[Openvas-commits] r12133 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Thu Nov 17 23:16:56 CET 2011


Author: jan
Date: 2011-11-17 23:16:28 +0100 (Thu, 17 Nov 2011)
New Revision: 12133

Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/12planet_chat_server_xss.nasl
   trunk/openvas-plugins/scripts/4images_171_directory_traversal.nasl
   trunk/openvas-plugins/scripts/CA_License_Service_Stack_Overflow.nasl
   trunk/openvas-plugins/scripts/DDI_FTP_Any_User_Login.nasl
   trunk/openvas-plugins/scripts/DDI_GlobalASA_Retrieval.nasl
   trunk/openvas-plugins/scripts/DDI_IIS_Compromised.nasl
   trunk/openvas-plugins/scripts/DDI_IIS_dotNet_Trace.nasl
   trunk/openvas-plugins/scripts/DDI_JRun_Sample_Files.nasl
   trunk/openvas-plugins/scripts/DDI_MPEiX_FTP_Accounts.nasl
   trunk/openvas-plugins/scripts/DDI_PIX_Firewall_Manager.nasl
   trunk/openvas-plugins/scripts/KBWebServer_percent00.nasl
   trunk/openvas-plugins/scripts/NDS_Object_Enum.nasl
   trunk/openvas-plugins/scripts/aardvark_422_remote_file_include.nasl
   trunk/openvas-plugins/scripts/account_bash.nasl
   trunk/openvas-plugins/scripts/account_db2as_db2as.nasl
   trunk/openvas-plugins/scripts/account_db2as_ibmdb2.nasl
   trunk/openvas-plugins/scripts/account_db2fenc1_db2fenc1.nasl
   trunk/openvas-plugins/scripts/account_db2fenc1_ibmdb2.nasl
   trunk/openvas-plugins/scripts/account_db2inst1_db2inst1.nasl
   trunk/openvas-plugins/scripts/account_db2inst1_ibmdb2.nasl
   trunk/openvas-plugins/scripts/account_debug_synnet.nasl
   trunk/openvas-plugins/scripts/account_help.nasl
   trunk/openvas-plugins/scripts/account_public_public.nasl
   trunk/openvas-plugins/scripts/account_swift_swift.nasl
   trunk/openvas-plugins/scripts/admbook_cmd_exec.nasl
   trunk/openvas-plugins/scripts/agora.nasl
   trunk/openvas-plugins/scripts/alchemy_eye_http.nasl
   trunk/openvas-plugins/scripts/alienform.nasl
   trunk/openvas-plugins/scripts/apache_SSL_complain.nasl
   trunk/openvas-plugins/scripts/ldap_null_base.nasl
   trunk/openvas-plugins/scripts/zope_zclass.nasl
Log:
* scripts/account_db2inst1_db2inst1.nasl, scripts/zope_zclass.nasl,
scripts/NDS_Object_Enum.nasl, scripts/alienform.nasl,
scripts/agora.nasl, scripts/DDI_GlobalASA_Retrieval.nasl,
scripts/12planet_chat_server_xss.nasl,
scripts/CA_License_Service_Stack_Overflow.nasl,
scripts/4images_171_directory_traversal.nasl,
scripts/DDI_IIS_Compromised.nasl, scripts/DDI_JRun_Sample_Files.nasl,
scripts/account_public_public.nasl,
scripts/DDI_PIX_Firewall_Manager.nasl,
scripts/DDI_MPEiX_FTP_Accounts.nasl, scripts/alchemy_eye_http.nasl,
scripts/account_bash.nasl, scripts/account_db2fenc1_db2fenc1.nasl,
scripts/account_db2as_ibmdb2.nasl, scripts/KBWebServer_percent00.nasl,
scripts/aardvark_422_remote_file_include.nasl,
scripts/admbook_cmd_exec.nasl, scripts/account_help.nasl,
scripts/ldap_null_base.nasl, scripts/DDI_FTP_Any_User_Login.nasl,
scripts/account_db2inst1_ibmdb2.nasl, scripts/DDI_IIS_dotNet_Trace.nasl,
scripts/account_db2fenc1_ibmdb2.nasl, scripts/account_db2as_db2as.nasl,
scripts/apache_SSL_complain.nasl, scripts/account_swift_swift.nasl,
scripts/account_debug_synnet.nasl: Removed risk factor text from
description (CR56).



Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/ChangeLog	2011-11-17 22:16:28 UTC (rev 12133)
@@ -1,3 +1,26 @@
+2011-11-17  Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>
+
+	* scripts/account_db2inst1_db2inst1.nasl, scripts/zope_zclass.nasl,
+	scripts/NDS_Object_Enum.nasl, scripts/alienform.nasl,
+	scripts/agora.nasl, scripts/DDI_GlobalASA_Retrieval.nasl,
+	scripts/12planet_chat_server_xss.nasl,
+	scripts/CA_License_Service_Stack_Overflow.nasl,
+	scripts/4images_171_directory_traversal.nasl,
+	scripts/DDI_IIS_Compromised.nasl, scripts/DDI_JRun_Sample_Files.nasl,
+	scripts/account_public_public.nasl,
+	scripts/DDI_PIX_Firewall_Manager.nasl,
+	scripts/DDI_MPEiX_FTP_Accounts.nasl, scripts/alchemy_eye_http.nasl,
+	scripts/account_bash.nasl, scripts/account_db2fenc1_db2fenc1.nasl,
+	scripts/account_db2as_ibmdb2.nasl, scripts/KBWebServer_percent00.nasl,
+	scripts/aardvark_422_remote_file_include.nasl,
+	scripts/admbook_cmd_exec.nasl, scripts/account_help.nasl,
+	scripts/ldap_null_base.nasl, scripts/DDI_FTP_Any_User_Login.nasl,
+	scripts/account_db2inst1_ibmdb2.nasl, scripts/DDI_IIS_dotNet_Trace.nasl,
+	scripts/account_db2fenc1_ibmdb2.nasl, scripts/account_db2as_db2as.nasl,
+	scripts/apache_SSL_complain.nasl, scripts/account_swift_swift.nasl,
+	scripts/account_debug_synnet.nasl: Removed risk factor text from
+	description (CR56).
+
 2011-11-17  Antu Sanadi <santu at secpod.com>
 
 	* scripts/gb_oracle_java_se_mult_vuln_oct11_win_01.nasl,

Modified: trunk/openvas-plugins/scripts/12planet_chat_server_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/12planet_chat_server_xss.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/12planet_chat_server_xss.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -61,8 +61,7 @@
 
 Upgrade to the newest version of this software
 
-Risk factor : High / CVSS Base Score : 3
-(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
+CVSS Base Score : 3 (AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
 
  script_description(desc);
  

Modified: trunk/openvas-plugins/scripts/4images_171_directory_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/4images_171_directory_traversal.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/4images_171_directory_traversal.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -64,10 +64,7 @@
 
 Sanitize the 'index.php' file. 
 
-Risk factor :
-
-High / CVSS Base Score : 7 
-(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
+CVSS Base Score : 7 (AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
  script_description(desc);
  summary = "Check if 4Images is vulnerable to directory traversal flaws";
  script_summary(summary);

Modified: trunk/openvas-plugins/scripts/CA_License_Service_Stack_Overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/CA_License_Service_Stack_Overflow.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/CA_License_Service_Stack_Overflow.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -63,10 +63,8 @@
 
 http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp 
 
-Risk factor : Critical / CVSS Base Score : 10 
-(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)";
+CVSS Base Score : 10 (AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)";
 
-
  script_description(desc);
  
  summary = "CA License Service Stack Overflow";

Modified: trunk/openvas-plugins/scripts/DDI_FTP_Any_User_Login.nasl
===================================================================
--- trunk/openvas-plugins/scripts/DDI_FTP_Any_User_Login.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/DDI_FTP_Any_User_Login.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -42,8 +42,6 @@
 ** the OpenVAS team so that we fix the plugins.
  
 Solution: None
-
-Risk factor : None
 ";
 
     script_description( desc);

Modified: trunk/openvas-plugins/scripts/DDI_GlobalASA_Retrieval.nasl
===================================================================
--- trunk/openvas-plugins/scripts/DDI_GlobalASA_Retrieval.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/DDI_GlobalASA_Retrieval.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -51,8 +51,6 @@
     Directory --> Configuration. Click the Add button, specify C:\winnt\system32\inetsrv\asp.dll 
     as the executable (may be different depending on your installation), enter .asa as the extension, 
     limit the verbs to GET,HEAD,POST,TRACE, ensure the Script Engine box is checked and click OK.
-    
-Risk factor : High
 ";
 
     script_description(desc);

Modified: trunk/openvas-plugins/scripts/DDI_IIS_Compromised.nasl
===================================================================
--- trunk/openvas-plugins/scripts/DDI_IIS_Compromised.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/DDI_IIS_Compromised.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -38,8 +38,6 @@
 indicate a possible compromise.   
 
 Solution: Investigate the discovered files
-
-Risk factor : High   
 ";
 
 

Modified: trunk/openvas-plugins/scripts/DDI_IIS_dotNet_Trace.nasl
===================================================================
--- trunk/openvas-plugins/scripts/DDI_IIS_dotNet_Trace.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/DDI_IIS_dotNet_Trace.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -42,8 +42,6 @@
 and the physical path to the requested file.
 
 Solution: Set <trace enabled=false> in web.config
-
-Risk factor : High
 ";
 
     script_description(desc);

Modified: trunk/openvas-plugins/scripts/DDI_JRun_Sample_Files.nasl
===================================================================
--- trunk/openvas-plugins/scripts/DDI_JRun_Sample_Files.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/DDI_JRun_Sample_Files.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -52,8 +52,6 @@
 Solution: Sample files should never be left on production 
           servers.  Remove the sample files and any other 
           files that are not required.
-          
-Risk factor : High 
 ";
 
 

Modified: trunk/openvas-plugins/scripts/DDI_MPEiX_FTP_Accounts.nasl
===================================================================
--- trunk/openvas-plugins/scripts/DDI_MPEiX_FTP_Accounts.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/DDI_MPEiX_FTP_Accounts.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -41,8 +41,6 @@
 of these accounts.
 
 Solution: Apply complex passwords to all accounts.
-
-Risk factor : High
 ";
 
  script_description(desc);

Modified: trunk/openvas-plugins/scripts/DDI_PIX_Firewall_Manager.nasl
===================================================================
--- trunk/openvas-plugins/scripts/DDI_PIX_Firewall_Manager.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/DDI_PIX_Firewall_Manager.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -61,12 +61,8 @@
 Cisco now recommends that you disable the software completely and 
 migrate to the new PIX Device Manager software.
 
-Risk factor :
+CVSS Base Score : 4 (AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
 
-Medium / CVSS Base Score : 4 
-(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
-
-
  script_description(desc);
 
  summary = "\..\..\file.txt";

Modified: trunk/openvas-plugins/scripts/KBWebServer_percent00.nasl
===================================================================
--- trunk/openvas-plugins/scripts/KBWebServer_percent00.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/KBWebServer_percent00.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -46,10 +46,8 @@
 makes some versions of KF Web Server to dump the listing of the  
 directory, thus showing potentially sensitive files.
 
-Risk factor : High
 Solution : upgrade to the latest version of KF Web Server";
 
-
  script_description(desc);
  
  summary = "Make a request like http://www.example.com/%00";

Modified: trunk/openvas-plugins/scripts/NDS_Object_Enum.nasl
===================================================================
--- trunk/openvas-plugins/scripts/NDS_Object_Enum.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/NDS_Object_Enum.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -58,12 +58,8 @@
 is an external system it is recommended that access 
 to port 524 be blocked from the Internet.
 
-Risk factor :
+CVSS Base Score : 2 (AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
 
-Low / CVSS Base Score : 2 
-(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
-
-
 if(description)
 {
  script_id(10988);

Modified: trunk/openvas-plugins/scripts/aardvark_422_remote_file_include.nasl
===================================================================
--- trunk/openvas-plugins/scripts/aardvark_422_remote_file_include.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/aardvark_422_remote_file_include.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -65,8 +65,7 @@
 
 Disable PHP's 'register_globals' or upgrade to the latest release.
 
-Risk factor : High / CVSS Base Score : 6 
-(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
+CVSS Base Score : 6 (AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
  script_description(desc);
  summary = "Checks for a file include in Aardvark Topsites less or equal to 4.2.2";
  script_summary(summary);

Modified: trunk/openvas-plugins/scripts/account_bash.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_bash.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_bash.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -43,7 +43,6 @@
 
 See http://www.k-otik.com/news/FakeRedhatPatchAnalysis.txt
 
-Risk factor : High
 Solution : disable this account and check your system";
 
  script_description(desc);

Modified: trunk/openvas-plugins/scripts/account_db2as_db2as.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_db2as_db2as.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_db2as_db2as.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -41,7 +41,6 @@
 The account 'db2as' has the password 'db2as'
 An attacker may use it to gain further privileges on this system
 
-Risk factor : High
 Solution : Set a strong password for this account or disable it.
 This may disable dependant applications so beware";
 

Modified: trunk/openvas-plugins/scripts/account_db2as_ibmdb2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_db2as_ibmdb2.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_db2as_ibmdb2.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -41,7 +41,6 @@
 The account 'db2as' has the password 'ibmdb2'
 An attacker may use it to gain further privileges on this system
 
-Risk factor : High
 Solution : Set a strong password for this account or disable it.
 This may disable dependant applications so beware";
 

Modified: trunk/openvas-plugins/scripts/account_db2fenc1_db2fenc1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_db2fenc1_db2fenc1.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_db2fenc1_db2fenc1.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -42,7 +42,6 @@
 The account 'db2fenc1' has the password 'db2fenc1'
 An attacker may use it to gain further privileges on this system
 
-Risk factor : High
 Solution : Set a strong password for this account or disable it.
 This may disable dependant applications so beware";
 

Modified: trunk/openvas-plugins/scripts/account_db2fenc1_ibmdb2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_db2fenc1_ibmdb2.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_db2fenc1_ibmdb2.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -41,7 +41,6 @@
 The account 'db2fenc1' has the password 'ibmdb2'
 An attacker may use it to gain further privileges on this system
 
-Risk factor : High
 Solution : Set a strong password for this account or disable it.
 This may disable dependant applications so beware";
 

Modified: trunk/openvas-plugins/scripts/account_db2inst1_db2inst1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_db2inst1_db2inst1.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_db2inst1_db2inst1.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -41,7 +41,6 @@
 The account 'db2finst1' has the password 'db2inst1'
 An attacker may use it to gain further privileges on this system
 
-Risk factor : High
 Solution : Set a strong password for this account or disable it.
 This may disable dependant applications so beware";
 

Modified: trunk/openvas-plugins/scripts/account_db2inst1_ibmdb2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_db2inst1_ibmdb2.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_db2inst1_ibmdb2.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -41,7 +41,6 @@
 The account 'db2finst1' has the password 'ibmdb2'
 An attacker may use it to gain further privileges on this system
 
-Risk factor : High
 Solution : Set a strong password for this account or disable it.
 This may disable dependant applications so beware";
 

Modified: trunk/openvas-plugins/scripts/account_debug_synnet.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_debug_synnet.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_debug_synnet.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -40,7 +40,6 @@
 The account 'debug' has the password 'synnet'
 An attacker may use it to gain further privileges on this system
 
-Risk factor : High
 Solution : Set a strong password for this account or disable it.
 This may disable dependant applications so beware";
 

Modified: trunk/openvas-plugins/scripts/account_help.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_help.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_help.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -39,7 +39,6 @@
 The account 'help' has no password set. 
 An attacker may use it to gain further privileges on this system
 
-Risk factor : High
 Solution : Set a password for this account or disable it";
 
  script_description(desc);

Modified: trunk/openvas-plugins/scripts/account_public_public.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_public_public.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_public_public.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -42,7 +42,6 @@
 The account 'public' has the password 'public'.  An attacker may use it
 to gain further privileges on this system
 
-Risk factor : High
 Solution : Set a password for this account or disable it";
  script_description(desc);
 

Modified: trunk/openvas-plugins/scripts/account_swift_swift.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_swift_swift.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/account_swift_swift.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -39,7 +39,6 @@
 The account 'swift' has the password 'swift'.  An attacker may use it to
 gain further privileges on this system. 
 
-Risk factor : High
 Solution : Set a password for this account or disable it";
  script_description(desc);
 

Modified: trunk/openvas-plugins/scripts/admbook_cmd_exec.nasl
===================================================================
--- trunk/openvas-plugins/scripts/admbook_cmd_exec.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/admbook_cmd_exec.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -49,12 +49,8 @@
 
 Unknown at this time. 
 
-Risk factor :
+CVSS Base Score : 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
 
-High / CVSS Base Score : 7.5
-(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
-
-
 if (description) {
 script_id(80048);;
 script_version("$Revision$");

Modified: trunk/openvas-plugins/scripts/agora.nasl
===================================================================
--- trunk/openvas-plugins/scripts/agora.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/agora.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -52,8 +52,7 @@
 
 Upgrade to Agora 4.0e or newer.
 
-Risk factor : High / CVSS Base Score : 3
-(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
+CVSS Base Score : 3 (AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
 
  script_description(desc);
  

Modified: trunk/openvas-plugins/scripts/alchemy_eye_http.nasl
===================================================================
--- trunk/openvas-plugins/scripts/alchemy_eye_http.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/alchemy_eye_http.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -47,10 +47,8 @@
 authentication for Alchemy Eye. Both of these can be set in the
 Alchemy Eye preferences.
 
-More Information : http://www.securityfocus.com/archive/1/243404
+More Information : http://www.securityfocus.com/archive/1/243404");
 
-Risk factor : High");
-
  script_description(desc);
  
  summary = "Determines if arbitrary commands can be executed by Alchemy Eye";

Modified: trunk/openvas-plugins/scripts/alienform.nasl
===================================================================
--- trunk/openvas-plugins/scripts/alienform.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/alienform.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -50,10 +50,8 @@
 http://online.securityfocus.com/archive/1/276248/2002-06-08/2002-06-14/0
 
 Solution : Disable AlienForm
-Risk factor : High
 ";
 
-
  script_description(desc);
  
  summary = "Checks if the AlienForm CGI script is vulnerable";

Modified: trunk/openvas-plugins/scripts/apache_SSL_complain.nasl
===================================================================
--- trunk/openvas-plugins/scripts/apache_SSL_complain.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/apache_SSL_complain.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -48,12 +48,8 @@
 
 Enable SSL tests in the 'Services' preference setting, or increase the 
 timeouts if this option is already set and the plugin missed 
-this port.
+this port.";
 
-Risk factor : 
-
-None";
-
  script_description(desc);
  
  summary = "Web server complains that we are talking plain HTTP on HTTPS port";

Modified: trunk/openvas-plugins/scripts/ldap_null_base.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ldap_null_base.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/ldap_null_base.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -48,17 +48,13 @@
 
 Disable NULL BASE queries on your LDAP server
 
-Risk factor :
+CVSS Base Score : 2 (AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
 
-Low / CVSS Base Score : 2 
-(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
-
   script_description(desc);
   script_summary("Check for LDAP null base");
   script_category(ACT_GATHER_INFO);
   script_family("Remote file access");
   script_copyright("Copyright (C) 2000 John Lampe....j_lampe at bellsouth.net");
-
   script_dependencies("ldap_detect.nasl");
   script_require_ports("Services/ldap", 389);
 

Modified: trunk/openvas-plugins/scripts/zope_zclass.nasl
===================================================================
--- trunk/openvas-plugins/scripts/zope_zclass.nasl	2011-11-17 12:20:15 UTC (rev 12132)
+++ trunk/openvas-plugins/scripts/zope_zclass.nasl	2011-11-17 22:16:28 UTC (rev 12133)
@@ -61,11 +61,8 @@
 Upgrade to Zope 2.3.3 or apply the hotfix referenced in the vendor
 advisory above. 
 
-Risk factor : 
+CVSS Base Score : 5 (AV:L/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
 
-Medium / CVSS Base Score : 5 
-(AV:L/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
-
  script_description(desc); 
  summary = "Checks Zope version";
  script_summary(summary);



More information about the Openvas-commits mailing list