_kb_item("GoogleChrome/Win/Ver");
+if(!chromeVer){
+ exit(0);
+}
+
+## Check for Google Chrome Version less than 7.0.517.41
+if(version_is_less(version:chromeVer, test_version:"7.0.517.41")){
+ security_hole(0);
+}
Property changes on: trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_oct10_win.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,97 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_mozilla_prdts_mult_unspecified_vuln_win.nasl 11852 2010-10-26 11:45:33Z oct $
+#
+# Mozilla Products Multiple Unspecified Vulnerabilities (Windows)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801468);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2010-3175");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Mozilla Products Multiple Unspecified Vulnerabilities (Windows)");
+ desc = "
+ Overview:
+ The host is installed with Mozilla Firefox/Thunderbird and is prone
+ to multiple vulnerabilities.
+
+ Vulnerability Insight:
+ The flaws are caused due to multiple unspecified vulnerabilities in the
+ browser engine.
+
+ Impact:
+ Successful exploitation will let attackers to cause a denial of service
+ or execute arbitrary code.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ Firefox version 3.6.x before 3.6.11
+ Thunderbird version 3.1.x before 3.1.5
+
+ Fix:
+ Upgrade to Firefox version 3.6.11 or later
+ http://www.mozilla.com/en-US/firefox/all.html
+
+ Upgrade to Thunderbird version 3.1.5 or later
+ http://www.mozillamessaging.com/en-US/thunderbird/
+
+ References:
+ http://www.mozilla.org/security/announce/2010/mfsa2010-64.html ";
+
+ script_description(desc);
+ script_summary("Check for the version of Mozilla Products");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("General");
+ script_dependencies("gb_firefox_detect_win.nasl", "gb_thunderbird_detect_win.nasl");
+ script_require_keys("Firefox/Win/Ver", "Thunderbird/Win/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+# Firefox Check
+ffVer = get_kb_item("Firefox/Win/Ver");
+if(ffVer)
+{
+ # Grep for Firefox version
+ if(version_in_range(version:ffVer, test_version:"3.6.0", test_version2:"3.6.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+}
+
+# Thunderbird Check
+tbVer = get_kb_item("Thunderbird/Win/Ver");
+if(tbVer != NULL)
+{
+ # Grep for Thunderbird version
+ if(version_in_range(version:tbVer, test_version:"3.1.0", test_version2:"3.1.5")){
+ security_hole(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win.nasl
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win01.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win01.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,116 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_mozilla_prdts_mult_unspecified_vuln_win01.nasl 11852 2010-10-26 12:30:33Z oct $
+#
+# Mozilla Products Multiple Unspecified Vulnerabilities October-10(Windows)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801470);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2010-3176");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Mozilla Products Multiple Unspecified Vulnerabilities October-10(Windows)");
+ desc = "
+ Overview:
+ The host is installed with Mozilla Firefox/Seamonkey/Thunderbird and is prone
+ to multiple vulnerabilities.
+
+ Vulnerability Insight:
+ The flaws are caused due to multiple unspecified vulnerabilities in the
+ browser engine.
+
+ Impact:
+ Successful exploitation will let attackers to to cause a denial of service
+ or execute arbitrary code.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ SeaMonkey version before 2.0.9
+ Thunderbird version before 3.0.9 and 3.1.x before 3.1.5
+ Firefox version 3.5.x before 3.5.14 and 3.6.x before 3.6.11
+
+ Fix:
+ Upgrade to Firefox version 3.6.11 or 3.5.14 or later
+ http://www.mozilla.com/en-US/firefox/all.html
+
+ Upgrade to Thunderbird version 3.1.5 or 3.0.9 or later
+ http://www.mozillamessaging.com/en-US/thunderbird/
+
+ Upgrade to Seamonkey version 2.0.9 or later
+ http://www.seamonkey-project.org/releases/
+
+ References:
+ http://www.mozilla.org/security/announce/2010/mfsa2010-64.html ";
+
+ script_description(desc);
+ script_summary("Check for the version of Mozilla Products");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("General");
+ script_dependencies("gb_firefox_detect_win.nasl", "gb_thunderbird_detect_win.nasl",
+ "gb_seamonkey_detect_win.nasl");
+ script_require_keys("Firefox/Win/Ver", "Thunderbird/Win/Ver", "Seamonkey/Win/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+# Firefox Check
+ffVer = get_kb_item("Firefox/Win/Ver");
+if(ffVer)
+{
+ # Grep for Firefox version
+ if(version_in_range(version:ffVer, test_version:"3.6.0", test_version2:"3.6.10")||
+ version_in_range(version:ffVer, test_version:"3.5.0", test_version2:"3.5.13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+}
+
+# Seamonkey Check
+smVer = get_kb_item("Seamonkey/Win/Ver");
+if(smVer != NULL)
+{
+ # Grep for Seamonkey version
+ if(version_is_less(version:smVer, test_version:"2.0.9"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+}
+
+# Thunderbird Check
+tbVer = get_kb_item("Thunderbird/Win/Ver");
+if(tbVer != NULL)
+{
+ # Grep for Thunderbird version
+ if(version_is_less(version:tbVer, test_version:"3.0.9") ||
+ version_in_range(version:tbVer, test_version:"3.1.0", test_version2:"3.1.4")){
+ security_hole(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_win01.nasl
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_vuln_win_oct10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_vuln_win_oct10.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_vuln_win_oct10.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,134 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_mozilla_prdts_mult_vuln_win_oct10.nasl 11852 2010-10-26 10:55:33Z oct $
+#
+# Mozilla Products Multiple Vulnerabilities october-10 (Windows)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801467);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2010-3170", "CVE-2010-3173", "CVE-2010-3179", "CVE-2010-3178",
+ "CVE-2010-3181", "CVE-2010-3180", "CVE-2010-3183");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Mozilla Products Multiple Vulnerabilities October-10 (Windows)");
+ desc = "
+ Overview:
+ The host is installed with Mozilla Firefox/Seamonkey/Thunderbird and is prone
+ to multiple vulnerabilities.
+
+ Vulnerability Insight:
+ The flaws are due to:
+ - A wildcard IP address in the 'subject&qts' Common Name field of an X.509
+ certificate.
+ - not properly setting the minimum key length for 'Diffie-Hellman Ephemeral'
+ (DHE) mode, which makes it easier for remote attackers to defeat
+ cryptographic protection mechanisms via a brute-force attack.
+ - Passing an excessively long string to 'document.write' could cause text
+ rendering routines to end up in an inconsistent state with sections of
+ stack memory being overwritten with the string data.
+ - not properly handling certain modal calls made by 'javascript: URLs' in
+ circumstances related to opening a new window and performing cross-domain
+ navigation.
+ - an untrusted search path vulnerability.
+ - Use-after-free vulnerability in the nsBarProp function.
+ - error in 'LookupGetterOrSetter' function, which does not properly support
+ 'window.__lookupGetter__ function' calls that lack arguments.
+
+ Impact:
+ Successful exploitation will let attackers to to cause a denial of service
+ or execute arbitrary code.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ Seamonkey version prior to 2.0.9
+ Firefox version prior to 3.5.14 and 3.6.x before 3.6.11
+ Thunderbird version proior to 3.0.9 and 3.1.x before 3.1.5
+
+ Fix:
+ Upgrade to Firefox version 3.6.11 or 3.5.14 or later
+ http://www.mozilla.com/en-US/firefox/all.html
+
+ Upgrade to Seamonkey version 2.0.9 or later
+ http://www.seamonkey-project.org/releases/
+
+ Upgrade to Thunderbird version 3.0.9 or 3.1.5 or later
+ http://www.mozillamessaging.com/en-US/thunderbird/
+
+ References:
+ http://www.mozilla.org/security/announce/2010/mfsa2010-70.html
+ http://www.mozilla.org/security/announce/2010/mfsa2010-72.html
+ http://www.mozilla.org/security/announce/2010/mfsa2010-65.html
+ http://www.mozilla.org/security/announce/2010/mfsa2010-69.html ";
+
+ script_description(desc);
+ script_summary("Check for the version of Mozilla Products");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("General");
+ script_dependencies("gb_firefox_detect_win.nasl", "gb_seamonkey_detect_win.nasl",
+ "gb_thunderbird_detect_win.nasl");
+ script_require_keys("Firefox/Win/Ver", "Seamonkey/Win/Ver", "Thunderbird/Win/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+# Firefox Check
+ffVer = get_kb_item("Firefox/Win/Ver");
+if(ffVer)
+{
+ # Grep for Firefox version
+ if(version_is_less(version:ffVer, test_version:"3.5.14") ||
+ version_in_range(version:ffVer, test_version:"3.6.0", test_version2:"3.6.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+}
+
+# Seamonkey Check
+smVer = get_kb_item("Seamonkey/Win/Ver");
+if(smVer != NULL)
+{
+ # Grep for Seamonkey version
+ if(version_is_less(version:smVer, test_version:"2.0.9"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+}
+
+# Thunderbird Check
+tbVer = get_kb_item("Thunderbird/Win/Ver");
+if(tbVer != NULL)
+{
+ # Grep for Thunderbird version
+ if(version_is_less(version:tbVer, test_version:"3.0.9") ||
+ version_in_range(version:tbVer, test_version:"3.1.0", test_version2:"3.1.4")){
+ security_hole(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_vuln_win_oct10.nasl
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_xss_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_xss_vuln_win.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_xss_vuln_win.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,99 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_mozilla_prdts_mult_xss_vuln_win.nasl 11852 2010-10-26 12:48:33Z oct $
+#
+# Mozilla Products Multiple Cross-site Scripting Vulnerabilities (Windows)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801471);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2010-3177");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Mozilla Products Multiple Cross-site Scripting Vulnerabilities (Windows)");
+ desc = "
+ Overview:
+ The host is installed with Mozilla Firefox/Seamonkey and is prone
+ to multiple vulnerabilities.
+
+ Vulnerability Insight:
+ The flaw is caused due to an error in functions used by the 'Gopher parser'
+ to convert text to HTML tags, could be exploited to turn text into executable
+ JavaScript.
+
+ Impact:
+ Successful exploitation will let attackers to inject arbitrary web script or
+ HTML via a crafted name of a file or directory on a Gopher server.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ SeaMonkey version before 2.0.9
+ Firefox version before 3.5.14 and 3.6.x before 3.6.11
+
+ Fix:
+ Upgrade to Firefox version 3.6.11 or 3.5.14 or later
+ http://www.mozilla.com/en-US/firefox/all.html
+
+ Upgrade to Seamonkey version 2.0.9 or later
+ http://www.seamonkey-project.org/releases/
+
+ References:
+ http://www.mozilla.org/security/announce/2010/mfsa2010-68.html ";
+
+ script_description(desc);
+ script_summary("Check for the version of Mozilla Products");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("General");
+ script_dependencies("gb_firefox_detect_win.nasl", "gb_seamonkey_detect_win.nasl");
+ script_require_keys("Firefox/Win/Ver", "Seamonkey/Win/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+# Firefox Check
+ffVer = get_kb_item("Firefox/Win/Ver");
+if(ffVer)
+{
+ # Grep for Firefox version
+ if(version_is_less(version:ffVer, test_version:"3.5.14") ||
+ version_in_range(version:ffVer, test_version:"3.6.0", test_version2:"3.6.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+}
+
+# Seamonkey Check
+smVer = get_kb_item("Seamonkey/Win/Ver");
+if(smVer != NULL)
+{
+ # Grep for Seamonkey version
+ if(version_is_less(version:smVer, test_version:"2.0.9")){
+ security_hole(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_xss_vuln_win.nasl
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_mozilla_prdts_unspecified_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mozilla_prdts_unspecified_vuln_win.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_mozilla_prdts_unspecified_vuln_win.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,113 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_mozilla_prdts_unspecified_vuln_win.nasl 11852 2010-10-26 12:10:33Z oct $
+#
+# Mozilla Products Unspecified Vulnerability (Windows)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801469);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2010-3174");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Mozilla Products Unspecified Vulnerability (Windows)");
+ desc = "
+ Overview:
+ The host is installed with Mozilla Firefox/Seamonkey/Thunderbird and is prone
+ to unspecified vulnerability.
+
+ Vulnerability Insight:
+ The flaw is caused due to an unspecified vulnerability in the browser engine.
+
+ Impact:
+ Successful exploitation will let attackers to to cause a denial of service
+ or execute arbitrary code.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ SeaMonkey version before 2.0.9
+ Thunderbird version before 3.0.9
+ Firefox version 3.5.x before 3.5.14
+
+ Fix:
+ Upgrade to Firefox version 3.5.14 or later
+ http://www.mozilla.com/en-US/firefox/all.html
+
+ Upgrade to Thunderbird version 3.0.9 or later
+ http://www.mozillamessaging.com/en-US/thunderbird/
+
+ Upgrade to Seamonkey version 2.0.9 or later
+ http://www.seamonkey-project.org/releases/
+
+ References:
+ http://www.mozilla.org/security/announce/2010/mfsa2010-64.html ";
+
+ script_description(desc);
+ script_summary("Check for the version of Mozilla Products");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("General");
+ script_dependencies("gb_firefox_detect_win.nasl", "gb_thunderbird_detect_win.nasl",
+ "gb_seamonkey_detect_win.nasl");
+ script_require_keys("Firefox/Win/Ver", "Thunderbird/Win/Ver", "Seamonkey/Win/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+# Firefox Check
+ffVer = get_kb_item("Firefox/Win/Ver");
+if(ffVer)
+{
+ # Grep for Firefox version
+ if(version_in_range(version:ffVer, test_version:"3.5.0", test_version2:"3.5.13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+}
+
+# Seamonkey Check
+smVer = get_kb_item("Seamonkey/Win/Ver");
+if(smVer != NULL)
+{
+ # Grep for Seamonkey version
+ if(version_is_less(version:smVer, test_version:"2.0.9"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+}
+
+# Thunderbird Check
+tbVer = get_kb_item("Thunderbird/Win/Ver");
+if(tbVer != NULL)
+{
+ # Grep for Thunderbird version
+ if(version_is_less(version:tbVer, test_version:"3.0.9")){
+ security_hole(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_mozilla_prdts_unspecified_vuln_win.nasl
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_opera_mult_vuln_oct10_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_opera_mult_vuln_oct10_win.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_opera_mult_vuln_oct10_win.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,97 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_opera_mult_vuln_oct10_win.nasl 11854 2010-10-28 11:27:11Z oct $
+#
+# Opera Browser Multiple Vulnerabilities October-10 (Windows)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801474);
+ script_version("Revision$:1.0");
+ script_cve_id("CVE-2010-4043", "CVE-2010-4044", "CVE-2010-4046", "CVE-2010-4045",
+ "CVE-2010-4047", "CVE-2010-4049", "CVE-2010-4048", "CVE-2010-4050");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Opera Browser Multiple Vulnerabilities October-10 (Windows)");
+ desc = "
+ Overview: The host is installed with Opera browser and is prone to multiple
+ vulnerabilities.
+
+ Vulnerability Insight:
+ Multiple flaws are cause due to:
+ - Failure to prevent interpretation of a 'cross-origin' document as a 'CSS'
+ stylesheet when the document lacks a CSS token sequence.
+ - An error when altering the size of the browser window may cause the wrong
+ part of the URL of a web page to be displayed.
+ - An error in the handling of reloads and redirects combined with caching may
+ result in scripts executing in the wrong security context.
+ - Failure to properly verify the origin of video content, which allows remote
+ attackers to obtain sensitive information by using a video stream as HTML5
+ canvas content.
+ - Failure to properly restrict web script in unspecified circumstances involving
+ reloads and redirects.
+ - Failure to properly select the security context of JavaScript code associated
+ with an error page.
+ - Error in 'SVG' document in an 'IMG' element.
+
+ Impact:
+ Successful exploitation will allow remote attackers to execute arbitrary code
+ on the target user's system, can obtain potentially sensitive information.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ Opera Web Browser Version prior 10.63
+
+ Fix: Upgarde to Opera Web Browser Version 10.63 or later,
+ For Updates Refer, http://www.opera.com/download/
+
+ References:
+ http://secunia.com/advisories/41740
+ http://www.opera.com/support/kb/view/971/
+ http://www.opera.com/docs/changelogs/windows/1063/
+ http://securitytracker.com/alerts/2010/Oct/1024570.html ";
+
+ script_description(desc);
+ script_summary("Check for the version of Opera");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("General");
+ script_dependencies("secpod_opera_detection_win_900036.nasl");
+ script_require_keys("Opera/Win/Version");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get Opera Version from KB
+operaVer = get_kb_item("Opera/Win/Version");
+
+if(operaVer)
+{
+ ## Grep for Opera Versions prior to 10.63
+ if(version_is_less(version:operaVer, test_version:"10.63")){
+ security_hole(0);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_opera_mult_vuln_oct10_win.nasl
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_pyftpdlib_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_pyftpdlib_detect.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_pyftpdlib_detect.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,75 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_pyftpdlib_detect.nasl 11737 2010-10-26 12:12:12Z oct $
+#
+# pyftpdlib Version Detection
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801612);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"None");
+ script_name("pyftpdlib Version Detection");
+ desc = "
+ Overview: This script finds the version of running FTPServer.py in pyftpdlib
+ and saves the result in KB.";
+
+ script_description(desc);
+ script_summary("Set the version of pyftpdlib in KB");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Service detection");
+ script_dependencies("find_service.nes");
+ script_require_ports("Services/ftp", 21);
+ exit(0);
+}
+
+
+include("ftp_func.inc");
+
+## Get FTP port
+port = get_kb_item("Services/ftp");
+if(!port) {
+ port = 21;
+}
+
+## Check port status
+if(!get_port_state(port)) {
+ exit(0);
+}
+
+## Get Banner
+banner = get_ftp_banner(port:port);
+if("pyftpd" >< tolower(banner))
+{
+ ## Get Version from Banner
+ ver = eregmatch(pattern:"[Pyftpd|pyftpdlib] ([0-9.]+)",string:banner);
+
+ ## Set pyftpdlib Version in KB
+ if(ver[1] != NULL)
+ {
+ set_kb_item(name:"pyftpdlib/Ver", value:ver[1]);
+ security_note(data:"pyftpdlib FTP server version " + ver[1] +
+ " was detected on the host", port:port);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_pyftpdlib_detect.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_pyftpdlib_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_pyftpdlib_dos_vuln.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_pyftpdlib_dos_vuln.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_pyftpdlib_dos_vuln.nasl 11737 2010-10-26 12:12:12Z oct $
+#
+# pyftpdlib FTP Server Denial of Service Vulnerability
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801614);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2009-5010");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_name("pyftpdlib FTP Server Denial of Service Vulnerability");
+ desc = "
+ Overview: This host is running pyftpdlib FTP server and is prone to Denial of
+ Service vulnerability.
+
+ Vulnerability Insight:
+ The flaw is caused due to race condition in the FTPHandler class, which allows
+ remote attackers to cause a denial of service by establishing and then
+ immediately closing a TCP connection, leading to the accept function having
+ an unexpected return value of None.
+
+ Impact:
+ Successful exploitation will let the attacker to cause a denial of service.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ ftpserver.py in pyftpdlib before 0.5.1
+
+ Fix: Upgrade to pyftpdlib version 0.5.2 or later,
+ For updates refer, http://code.google.com/p/pyftpdlib/downloads/list
+
+ References:
+ http://code.google.com/p/pyftpdlib/issues/detail?id=91
+ http://code.google.com/p/pyftpdlib/source/detail?r=439
+ http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY
+ ";
+
+ script_description(desc);
+ script_summary("Check for the version of pyftpdlib");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("FTP");
+ script_dependencies("gb_pyftpdlib_detect.nasl");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get version from KB
+ver = get_kb_item("pyftpdlib/Ver");
+
+if(ver != NULL)
+{
+ ## Check for pyftpdlib version < 0.5.1
+ if(version_is_less(version:ver, test_version:"0.5.1")) {
+ security_warning(port);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_pyftpdlib_dos_vuln.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_pyftpdlib_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_pyftpdlib_info_disc_vuln.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_pyftpdlib_info_disc_vuln.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_pyftpdlib_info_disc_vuln.nasl 11737 2010-10-26 12:12:12Z oct $
+#
+# pyftpdlib FTP Server Information Disclosure Vulnerability
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801618);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2007-6738");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_name("pyftpdlib FTP Server Information Disclosure Vulnerability");
+ desc = "
+ Overview: This host is running pyftpdlib FTP server and is prone to information
+ disclosure vulnerability.
+
+ Vulnerability Insight:
+ The flaw exists beacuse pyftpdlib does not choose a random value for the port
+ associated with the PASV command, which makes it easier for remote attackers
+ to obtain potentially sensitive information about the number of in-progress
+ data connections by reading the response to this command.
+
+ Impact:
+ Successful exploitation will let the attacker to obtain potentially sensitive
+ information about the number of in-progress data connections.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ ftpserver.py in pyftpdlib before 0.1.1
+
+ Fix: Upgrade to pyftpdlib version 0.5.2 or later,
+ For updates refer, http://code.google.com/p/pyftpdlib/downloads/list
+
+ References:
+ http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY
+ ";
+
+ script_description(desc);
+ script_summary("Check for the version of pyftpdlib");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("FTP");
+ script_dependencies("gb_pyftpdlib_detect.nasl");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get version from KB
+ver = get_kb_item("pyftpdlib/Ver");
+
+if(ver != NULL)
+{
+ ## Check for pyftpdlib version < 0.1.1
+ if(version_is_less(version:ver, test_version:"0.1.1")) {
+ security_warning(port);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_pyftpdlib_info_disc_vuln.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_dir_trav_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_dir_trav_vuln.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_dir_trav_vuln.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_pyftpdlib_mult_dir_trav_vuln.nasl 11737 2010-10-26 12:12:12Z oct $
+#
+# pyftpdlib FTP Server Multiple Directory Traversal Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801616);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2008-7262");
+ script_tag(name:"cvss_base", value:"6.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_name("pyftpdlib FTP Server Multiple Directory Traversal Vulnerabilities");
+ desc = "
+ Overview: This host is running pyftpdlib FTP server and is prone to multiple
+ directory traversal vulnerabilities.
+
+ Vulnerability Insight:
+ The flaws exist because pyftpdlib allow remote authenticated users to access
+ arbitrary files and directories via vectors involving a symlink in a pathname
+ to a CWD, DELE, STOR, or RETR command.
+
+ Impact:
+ Successful exploitation will let the attacker to retrieve or upload arbitrary
+ system files.
+
+ Impact Level: Application/System
+
+ Affected Software/OS:
+ ftpserver.py in pyftpdlib before 0.3.0
+
+ Fix: Upgrade to pyftpdlib version 0.5.2 or later,
+ For updates refer, http://code.google.com/p/pyftpdlib/downloads/list
+
+ References:
+ http://code.google.com/p/pyftpdlib/issues/detail?id=55
+ http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY
+ ";
+
+ script_description(desc);
+ script_summary("Check for the version of pyftpdlib");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("FTP");
+ script_dependencies("gb_pyftpdlib_detect.nasl");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get version from KB
+ver = get_kb_item("pyftpdlib/Ver");
+
+if(ver != NULL)
+{
+ ## Check for pyftpdlib version < 0.3.0
+ if(version_is_less(version:ver, test_version:"0.3.0")) {
+ security_hole(port);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_dir_trav_vuln.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,90 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_pyftpdlib_mult_vuln.nasl 11737 2010-10-26 12:12:12Z oct $
+#
+# pyftpdlib FTP Server Multiple Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801613);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2010-3494", "CVE-2009-5012", "CVE-2009-5013", "CVE-2009-5011");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_name("pyftpdlib FTP Server Multiple Vulnerabilities");
+ desc = "
+ Overview: This host is running pyftpdlib FTP server and is prone to multiple
+ vulnerabilities.
+
+ Vulnerability Insight:
+ - Race condition in the FTPHandler class allows remote attackers to cause a
+ denial of service by establishing and then immediately closing a TCP
+ connection.
+ - Improper permission check for the NLST command allows remote authenticated
+ users to bypass intended access restrictions and list the root directory via
+ an FTP session.
+ - Memory leak in the on_dtp_close function allows remote authenticated users
+ to cause a denial of service by sending a QUIT command during a data transfer.
+
+ Impact:
+ Successful exploitation will let the attacker to cause a denial of service.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ ftpserver.py in pyftpdlib before 0.5.2
+
+ Fix: Upgrade to pyftpdlib version 0.5.2 or later,
+ For updates refer, http://code.google.com/p/pyftpdlib/downloads/list
+
+ References:
+ http://code.google.com/p/pyftpdlib/issues/detail?id=100
+ http://code.google.com/p/pyftpdlib/issues/detail?id=104
+ http://code.google.com/p/pyftpdlib/issues/detail?id=105
+ http://code.google.com/p/pyftpdlib/issues/detail?id=114
+ http://code.google.com/p/pyftpdlib/issues/detail?id=119
+ http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY
+ ";
+
+ script_description(desc);
+ script_summary("Check for the version of pyftpdlib");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("FTP");
+ script_dependencies("gb_pyftpdlib_detect.nasl");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get version from KB
+ver = get_kb_item("pyftpdlib/Ver");
+
+if(ver != NULL)
+{
+ ## Check for pyftpdlib version < 0.5.2
+ if(version_is_less(version:ver, test_version:"0.5.2")) {
+ security_warning(port);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_01.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_01.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_pyftpdlib_mult_vuln_01.nasl 11737 2010-10-26 12:12:12Z oct $
+#
+# pyftpdlib FTP Server Multiple Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801615);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2008-7263", "CVE-2008-7264");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_name("pyftpdlib FTP Server Multiple Vulnerabilities");
+ desc = "
+ Overview: This host is running pyftpdlib FTP server and is prone to multiple
+ vulnerabilities.
+
+ Vulnerability Insight:
+ - ftpserver.py in pyftpdlib does not delay its response after receiving an
+ invalid login attempt, which makes it easier for remote attackers to obtain
+ access via a brute-force attack.
+ - ftp_QUIT function allows remote authenticated users to cause a denial of
+ service by sending a QUIT command during a disallowed data-transfer attempt.
+
+ Impact:
+ Successful exploitation will let the attacker to cause a denial of service.
+
+ Impact Level: Application
+
+ Affected Software/OS:
+ ftpserver.py in pyftpdlib before 0.5.0
+
+ Fix: Upgrade to pyftpdlib version 0.5.2 or later,
+ For updates refer, http://code.google.com/p/pyftpdlib/downloads/list
+
+ References:
+ http://code.google.com/p/pyftpdlib/issues/detail?id=71
+ http://code.google.com/p/pyftpdlib/issues/detail?id=73
+ http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY
+ ";
+
+ script_description(desc);
+ script_summary("Check for the version of pyftpdlib");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("FTP");
+ script_dependencies("gb_pyftpdlib_detect.nasl");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get version from KB
+ver = get_kb_item("pyftpdlib/Ver");
+
+if(ver != NULL)
+{
+ ## Check for pyftpdlib version < 0.5.0
+ if(version_is_less(version:ver, test_version:"0.5.0")) {
+ security_hole(port);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_01.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Added: trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_02.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_02.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_pyftpdlib_mult_vuln_02.nasl 11737 2010-10-26 12:12:12Z oct $
+#
+# pyftpdlib FTP Server Multiple Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801617);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2007-6736", "CVE-2007-6737", "CVE-2007-6739",
+ "CVE-2007-6740", "CVE-2007-6741");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_name("pyftpdlib FTP Server Multiple Vulnerabilities");
+ desc = "
+ Overview: This host is running pyftpdlib FTP server and is prone to multiple
+ vulnerabilities.
+
+ Vulnerability Insight:
+ Multiple flaws exist beacuse pyftpdlib,
+ - allows remote authenticated users to access arbitrary files and directories
+ via a .. (dot dot) in a LIST, STOR, or RETR command.
+ - does not increment the attempted_logins count for a USER command that
+ specifies an invalid username, which makes it easier for remote attackers
+ to obtain access via a brute-force attack.
+ - allows remote attackers to cause a denial of service via a long command.
+ - does not limit the number of attempts to discover a unique filename, which
+ might allow remote authenticated users to cause a denial of service via
+ a STOU command.
+ - does not prevent TCP connections to privileged ports if the destination IP
+ address matches the source IP address of the connection from the FTP client,
+ which might allow remote authenticated users to conduct FTP bounce attacks
+ via crafted FTP data.
+
+ Impact:
+ Successful exploitation will let the attacker to retrieve or upload arbitrary
+ system files or cause a denial of service.
+
+ Impact Level: Application/System
+
+ Affected Software/OS:
+ ftpserver.py in pyftpdlib before 0.2.0
+
+ Fix: Upgrade to pyftpdlib version 0.5.2 or later,
+ For updates refer, http://code.google.com/p/pyftpdlib/downloads/list
+
+ References:
+ http://code.google.com/p/pyftpdlib/issues/detail?id=3
+ http://code.google.com/p/pyftpdlib/issues/detail?id=9
+ http://code.google.com/p/pyftpdlib/issues/detail?id=11
+ http://code.google.com/p/pyftpdlib/issues/detail?id=20
+ http://code.google.com/p/pyftpdlib/issues/detail?id=25
+ http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORY
+ ";
+
+ script_description(desc);
+ script_summary("Check for the version of pyftpdlib");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
+ script_family("FTP");
+ script_dependencies("gb_pyftpdlib_detect.nasl");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get version from KB
+ver = get_kb_item("pyftpdlib/Ver");
+
+if(ver != NULL)
+{
+ ## Check for pyftpdlib version < 0.2.0
+ if(version_is_less(version:ver, test_version:"0.2.0")) {
+ security_hole(port);
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_pyftpdlib_mult_vuln_02.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Modified: trunk/openvas-plugins/scripts/gb_squid_42645.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_squid_42645.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_squid_42645.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -1,6 +1,6 @@
###############################################################################
# OpenVAS Vulnerability Test
-# $Id$
+# $Id: gb_squid_42645.nasl 8943 2010-09-02 14:10:00Z mime $
#
# Squid 'DNS' Reply Remote Buffer Overflow Vulnerability
#
@@ -27,6 +27,7 @@
if (description)
{
script_id(100774);
+ script_cve_id("CVE-2010-2951");
script_bugtraq_id(42645);
script_version ("1.0-$Revision$");
Property changes on: trunk/openvas-plugins/scripts/gb_squid_42645.nasl
___________________________________________________________________
Name: svn:keywords
- Id Revision
+ Revision
Added: trunk/openvas-plugins/scripts/gb_sun_java_se_mult_vuln_oct10_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_sun_java_se_mult_vuln_oct10_win.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_sun_java_se_mult_vuln_oct10_win.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -0,0 +1,115 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_sun_java_se_mult_vuln_oct10_win.nasl 11742 2010-10-25 15:43:20Z oct$
+#
+# Oracle Sun Java SE Multiple Vulnerabilities (Windows)
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(801530);
+ script_version("$Revision$: 1.0");
+ script_cve_id("CVE-2010-3550", "CVE-2010-3551", "CVE-2010-3552", "CVE-2010-3553",
+ "CVE-2010-3554", "CVE-2010-3555", "CVE-2010-3556", "CVE-2010-3557",
+ "CVE-2010-3558", "CVE-2010-3559", "CVE-2010-3560", "CVE-2010-3561",
+ "CVE-2010-3562", "CVE-2010-3563", "CVE-2010-3565", "CVE-2010-3566",
+ "CVE-2010-3567", "CVE-2010-3568", "CVE-2010-3569", "CVE-2010-3570",
+ "CVE-2010-3571", "CVE-2010-3572", "CVE-2010-3573", "CVE-2010-3574");
+ script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_name("Oracle Sun Java SE Multiple Vulnerabilities (Windows)");
+ desc = "
+
+ Overview: This host is installed with Sun Java JDK/JRE and is prone to
+ multiple vulnerabilities.
+
+ Vulnerability Insight:
+ Multiple flas are caused by errors in the 2D, CORBA, Deployment, JRE,
+ Java Web Start, New Java Plug-in, Sound, Deployment Toolkit, JSSE, Kerberos,
+ Networking, Swing, and JNDI components.
+
+ Impact:
+ Successful exploitation will let the attackers to manipulate or gain knowledge
+ of sensitive information, bypass restrictions, cause a denial of service or
+ compromise a vulnerable system.
+
+ Impact Level: System/Application
+
+ Affected Software/OS:
+ Sun Java JDK/JRE version 6 Update 21 on windows
+
+ Fix: Upgrade to JDK/JRE version 6 Update 22
+ http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html
+
+ or
+ Apply the patch from below link,
+ http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
+
+ *****
+ NOTE: Ignore this warning if above mentioned patch is already applied.
+ *****
+
+ References:
+ http://www.vupen.com/english/advisories/2010/2660
+ http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html ";
+
+ script_description(desc);
+ script_summary("Check for the version of Sun Java JDK/JRE");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Oracle Sun Java SE Multiple Vulnerabilities (Windows)");
+ script_family("General");
+ script_dependencies("gb_java_prdts_detect_win.nasl");
+ script_require_keys("Sun/Java/JDK/Win/Ver", "Sun/Java/JRE/Win/Ver");
+ exit(0);
+}
+
+
+include("version_func.inc");
+
+# Get KB for JDK Version On Windows
+jdkVer = get_kb_item("Sun/Java/JDK/Win/Ver");
+if(jdkVer)
+{
+ jdkVer = ereg_replace(pattern:"_", string:jdkVer, replace: ".");
+ if(jdkVer)
+ {
+ # Check for 1.6 < 1.6.0_22 (6 Update 22)
+ if(version_in_range(version:jdkVer, test_version:"1.6", test_version2:"1.6.0.21"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+ }
+}
+
+jreVer = get_kb_item("Sun/Java/JRE/Win/Ver");
+if(jreVer)
+{
+ jreVer = ereg_replace(pattern:"_", string:jreVer, replace: ".");
+ if(jreVer)
+ {
+ # Grep for JRE Version 1.6 < 1.6.0_22 (6 Update 22)
+ if(version_in_range(version:jreVer, test_version:"1.6", test_version2:"1.6.0.21")) {
+ security_hole(0);
+ }
+ }
+}
Property changes on: trunk/openvas-plugins/scripts/gb_sun_java_se_mult_vuln_oct10_win.nasl
___________________________________________________________________
Name: svn:keywords
+ Revision
Modified: trunk/openvas-plugins/scripts/gb_twiki_44103.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_twiki_44103.nasl 2010-10-28 09:13:52 UTC (rev 9304)
+++ trunk/openvas-plugins/scripts/gb_twiki_44103.nasl 2010-10-28 09:50:37 UTC (rev 9305)
@@ -1,6 +1,6 @@
###############################################################################
# OpenVAS Vulnerability Test
-# $Id$
+# $Id: gb_twiki_44103.nasl 9222 2010-10-15 11:28:27Z mime $
#
# TWiki Multiple Cross Site Scripting Vulnerabilities
#
@@ -28,6 +28,7 @@
{
script_id(100857);
script_bugtraq_id(44103);
+ script_cve_id("CVE-2010-3841");
script_version ("1.0-$Revision$");
script_name("TWiki Multiple Cross Site Scripting Vulnerabilities");
Property changes on: trunk/openvas-plugins/scripts/gb_twiki_44103.nasl
___________________________________________________________________
Name: svn:keywords
- Id Revision
+ Revision
More information about the Openvas-commits
mailing list