[Openvas-commits] r12135 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Fri Nov 18 12:41:58 CET 2011
Author: hdoreau
Date: 2011-11-18 12:38:04 +0100 (Fri, 18 Nov 2011)
New Revision: 12135
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/scripts/3com_switches.nasl
trunk/openvas-plugins/scripts/DDI_JavaServer_Default.nasl
trunk/openvas-plugins/scripts/DDI_MRTG_File_Read.nasl
trunk/openvas-plugins/scripts/Jserv_css.nasl
trunk/openvas-plugins/scripts/PGPCert_DoS.nasl
trunk/openvas-plugins/scripts/RA_www_css.nasl
trunk/openvas-plugins/scripts/SHN_MySQL_Privilege_Escalation.nasl
trunk/openvas-plugins/scripts/SWS_DoS.nasl
trunk/openvas-plugins/scripts/X.nasl
trunk/openvas-plugins/scripts/account_super_debug.nasl
trunk/openvas-plugins/scripts/account_super_forgot.nasl
trunk/openvas-plugins/scripts/account_user_debug.nasl
trunk/openvas-plugins/scripts/account_user_forgot.nasl
trunk/openvas-plugins/scripts/anti_nessus.nasl
trunk/openvas-plugins/scripts/apache_Tomcat_DOS_Device_XSS.nasl
trunk/openvas-plugins/scripts/apache_Tomcat_Servlet_XSS.nasl
trunk/openvas-plugins/scripts/apache_Tomcat_TroubleShooter.nasl
trunk/openvas-plugins/scripts/apache_auth_sql_insertion.nasl
trunk/openvas-plugins/scripts/apache_server_info.nasl
trunk/openvas-plugins/scripts/apache_server_status.nasl
trunk/openvas-plugins/scripts/articlelive_xss.nasl
trunk/openvas-plugins/scripts/asip-status.nasl
trunk/openvas-plugins/scripts/aspdev_imgtag.nasl
trunk/openvas-plugins/scripts/asterisk_null_pointer_dereference.nasl
trunk/openvas-plugins/scripts/asterisk_pbx_guest_access_enabled.nasl
trunk/openvas-plugins/scripts/asterisk_sdp_header_overflow.nasl
trunk/openvas-plugins/scripts/atutor_multiple_flaws.nasl
trunk/openvas-plugins/scripts/atutor_password_reminder_sql.nasl
trunk/openvas-plugins/scripts/atutor_xss.nasl
trunk/openvas-plugins/scripts/avengers_news_system_command_execution.nasl
trunk/openvas-plugins/scripts/aztek_xss.nasl
trunk/openvas-plugins/scripts/basilix_arbitrary_command_execution.nasl
trunk/openvas-plugins/scripts/basilix_arbitrary_file_disclosure.nasl
trunk/openvas-plugins/scripts/basilix_attachment_disclosure.nasl
trunk/openvas-plugins/scripts/basilix_content_type_xss.nasl
trunk/openvas-plugins/scripts/basilix_detect.nasl
trunk/openvas-plugins/scripts/basilix_message_content_script_injection.nasl
trunk/openvas-plugins/scripts/basilix_sql_injection.nasl
trunk/openvas-plugins/scripts/basilix_webmail.nasl
trunk/openvas-plugins/scripts/basit_xss.nasl
trunk/openvas-plugins/scripts/bgp_detect.nasl
trunk/openvas-plugins/scripts/bigip_cookie.nasl
trunk/openvas-plugins/scripts/bmforum_xss.nasl
trunk/openvas-plugins/scripts/bookreview_xss.nasl
trunk/openvas-plugins/scripts/breakcal_xss.nasl
trunk/openvas-plugins/scripts/brio_dir_traversal.nasl
trunk/openvas-plugins/scripts/burning_board_database_sql_injection.nasl
trunk/openvas-plugins/scripts/calendar_express_flaws.nasl
trunk/openvas-plugins/scripts/calendar_scheduler_xss.nasl
trunk/openvas-plugins/scripts/cart32_xss.nasl
trunk/openvas-plugins/scripts/cesarftp_mkd_command_buffer_overflow.nasl
trunk/openvas-plugins/scripts/cgicso_cross_site_scripting.nasl
trunk/openvas-plugins/scripts/chargen.nasl
trunk/openvas-plugins/scripts/cheopsNG_clear_text_password.nasl
trunk/openvas-plugins/scripts/cheopsNG_detect.nasl
trunk/openvas-plugins/scripts/cherokee_0_4_7.nasl
trunk/openvas-plugins/scripts/cisco_acs_web_overflow.nasl
trunk/openvas-plugins/scripts/cisco_ios_ftp_server_auth_bypass.nasl
trunk/openvas-plugins/scripts/cisco_vpn_client_priv_escalation.nasl
trunk/openvas-plugins/scripts/citrix.nasl
trunk/openvas-plugins/scripts/codered_x.nasl
trunk/openvas-plugins/scripts/compaq_web_mgmt_password.nasl
trunk/openvas-plugins/scripts/cp-firewall-auth.nasl
trunk/openvas-plugins/scripts/cp-firewall-webauth.nasl
trunk/openvas-plugins/scripts/cross_site_scripting.nasl
trunk/openvas-plugins/scripts/cubecart_xss.nasl
trunk/openvas-plugins/scripts/cutenews_145_xss.nasl
trunk/openvas-plugins/scripts/cutenews_dir_traversal.nasl
trunk/openvas-plugins/scripts/cutenews_indexphp_xss.nasl
trunk/openvas-plugins/scripts/cutenews_show_news_xss.nasl
trunk/openvas-plugins/scripts/cutenews_xss.nasl
trunk/openvas-plugins/scripts/cvstrac_output_formatter_dos.nasl
trunk/openvas-plugins/scripts/cvsweb_version.nasl
trunk/openvas-plugins/scripts/cyrus_imsp_overflow.nasl
trunk/openvas-plugins/scripts/datawizard_ftpxq_test_accts.nasl
trunk/openvas-plugins/scripts/dbman_cgi.nasl
trunk/openvas-plugins/scripts/dcetest.nasl
trunk/openvas-plugins/scripts/dcshop_information_disclosure.nasl
trunk/openvas-plugins/scripts/digital_scribe_login_sql_inject.nasl
trunk/openvas-plugins/scripts/docebo_globals_overwrite.nasl
trunk/openvas-plugins/scripts/dont_scan_printers.nasl
trunk/openvas-plugins/scripts/doublecheck_std_services.nasl
trunk/openvas-plugins/scripts/e107_sql_injection.nasl
trunk/openvas-plugins/scripts/easy_message_board_cmd_exec.nasl
trunk/openvas-plugins/scripts/efs_webserver_infodisclose.nasl
trunk/openvas-plugins/scripts/egd_detect.nasl
trunk/openvas-plugins/scripts/egp_detect.nasl
trunk/openvas-plugins/scripts/elog_logbook_global_dos.nasl
trunk/openvas-plugins/scripts/eshop_information_disclosure.nasl
trunk/openvas-plugins/scripts/etomite_0612_sql_injection.nasl
trunk/openvas-plugins/scripts/exchange_public_folders_information_leak.nasl
trunk/openvas-plugins/scripts/exhibit_engine_rfi.nasl
trunk/openvas-plugins/scripts/external_svc_ident.nasl
trunk/openvas-plugins/scripts/eyeos_command_execution.nasl
trunk/openvas-plugins/scripts/famd_detect.nasl
trunk/openvas-plugins/scripts/find_service1.nasl
trunk/openvas-plugins/scripts/find_service2.nasl
trunk/openvas-plugins/scripts/find_service_3digits.nasl
trunk/openvas-plugins/scripts/find_service_nmap.nasl
trunk/openvas-plugins/scripts/finger_overflow.nasl
trunk/openvas-plugins/scripts/firewall_detect.nasl
trunk/openvas-plugins/scripts/formmail_version_disclosure.nasl
trunk/openvas-plugins/scripts/free_articles_directory_file_includes.nasl
trunk/openvas-plugins/scripts/freesshd_key_exchange_overflow.nasl
trunk/openvas-plugins/scripts/fs_policy_manager_7_dos.nasl
trunk/openvas-plugins/scripts/fsp_detection.nasl
trunk/openvas-plugins/scripts/ftp_administrator.nasl
trunk/openvas-plugins/scripts/ftp_kibuv_worm.nasl
trunk/openvas-plugins/scripts/ftp_writeable_directories.nasl
trunk/openvas-plugins/scripts/ftpd_any_cmd.nasl
trunk/openvas-plugins/scripts/ftpd_bad_sequence.nasl
trunk/openvas-plugins/scripts/ftpd_no_cmd.nasl
trunk/openvas-plugins/scripts/ftpglob.nasl
trunk/openvas-plugins/scripts/gcards_dir_transversal.nasl
trunk/openvas-plugins/scripts/gentoo_unmaintained_packages.nasl
trunk/openvas-plugins/scripts/goaheadwebserver_source_disclosure.nasl
trunk/openvas-plugins/scripts/groupwise_web_interface_help_hole.nasl
trunk/openvas-plugins/scripts/guppy_directory_traversal.nasl
trunk/openvas-plugins/scripts/guppy_request_header_flaws.nasl
trunk/openvas-plugins/scripts/hcl_file_include.nasl
trunk/openvas-plugins/scripts/healthd_detect.nasl
trunk/openvas-plugins/scripts/hello_detect.nasl
trunk/openvas-plugins/scripts/http_methods.nasl
trunk/openvas-plugins/scripts/http_trace.nasl
trunk/openvas-plugins/scripts/iax2_detection.nasl
trunk/openvas-plugins/scripts/icmp_domain_name.nasl
trunk/openvas-plugins/scripts/iis5_isapi_printer.nasl
trunk/openvas-plugins/scripts/iis_frag_disclosure.nasl
trunk/openvas-plugins/scripts/iis_ida_isapi.nasl
trunk/openvas-plugins/scripts/iis_nat.nasl
trunk/openvas-plugins/scripts/iis_viewcode.nasl
trunk/openvas-plugins/scripts/iis_xss_idc.nasl
trunk/openvas-plugins/scripts/ilo_detect.nasl
trunk/openvas-plugins/scripts/ilohamail_email_header_html_injection.nasl
trunk/openvas-plugins/scripts/includer_rcmdexec.nasl
trunk/openvas-plugins/scripts/incomplete_http_requests_DoS.nasl
trunk/openvas-plugins/scripts/iplanet_perf.nasl
trunk/openvas-plugins/scripts/ipswitch_whatsup_auth_bypass.nasl
trunk/openvas-plugins/scripts/ipswitch_whatsup_info_disclosure.nasl
trunk/openvas-plugins/scripts/kerio_PF_buffer_overflow.nasl
trunk/openvas-plugins/scripts/kerio_wrf_management_detection.nasl
trunk/openvas-plugins/scripts/kiwi_cattools_dir_traversal.nasl
trunk/openvas-plugins/scripts/kiwi_cattools_tftpd_dir_traversal.nasl
trunk/openvas-plugins/scripts/lcdproc_buffer_overflow.nasl
trunk/openvas-plugins/scripts/lcdproc_detect.nasl
trunk/openvas-plugins/scripts/ldu_801.nasl
trunk/openvas-plugins/scripts/ldu_detection.nasl
trunk/openvas-plugins/scripts/ldu_sql_injection.nasl
trunk/openvas-plugins/scripts/leafnode_version.nasl
trunk/openvas-plugins/scripts/libpng_CB-A08-0064.nasl
trunk/openvas-plugins/scripts/limbo_multiple_flaws.nasl
trunk/openvas-plugins/scripts/linksys_multiple_vulns.nasl
trunk/openvas-plugins/scripts/linux_icmp_sctp_DoS.nasl
trunk/openvas-plugins/scripts/listrec.nasl
trunk/openvas-plugins/scripts/localweb2k.nasl
trunk/openvas-plugins/scripts/lotus_domino_ldap_dos.nasl
trunk/openvas-plugins/scripts/lotus_domino_xss.nasl
trunk/openvas-plugins/scripts/lotus_notes_openserver_disclosure.nasl
trunk/openvas-plugins/scripts/mailenable_httpmail_authorization_dos.nasl
trunk/openvas-plugins/scripts/mailenable_httpmail_content_length_overflow.nasl
trunk/openvas-plugins/scripts/mailenable_imap_rename_dos.nasl
trunk/openvas-plugins/scripts/mailgust_sql_injection.nasl
trunk/openvas-plugins/scripts/mailman_privatepy_directory_traversal.nasl
trunk/openvas-plugins/scripts/mantis_file_incl_sql_inject.nasl
trunk/openvas-plugins/scripts/mantis_multiple_vulns4.nasl
trunk/openvas-plugins/scripts/mantis_xss.nasl
trunk/openvas-plugins/scripts/mediahouse_statistics_web_server.nasl
trunk/openvas-plugins/scripts/mercur_imap_buffer_overflow.nasl
trunk/openvas-plugins/scripts/minibb_rfi.nasl
trunk/openvas-plugins/scripts/modx_0921_rfi.nasl
trunk/openvas-plugins/scripts/monkeyweb_post_DoS.nasl
trunk/openvas-plugins/scripts/monkeyweb_too_big_post.nasl
trunk/openvas-plugins/scripts/mssql_brute_force.nasl
trunk/openvas-plugins/scripts/mssql_ping.nasl
trunk/openvas-plugins/scripts/mssql_version.nasl
trunk/openvas-plugins/scripts/mssqlserver_detect.nasl
trunk/openvas-plugins/scripts/mtl_remote_file_include.nasl
trunk/openvas-plugins/scripts/myevent_multiple_flaws.nasl
trunk/openvas-plugins/scripts/mysql_buff_overflow.nasl
trunk/openvas-plugins/scripts/mysql_hotcopy_tempfile.nasl
trunk/openvas-plugins/scripts/mysql_single_row_subselect_dos.nasl
trunk/openvas-plugins/scripts/netbios_name_get.nasl
trunk/openvas-plugins/scripts/netop.inc
trunk/openvas-plugins/scripts/netop_infopublic.nasl
trunk/openvas-plugins/scripts/netscaler_web_cookie_crypto.nasl
trunk/openvas-plugins/scripts/netscaler_web_cookie_info.nasl
trunk/openvas-plugins/scripts/netscaler_web_detect.nasl
trunk/openvas-plugins/scripts/netscaler_web_login.nasl
trunk/openvas-plugins/scripts/netscaler_web_unencrypted.nasl
trunk/openvas-plugins/scripts/netscaler_web_xss.nasl
trunk/openvas-plugins/scripts/netscape_server_default_files.nasl
trunk/openvas-plugins/scripts/netware_perl_overflow.nasl
trunk/openvas-plugins/scripts/netware_post_perl.nasl
trunk/openvas-plugins/scripts/nfs_user_mount.nasl
trunk/openvas-plugins/scripts/nmap.nasl
trunk/openvas-plugins/scripts/nntp_too_long_password.nasl
trunk/openvas-plugins/scripts/no404.nasl
trunk/openvas-plugins/scripts/novell_groupwise_servletmanager_default_password.nasl
trunk/openvas-plugins/scripts/novell_groupwise_webacc_information_disclosure.nasl
trunk/openvas-plugins/scripts/novell_netbasic_directory_traversal.nasl
trunk/openvas-plugins/scripts/novell_novonyx_default_files.nasl
trunk/openvas-plugins/scripts/nsm2004_dos.nasl
trunk/openvas-plugins/scripts/ntds_get_info.nasl
trunk/openvas-plugins/scripts/nullhttpd_content_length.nasl
trunk/openvas-plugins/scripts/odbc_tools_check.nasl
trunk/openvas-plugins/scripts/open_X11_server.nasl
trunk/openvas-plugins/scripts/openoffice_CB-A08-0068.nasl
trunk/openvas-plugins/scripts/openwebmail_logindomain_xss.nasl
trunk/openvas-plugins/scripts/opera_favicon_address_bar_spoofing.nasl
trunk/openvas-plugins/scripts/opera_remote_location_object_flaw.nasl
trunk/openvas-plugins/scripts/oracle9iAS_too_long_url.nasl
trunk/openvas-plugins/scripts/oracle9i_isqlplus_xss.nasl
trunk/openvas-plugins/scripts/oracle9i_java_process_manager.nasl
trunk/openvas-plugins/scripts/oracle_tnslsnr_security.nasl
trunk/openvas-plugins/scripts/oracle_tnslsnr_version.nasl
trunk/openvas-plugins/scripts/orion_webserver_37717.nasl
trunk/openvas-plugins/scripts/osX_apache_finder.nasl
trunk/openvas-plugins/scripts/osX_apache_finder_content.nasl
trunk/openvas-plugins/scripts/ospf_detect.nasl
trunk/openvas-plugins/scripts/ossim_server_detect.nasl
trunk/openvas-plugins/scripts/owa_sqlinject.nasl
trunk/openvas-plugins/scripts/packeteer_packetshaper_web_dos.nasl
trunk/openvas-plugins/scripts/packeteer_web_detect.nasl
trunk/openvas-plugins/scripts/packeteer_web_login.nasl
trunk/openvas-plugins/scripts/packeteer_web_version.nasl
trunk/openvas-plugins/scripts/patchlink_detection.nasl
trunk/openvas-plugins/scripts/phpMyAdmin_remote_cmd.nasl
trunk/openvas-plugins/scripts/phpMyAgenda_30final_file_include.nasl
trunk/openvas-plugins/scripts/phpSurveyor_sql_inject.nasl
trunk/openvas-plugins/scripts/php_nuke_admin_cp.nasl
trunk/openvas-plugins/scripts/php_nuke_bb_smilies_passwd.nasl
trunk/openvas-plugins/scripts/phpbb_2_0_18.nasl
trunk/openvas-plugins/scripts/phpdocumentor_1_3_remote_file_inclusion.nasl
trunk/openvas-plugins/scripts/phpeasydownload_code_injection.nasl
trunk/openvas-plugins/scripts/phpinfo.nasl
trunk/openvas-plugins/scripts/phplistpro_remote_file_include.nasl
trunk/openvas-plugins/scripts/phpmyfaq_action_parameter_flaw.nasl
trunk/openvas-plugins/scripts/phpshop_sql_injection.nasl
trunk/openvas-plugins/scripts/phptonuke_dir_trav.nasl
trunk/openvas-plugins/scripts/phpweblog_xss.nasl
trunk/openvas-plugins/scripts/phpwebthings_rfi.nasl
trunk/openvas-plugins/scripts/phpwebthings_sql_injection.nasl
trunk/openvas-plugins/scripts/pjl_detect.nasl
trunk/openvas-plugins/scripts/plumecms_prepend_file_inclusion.nasl
trunk/openvas-plugins/scripts/poppassd_too_long_user.nasl
trunk/openvas-plugins/scripts/poprelayd_auth.nasl
trunk/openvas-plugins/scripts/powerup_information_disclosure.nasl
trunk/openvas-plugins/scripts/propfind_internal_ip.nasl
trunk/openvas-plugins/scripts/punBB_detect.nasl
trunk/openvas-plugins/scripts/punBB_img_xss.nasl
trunk/openvas-plugins/scripts/punBB_info_disclosure.nasl
trunk/openvas-plugins/scripts/punBB_install_xss.nasl
trunk/openvas-plugins/scripts/punBB_profile_xss.nasl
trunk/openvas-plugins/scripts/punBB_url_quote_xss.nasl
trunk/openvas-plugins/scripts/punbb_register_lfi.nasl
trunk/openvas-plugins/scripts/qk_smtp_server_dos.nasl
trunk/openvas-plugins/scripts/quote.nasl
trunk/openvas-plugins/scripts/rcblog_dir_transversal.nasl
trunk/openvas-plugins/scripts/remote-net-hub-3com.nasl
trunk/openvas-plugins/scripts/remote-sgi-objectserver.nasl
trunk/openvas-plugins/scripts/remote-smtp-smad.nasl
trunk/openvas-plugins/scripts/resin_server_status.nasl
trunk/openvas-plugins/scripts/rich_media_ecommerce_stores_sensitive_information_insecurely.nasl
trunk/openvas-plugins/scripts/rip_detect.nasl
trunk/openvas-plugins/scripts/rip_poison.nasl
trunk/openvas-plugins/scripts/samba_CB-A08-0085.nasl
trunk/openvas-plugins/scripts/sambar_pagecount.nasl
trunk/openvas-plugins/scripts/sapdb_detect.nasl
trunk/openvas-plugins/scripts/savant_cgitest.nasl
trunk/openvas-plugins/scripts/secpod_ca_mult_prdts_detect_win.nasl
trunk/openvas-plugins/scripts/securemote.nasl
trunk/openvas-plugins/scripts/securemote_info_leak.nasl
trunk/openvas-plugins/scripts/segue_rfi.nasl
trunk/openvas-plugins/scripts/sendmail_custom_config.nasl
trunk/openvas-plugins/scripts/sendmail_debug_leak.nasl
trunk/openvas-plugins/scripts/sendmail_queue_destruction.nasl
trunk/openvas-plugins/scripts/sglmerchant_information_disclosure.nasl
trunk/openvas-plugins/scripts/shambala_www_dos.nasl
trunk/openvas-plugins/scripts/shopping_cart_information_disclosure.nasl
trunk/openvas-plugins/scripts/shopplus_information_disclosure.nasl
trunk/openvas-plugins/scripts/shoutcast_version.nasl
trunk/openvas-plugins/scripts/silverstream_database.nasl
trunk/openvas-plugins/scripts/silverstream_dirlisting.nasl
trunk/openvas-plugins/scripts/simpleserverwww_dos.nasl
trunk/openvas-plugins/scripts/sip_detection.nasl
trunk/openvas-plugins/scripts/smb_explorer_version.nasl
trunk/openvas-plugins/scripts/smb_nt_ms02-006.nasl
trunk/openvas-plugins/scripts/smb_reg_service_pack_XP.nasl
trunk/openvas-plugins/scripts/smb_suspicious_files.nasl
trunk/openvas-plugins/scripts/smb_virii.nasl
trunk/openvas-plugins/scripts/smbcl_gnutls_CB-A08-0079.nasl
trunk/openvas-plugins/scripts/smtp_relay2.nasl
trunk/openvas-plugins/scripts/smtpserver_detect.nasl
trunk/openvas-plugins/scripts/snmp_default_communities.nasl
trunk/openvas-plugins/scripts/snmp_hpJetDirectEWS.nasl
trunk/openvas-plugins/scripts/source_routed.nasl
trunk/openvas-plugins/scripts/spip_sql_injection.nasl
trunk/openvas-plugins/scripts/spybot_detection.nasl
trunk/openvas-plugins/scripts/sql_injection.nasl
trunk/openvas-plugins/scripts/sqlqhit_information_disclosure.nasl
trunk/openvas-plugins/scripts/squirrelmail_detect.nasl
trunk/openvas-plugins/scripts/ssh_ssf.nasl
trunk/openvas-plugins/scripts/ssl_cert_expiry.nasl
trunk/openvas-plugins/scripts/stun_detection.nasl
trunk/openvas-plugins/scripts/sugarcrm_remote_file_inclusion.nasl
trunk/openvas-plugins/scripts/sybase_asa_default_password.nasl
trunk/openvas-plugins/scripts/sybase_asa_ping.nasl
trunk/openvas-plugins/scripts/sybase_blank_password.nasl
trunk/openvas-plugins/scripts/symantec_ws_detection.nasl
trunk/openvas-plugins/scripts/symantec_ws_dos.nasl
trunk/openvas-plugins/scripts/sympa_new_list_xss.nasl
trunk/openvas-plugins/scripts/tetrinet_detect.nasl
trunk/openvas-plugins/scripts/tftpd_backdoor.nasl
trunk/openvas-plugins/scripts/tftpd_detect.nasl
trunk/openvas-plugins/scripts/tomcat_server_default_files.nasl
trunk/openvas-plugins/scripts/tomcat_srcjsp_malformed_request.nasl
trunk/openvas-plugins/scripts/tomcat_status.nasl
trunk/openvas-plugins/scripts/trac_sql_injection.nasl
trunk/openvas-plugins/scripts/tripwire_webpage.nasl
trunk/openvas-plugins/scripts/trojan_horses.nasl
trunk/openvas-plugins/scripts/ultravnc_dsm_detect.nasl
trunk/openvas-plugins/scripts/unprotected_cheopsNG.nasl
trunk/openvas-plugins/scripts/uploadskrip.nasl
trunk/openvas-plugins/scripts/ventrilo_detect.nasl
trunk/openvas-plugins/scripts/ventrilo_dos.nasl
trunk/openvas-plugins/scripts/visnetic_mailserver_flaws.nasl
trunk/openvas-plugins/scripts/vmware_server_detect.nasl
trunk/openvas-plugins/scripts/vnc.nasl
trunk/openvas-plugins/scripts/vtiger_flaws.nasl
trunk/openvas-plugins/scripts/webalbum_local_file_include.nasl
trunk/openvas-plugins/scripts/webcalendar_info_disclosure.nasl
trunk/openvas-plugins/scripts/webgui_remote_cmd_exec.nasl
trunk/openvas-plugins/scripts/weblogic_dotdotdos.nasl
trunk/openvas-plugins/scripts/weblogic_percent.nasl
trunk/openvas-plugins/scripts/webnews.nasl
trunk/openvas-plugins/scripts/webplus_install_path.nasl
trunk/openvas-plugins/scripts/webserver4d.nasl
trunk/openvas-plugins/scripts/webserver_favicon.nasl
trunk/openvas-plugins/scripts/websphere_cache_DoS.nasl
trunk/openvas-plugins/scripts/webspirs_cgi.nasl
trunk/openvas-plugins/scripts/webwasher_conf_xss.nasl
trunk/openvas-plugins/scripts/worldclient_server_detection.nasl
trunk/openvas-plugins/scripts/wowBB_flaws.nasl
trunk/openvas-plugins/scripts/wowBB_sql_injection.nasl
trunk/openvas-plugins/scripts/ws4e_too_long_url.nasl
trunk/openvas-plugins/scripts/wsus_detect.nasl
trunk/openvas-plugins/scripts/wu_ftpd_site_exec.nasl
trunk/openvas-plugins/scripts/wuftpd_ls_DoS.nasl
trunk/openvas-plugins/scripts/www_server_name.nasl
trunk/openvas-plugins/scripts/www_too_long_options.nasl
trunk/openvas-plugins/scripts/www_too_long_url.nasl
trunk/openvas-plugins/scripts/wwwboardpwd.nasl
trunk/openvas-plugins/scripts/xaraya_detection.nasl
trunk/openvas-plugins/scripts/xhp_cms_file_upload.nasl
trunk/openvas-plugins/scripts/xnews.nasl
trunk/openvas-plugins/scripts/xoops_viewtopic_xss.nasl
trunk/openvas-plugins/scripts/xot_detect.nasl
trunk/openvas-plugins/scripts/xst_http_trace.nasl
trunk/openvas-plugins/scripts/yabb_xss.nasl
trunk/openvas-plugins/scripts/yacy_xss.nasl
trunk/openvas-plugins/scripts/yapig_multiple_flaws.nasl
trunk/openvas-plugins/scripts/yapig_pass_dir_access.nasl
trunk/openvas-plugins/scripts/yapig_remote_vuln.nasl
trunk/openvas-plugins/scripts/yawcam_dir_traversal.nasl
trunk/openvas-plugins/scripts/ypupdated_remote_exec.nasl
trunk/openvas-plugins/scripts/zeroboard_flaws.nasl
trunk/openvas-plugins/scripts/zeroboard_flaws2.nasl
trunk/openvas-plugins/scripts/zeroboard_xss.nasl
trunk/openvas-plugins/scripts/zml_cgi_traversal.nasl
trunk/openvas-plugins/scripts/zope_path_disclosure.nasl
Log:
* scripts/punBB_profile_xss.nasl,
scripts/secpod_ca_mult_prdts_detect_win.nasl,
scripts/mailenable_imap_rename_dos.nasl,
scripts/firewall_detect.nasl,
scripts/nntp_too_long_password.nasl,
scripts/aztek_xss.nasl,
scripts/SHN_MySQL_Privilege_Escalation.nasl,
scripts/listrec.nasl,
scripts/ldu_sql_injection.nasl,
scripts/ultravnc_dsm_detect.nasl,
scripts/mercur_imap_buffer_overflow.nasl,
scripts/xst_http_trace.nasl,
scripts/zeroboard_xss.nasl,
scripts/phpinfo.nasl,
scripts/apache_auth_sql_insertion.nasl,
scripts/ftpd_any_cmd.nasl,
scripts/iis_ida_isapi.nasl,
scripts/find_service2.nasl,
scripts/smtp_relay2.nasl,
scripts/apache_Tomcat_DOS_Device_XSS.nasl,
scripts/nsm2004_dos.nasl,
scripts/mantis_file_incl_sql_inject.nasl,
scripts/spybot_detection.nasl,
scripts/nullhttpd_content_length.nasl,
scripts/cherokee_0_4_7.nasl,
scripts/mssql_ping.nasl,
scripts/snmp_default_communities.nasl,
scripts/qk_smtp_server_dos.nasl,
scripts/chargen.nasl,
scripts/oracle9i_isqlplus_xss.nasl,
scripts/sql_injection.nasl,
scripts/webspirs_cgi.nasl,
scripts/shopplus_information_disclosure.nasl,
scripts/savant_cgitest.nasl,
scripts/ws4e_too_long_url.nasl,
scripts/remote-net-hub-3com.nasl,
scripts/easy_message_board_cmd_exec.nasl,
scripts/www_too_long_options.nasl,
scripts/ssl_cert_expiry.nasl,
scripts/linksys_multiple_vulns.nasl,
scripts/sympa_new_list_xss.nasl,
scripts/openwebmail_logindomain_xss.nasl,
scripts/includer_rcmdexec.nasl,
scripts/smtpserver_detect.nasl,
scripts/bgp_detect.nasl,
scripts/myevent_multiple_flaws.nasl,
scripts/phpdocumentor_1_3_remote_file_inclusion.nasl,
scripts/powerup_information_disclosure.nasl,
scripts/iis_nat.nasl,
scripts/http_methods.nasl,
scripts/phplistpro_remote_file_include.nasl,
scripts/monkeyweb_post_DoS.nasl,
scripts/Jserv_css.nasl,
scripts/remote-smtp-smad.nasl,
scripts/oracle9i_java_process_manager.nasl,
scripts/zeroboard_flaws.nasl,
scripts/docebo_globals_overwrite.nasl,
scripts/phpmyfaq_action_parameter_flaw.nasl,
scripts/apache_Tomcat_TroubleShooter.nasl,
scripts/mysql_buff_overflow.nasl,
scripts/hcl_file_include.nasl,
scripts/cp-firewall-webauth.nasl,
scripts/ldu_801.nasl,
scripts/packeteer_packetshaper_web_dos.nasl,
scripts/icmp_domain_name.nasl,
scripts/pjl_detect.nasl,
scripts/localweb2k.nasl,
scripts/netscaler_web_login.nasl,
scripts/www_too_long_url.nasl,
scripts/elog_logbook_global_dos.nasl,
scripts/oracle_tnslsnr_version.nasl,
scripts/cvstrac_output_formatter_dos.nasl,
scripts/opera_favicon_address_bar_spoofing.nasl,
scripts/DDI_MRTG_File_Read.nasl,
scripts/ftpd_no_cmd.nasl,
scripts/rich_media_ecommerce_stores_sensitive_information_insecurely.nasl,
scripts/basilix_attachment_disclosure.nasl,
scripts/www_server_name.nasl,
scripts/osX_apache_finder.nasl,
scripts/wuftpd_ls_DoS.nasl,
scripts/iis_frag_disclosure.nasl,
scripts/sendmail_debug_leak.nasl,
scripts/tomcat_srcjsp_malformed_request.nasl,
scripts/novell_netbasic_directory_traversal.nasl,
scripts/stun_detection.nasl,
scripts/dcetest.nasl,
scripts/phpshop_sql_injection.nasl,
scripts/poppassd_too_long_user.nasl,
scripts/anti_nessus.nasl,
scripts/webplus_install_path.nasl,
scripts/webgui_remote_cmd_exec.nasl,
scripts/php_nuke_admin_cp.nasl,
scripts/mysql_single_row_subselect_dos.nasl,
scripts/goaheadwebserver_source_disclosure.nasl,
scripts/wwwboardpwd.nasl,
scripts/famd_detect.nasl,
scripts/calendar_scheduler_xss.nasl,
scripts/RA_www_css.nasl,
scripts/smbcl_gnutls_CB-A08-0079.nasl,
scripts/lotus_domino_ldap_dos.nasl,
scripts/mailenable_httpmail_authorization_dos.nasl,
scripts/no404.nasl,
scripts/plumecms_prepend_file_inclusion.nasl,
scripts/datawizard_ftpxq_test_accts.nasl,
scripts/account_super_debug.nasl,
scripts/ldu_detection.nasl,
scripts/DDI_JavaServer_Default.nasl,
scripts/zope_path_disclosure.nasl,
scripts/webcalendar_info_disclosure.nasl,
scripts/compaq_web_mgmt_password.nasl,
scripts/remote-sgi-objectserver.nasl,
scripts/ilo_detect.nasl,
scripts/freesshd_key_exchange_overflow.nasl,
scripts/basilix_arbitrary_file_disclosure.nasl,
scripts/exchange_public_folders_information_leak.nasl,
scripts/cubecart_xss.nasl,
scripts/sambar_pagecount.nasl,
scripts/sendmail_queue_destruction.nasl,
scripts/smb_nt_ms02-006.nasl,
scripts/mantis_xss.nasl,
scripts/mailman_privatepy_directory_traversal.nasl,
scripts/sqlqhit_information_disclosure.nasl,
scripts/novell_groupwise_servletmanager_default_password.nasl,
scripts/oracle_tnslsnr_security.nasl,
scripts/resin_server_status.nasl,
scripts/zml_cgi_traversal.nasl,
scripts/breakcal_xss.nasl,
scripts/external_svc_ident.nasl,
scripts/novell_groupwise_webacc_information_disclosure.nasl,
scripts/basilix_message_content_script_injection.nasl,
scripts/trojan_horses.nasl,
scripts/formmail_version_disclosure.nasl,
scripts/webserver4d.nasl,
scripts/healthd_detect.nasl,
scripts/vtiger_flaws.nasl,
scripts/openoffice_CB-A08-0068.nasl,
scripts/doublecheck_std_services.nasl,
scripts/source_routed.nasl,
scripts/find_service_nmap.nasl,
scripts/bmforum_xss.nasl,
scripts/silverstream_database.nasl,
scripts/ftpd_bad_sequence.nasl,
scripts/bookreview_xss.nasl,
scripts/minibb_rfi.nasl,
scripts/owa_sqlinject.nasl,
scripts/kerio_PF_buffer_overflow.nasl,
scripts/lotus_notes_openserver_disclosure.nasl,
scripts/oracle9iAS_too_long_url.nasl,
scripts/basilix_arbitrary_command_execution.nasl,
scripts/hello_detect.nasl,
scripts/tomcat_status.nasl,
scripts/punBB_img_xss.nasl,
scripts/mssql_brute_force.nasl,
scripts/ipswitch_whatsup_auth_bypass.nasl,
scripts/yawcam_dir_traversal.nasl,
scripts/tripwire_webpage.nasl,
scripts/lcdproc_buffer_overflow.nasl,
scripts/smb_reg_service_pack_XP.nasl,
scripts/dbman_cgi.nasl,
scripts/cheopsNG_detect.nasl,
scripts/mtl_remote_file_include.nasl,
scripts/cutenews_xss.nasl,
scripts/rcblog_dir_transversal.nasl,
scripts/tftpd_backdoor.nasl,
scripts/worldclient_server_detection.nasl,
scripts/rip_poison.nasl,
scripts/punBB_install_xss.nasl,
scripts/eyeos_command_execution.nasl,
scripts/wsus_detect.nasl,
scripts/phpeasydownload_code_injection.nasl,
scripts/yacy_xss.nasl,
scripts/osX_apache_finder_content.nasl,
scripts/articlelive_xss.nasl,
scripts/atutor_xss.nasl,
scripts/ftp_writeable_directories.nasl,
scripts/iis_viewcode.nasl,
scripts/basilix_detect.nasl,
scripts/cheopsNG_clear_text_password.nasl,
scripts/securemote.nasl,
scripts/asip-status.nasl,
scripts/codered_x.nasl,
scripts/phpweblog_xss.nasl,
scripts/shoutcast_version.nasl,
scripts/sapdb_detect.nasl,
scripts/ntds_get_info.nasl,
scripts/cvsweb_version.nasl,
scripts/monkeyweb_too_big_post.nasl,
scripts/sybase_asa_ping.nasl,
scripts/sip_detection.nasl,
scripts/kerio_wrf_management_detection.nasl,
scripts/nfs_user_mount.nasl,
scripts/samba_CB-A08-0085.nasl,
scripts/cutenews_145_xss.nasl,
scripts/packeteer_web_version.nasl,
scripts/uploadskrip.nasl,
scripts/cutenews_show_news_xss.nasl,
scripts/ssh_ssf.nasl,
scripts/basilix_webmail.nasl,
scripts/symantec_ws_detection.nasl,
scripts/netop_infopublic.nasl,
scripts/packeteer_web_login.nasl,
scripts/unprotected_cheopsNG.nasl,
scripts/account_user_debug.nasl,
scripts/calendar_express_flaws.nasl,
scripts/http_trace.nasl,
scripts/netscaler_web_xss.nasl,
scripts/incomplete_http_requests_DoS.nasl,
scripts/xaraya_detection.nasl,
scripts/visnetic_mailserver_flaws.nasl,
scripts/open_X11_server.nasl,
scripts/mailenable_httpmail_content_length_overflow.nasl,
scripts/odbc_tools_check.nasl,
scripts/avengers_news_system_command_execution.nasl,
scripts/ipswitch_whatsup_info_disclosure.nasl,
scripts/libpng_CB-A08-0064.nasl,
scripts/phpwebthings_sql_injection.nasl,
scripts/asterisk_pbx_guest_access_enabled.nasl,
scripts/limbo_multiple_flaws.nasl,
scripts/groupwise_web_interface_help_hole.nasl,
scripts/segue_rfi.nasl,
scripts/eshop_information_disclosure.nasl,
scripts/wowBB_sql_injection.nasl,
scripts/mssql_version.nasl,
scripts/ventrilo_detect.nasl,
scripts/ftp_administrator.nasl,
scripts/webalbum_local_file_include.nasl,
scripts/SWS_DoS.nasl,
scripts/3com_switches.nasl,
scripts/wowBB_flaws.nasl,
scripts/cgicso_cross_site_scripting.nasl,
scripts/digital_scribe_login_sql_inject.nasl,
scripts/webwasher_conf_xss.nasl,
scripts/basilix_content_type_xss.nasl,
scripts/poprelayd_auth.nasl,
scripts/cisco_ios_ftp_server_auth_bypass.nasl,
scripts/e107_sql_injection.nasl,
scripts/sendmail_custom_config.nasl,
scripts/account_super_forgot.nasl,
scripts/linux_icmp_sctp_DoS.nasl,
scripts/find_service_3digits.nasl,
scripts/vnc.nasl,
scripts/netscaler_web_unencrypted.nasl,
scripts/free_articles_directory_file_includes.nasl,
scripts/exhibit_engine_rfi.nasl,
scripts/apache_server_info.nasl,
scripts/fsp_detection.nasl,
scripts/ypupdated_remote_exec.nasl,
scripts/egp_detect.nasl,
scripts/gcards_dir_transversal.nasl,
scripts/iax2_detection.nasl,
scripts/punBB_detect.nasl,
scripts/cesarftp_mkd_command_buffer_overflow.nasl,
scripts/X.nasl,
scripts/tftpd_detect.nasl,
scripts/sugarcrm_remote_file_inclusion.nasl,
scripts/cisco_acs_web_overflow.nasl,
scripts/netware_perl_overflow.nasl,
scripts/find_service1.nasl,
scripts/guppy_directory_traversal.nasl,
scripts/phpSurveyor_sql_inject.nasl,
scripts/weblogic_dotdotdos.nasl,
scripts/vmware_server_detect.nasl,
scripts/kiwi_cattools_dir_traversal.nasl,
scripts/yapig_multiple_flaws.nasl,
scripts/basit_xss.nasl,
scripts/rip_detect.nasl,
scripts/netscaler_web_detect.nasl,
scripts/punbb_register_lfi.nasl,
scripts/phpMyAgenda_30final_file_include.nasl,
scripts/smb_explorer_version.nasl,
scripts/iplanet_perf.nasl,
scripts/account_user_forgot.nasl,
scripts/dcshop_information_disclosure.nasl,
scripts/punBB_url_quote_xss.nasl,
scripts/nmap.nasl,
scripts/shambala_www_dos.nasl,
scripts/websphere_cache_DoS.nasl,
scripts/securemote_info_leak.nasl,
scripts/mssqlserver_detect.nasl,
scripts/sybase_asa_default_password.nasl,
scripts/netscaler_web_cookie_info.nasl,
scripts/yapig_remote_vuln.nasl,
scripts/packeteer_web_detect.nasl,
scripts/squirrelmail_detect.nasl,
scripts/opera_remote_location_object_flaw.nasl,
scripts/ftpglob.nasl,
scripts/etomite_0612_sql_injection.nasl,
scripts/ventrilo_dos.nasl,
scripts/snmp_hpJetDirectEWS.nasl,
scripts/xoops_viewtopic_xss.nasl,
scripts/orion_webserver_37717.nasl,
scripts/guppy_request_header_flaws.nasl,
scripts/netbios_name_get.nasl,
scripts/egd_detect.nasl,
scripts/cp-firewall-auth.nasl,
scripts/webnews.nasl,
scripts/modx_0921_rfi.nasl,
scripts/atutor_multiple_flaws.nasl,
scripts/zeroboard_flaws2.nasl,
scripts/tetrinet_detect.nasl,
scripts/wu_ftpd_site_exec.nasl,
scripts/cyrus_imsp_overflow.nasl,
scripts/webserver_favicon.nasl,
scripts/xhp_cms_file_upload.nasl,
scripts/cutenews_dir_traversal.nasl,
scripts/mantis_multiple_vulns4.nasl,
scripts/simpleserverwww_dos.nasl,
scripts/tomcat_server_default_files.nasl,
scripts/phptonuke_dir_trav.nasl,
scripts/patchlink_detection.nasl,
scripts/fs_policy_manager_7_dos.nasl,
scripts/iis5_isapi_printer.nasl,
scripts/ospf_detect.nasl,
scripts/symantec_ws_dos.nasl,
scripts/mediahouse_statistics_web_server.nasl,
scripts/lcdproc_detect.nasl,
scripts/apache_server_status.nasl,
scripts/apache_Tomcat_Servlet_XSS.nasl,
scripts/asterisk_null_pointer_dereference.nasl,
scripts/dont_scan_printers.nasl,
scripts/netop.inc,
scripts/weblogic_percent.nasl,
scripts/cart32_xss.nasl,
scripts/ilohamail_email_header_html_injection.nasl,
scripts/punBB_info_disclosure.nasl,
scripts/mysql_hotcopy_tempfile.nasl,
scripts/iis_xss_idc.nasl,
scripts/cutenews_indexphp_xss.nasl,
scripts/leafnode_version.nasl,
scripts/xot_detect.nasl,
scripts/atutor_password_reminder_sql.nasl,
scripts/ftp_kibuv_worm.nasl,
scripts/sybase_blank_password.nasl,
scripts/ossim_server_detect.nasl,
scripts/netscape_server_default_files.nasl,
scripts/shopping_cart_information_disclosure.nasl,
scripts/xnews.nasl,
scripts/burning_board_database_sql_injection.nasl,
scripts/novell_novonyx_default_files.nasl,
scripts/netscaler_web_cookie_crypto.nasl,
scripts/sglmerchant_information_disclosure.nasl,
scripts/smb_virii.nasl,
scripts/quote.nasl,
scripts/smb_suspicious_files.nasl,
scripts/php_nuke_bb_smilies_passwd.nasl,
scripts/efs_webserver_infodisclose.nasl,
scripts/asterisk_sdp_header_overflow.nasl,
scripts/silverstream_dirlisting.nasl,
scripts/brio_dir_traversal.nasl,
scripts/phpMyAdmin_remote_cmd.nasl,
scripts/yabb_xss.nasl,
scripts/finger_overflow.nasl,
scripts/mailgust_sql_injection.nasl,
scripts/netware_post_perl.nasl,
scripts/citrix.nasl,
scripts/lotus_domino_xss.nasl,
scripts/gentoo_unmaintained_packages.nasl,
scripts/spip_sql_injection.nasl,
scripts/PGPCert_DoS.nasl,
scripts/propfind_internal_ip.nasl,
scripts/cisco_vpn_client_priv_escalation.nasl,
scripts/phpwebthings_rfi.nasl,
scripts/phpbb_2_0_18.nasl,
scripts/basilix_sql_injection.nasl,
scripts/aspdev_imgtag.nasl,
scripts/bigip_cookie.nasl,
scripts/yapig_pass_dir_access.nasl,
scripts/kiwi_cattools_tftpd_dir_traversal.nasl,
scripts/cross_site_scripting.nasl,
scripts/trac_sql_injection.nasl: Removed risk factor text from
description (CR56).
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/ChangeLog 2011-11-18 11:38:04 UTC (rev 12135)
@@ -1,3 +1,377 @@
+2011-11-18 Henri Doreau <henri.doreau at greenbone.net>
+
+ * scripts/punBB_profile_xss.nasl,
+ scripts/secpod_ca_mult_prdts_detect_win.nasl,
+ scripts/mailenable_imap_rename_dos.nasl,
+ scripts/firewall_detect.nasl,
+ scripts/nntp_too_long_password.nasl,
+ scripts/aztek_xss.nasl,
+ scripts/SHN_MySQL_Privilege_Escalation.nasl,
+ scripts/listrec.nasl,
+ scripts/ldu_sql_injection.nasl,
+ scripts/ultravnc_dsm_detect.nasl,
+ scripts/mercur_imap_buffer_overflow.nasl,
+ scripts/xst_http_trace.nasl,
+ scripts/zeroboard_xss.nasl,
+ scripts/phpinfo.nasl,
+ scripts/apache_auth_sql_insertion.nasl,
+ scripts/ftpd_any_cmd.nasl,
+ scripts/iis_ida_isapi.nasl,
+ scripts/find_service2.nasl,
+ scripts/smtp_relay2.nasl,
+ scripts/apache_Tomcat_DOS_Device_XSS.nasl,
+ scripts/nsm2004_dos.nasl,
+ scripts/mantis_file_incl_sql_inject.nasl,
+ scripts/spybot_detection.nasl,
+ scripts/nullhttpd_content_length.nasl,
+ scripts/cherokee_0_4_7.nasl,
+ scripts/mssql_ping.nasl,
+ scripts/snmp_default_communities.nasl,
+ scripts/qk_smtp_server_dos.nasl,
+ scripts/chargen.nasl,
+ scripts/oracle9i_isqlplus_xss.nasl,
+ scripts/sql_injection.nasl,
+ scripts/webspirs_cgi.nasl,
+ scripts/shopplus_information_disclosure.nasl,
+ scripts/savant_cgitest.nasl,
+ scripts/ws4e_too_long_url.nasl,
+ scripts/remote-net-hub-3com.nasl,
+ scripts/easy_message_board_cmd_exec.nasl,
+ scripts/www_too_long_options.nasl,
+ scripts/ssl_cert_expiry.nasl,
+ scripts/linksys_multiple_vulns.nasl,
+ scripts/sympa_new_list_xss.nasl,
+ scripts/openwebmail_logindomain_xss.nasl,
+ scripts/includer_rcmdexec.nasl,
+ scripts/smtpserver_detect.nasl,
+ scripts/bgp_detect.nasl,
+ scripts/myevent_multiple_flaws.nasl,
+ scripts/phpdocumentor_1_3_remote_file_inclusion.nasl,
+ scripts/powerup_information_disclosure.nasl,
+ scripts/iis_nat.nasl,
+ scripts/http_methods.nasl,
+ scripts/phplistpro_remote_file_include.nasl,
+ scripts/monkeyweb_post_DoS.nasl,
+ scripts/Jserv_css.nasl,
+ scripts/remote-smtp-smad.nasl,
+ scripts/oracle9i_java_process_manager.nasl,
+ scripts/zeroboard_flaws.nasl,
+ scripts/docebo_globals_overwrite.nasl,
+ scripts/phpmyfaq_action_parameter_flaw.nasl,
+ scripts/apache_Tomcat_TroubleShooter.nasl,
+ scripts/mysql_buff_overflow.nasl,
+ scripts/hcl_file_include.nasl,
+ scripts/cp-firewall-webauth.nasl,
+ scripts/ldu_801.nasl,
+ scripts/packeteer_packetshaper_web_dos.nasl,
+ scripts/icmp_domain_name.nasl,
+ scripts/pjl_detect.nasl,
+ scripts/localweb2k.nasl,
+ scripts/netscaler_web_login.nasl,
+ scripts/www_too_long_url.nasl,
+ scripts/elog_logbook_global_dos.nasl,
+ scripts/oracle_tnslsnr_version.nasl,
+ scripts/cvstrac_output_formatter_dos.nasl,
+ scripts/opera_favicon_address_bar_spoofing.nasl,
+ scripts/DDI_MRTG_File_Read.nasl,
+ scripts/ftpd_no_cmd.nasl,
+ scripts/rich_media_ecommerce_stores_sensitive_information_insecurely.nasl,
+ scripts/basilix_attachment_disclosure.nasl,
+ scripts/www_server_name.nasl,
+ scripts/osX_apache_finder.nasl,
+ scripts/wuftpd_ls_DoS.nasl,
+ scripts/iis_frag_disclosure.nasl,
+ scripts/sendmail_debug_leak.nasl,
+ scripts/tomcat_srcjsp_malformed_request.nasl,
+ scripts/novell_netbasic_directory_traversal.nasl,
+ scripts/stun_detection.nasl,
+ scripts/dcetest.nasl,
+ scripts/phpshop_sql_injection.nasl,
+ scripts/poppassd_too_long_user.nasl,
+ scripts/anti_nessus.nasl,
+ scripts/webplus_install_path.nasl,
+ scripts/webgui_remote_cmd_exec.nasl,
+ scripts/php_nuke_admin_cp.nasl,
+ scripts/mysql_single_row_subselect_dos.nasl,
+ scripts/goaheadwebserver_source_disclosure.nasl,
+ scripts/wwwboardpwd.nasl,
+ scripts/famd_detect.nasl,
+ scripts/calendar_scheduler_xss.nasl,
+ scripts/RA_www_css.nasl,
+ scripts/smbcl_gnutls_CB-A08-0079.nasl,
+ scripts/lotus_domino_ldap_dos.nasl,
+ scripts/mailenable_httpmail_authorization_dos.nasl,
+ scripts/no404.nasl,
+ scripts/plumecms_prepend_file_inclusion.nasl,
+ scripts/datawizard_ftpxq_test_accts.nasl,
+ scripts/account_super_debug.nasl,
+ scripts/ldu_detection.nasl,
+ scripts/DDI_JavaServer_Default.nasl,
+ scripts/zope_path_disclosure.nasl,
+ scripts/webcalendar_info_disclosure.nasl,
+ scripts/compaq_web_mgmt_password.nasl,
+ scripts/remote-sgi-objectserver.nasl,
+ scripts/ilo_detect.nasl,
+ scripts/freesshd_key_exchange_overflow.nasl,
+ scripts/basilix_arbitrary_file_disclosure.nasl,
+ scripts/exchange_public_folders_information_leak.nasl,
+ scripts/cubecart_xss.nasl,
+ scripts/sambar_pagecount.nasl,
+ scripts/sendmail_queue_destruction.nasl,
+ scripts/smb_nt_ms02-006.nasl,
+ scripts/mantis_xss.nasl,
+ scripts/mailman_privatepy_directory_traversal.nasl,
+ scripts/sqlqhit_information_disclosure.nasl,
+ scripts/novell_groupwise_servletmanager_default_password.nasl,
+ scripts/oracle_tnslsnr_security.nasl,
+ scripts/resin_server_status.nasl,
+ scripts/zml_cgi_traversal.nasl,
+ scripts/breakcal_xss.nasl,
+ scripts/external_svc_ident.nasl,
+ scripts/novell_groupwise_webacc_information_disclosure.nasl,
+ scripts/basilix_message_content_script_injection.nasl,
+ scripts/trojan_horses.nasl,
+ scripts/formmail_version_disclosure.nasl,
+ scripts/webserver4d.nasl,
+ scripts/healthd_detect.nasl,
+ scripts/vtiger_flaws.nasl,
+ scripts/openoffice_CB-A08-0068.nasl,
+ scripts/doublecheck_std_services.nasl,
+ scripts/source_routed.nasl,
+ scripts/find_service_nmap.nasl,
+ scripts/bmforum_xss.nasl,
+ scripts/silverstream_database.nasl,
+ scripts/ftpd_bad_sequence.nasl,
+ scripts/bookreview_xss.nasl,
+ scripts/minibb_rfi.nasl,
+ scripts/owa_sqlinject.nasl,
+ scripts/kerio_PF_buffer_overflow.nasl,
+ scripts/lotus_notes_openserver_disclosure.nasl,
+ scripts/oracle9iAS_too_long_url.nasl,
+ scripts/basilix_arbitrary_command_execution.nasl,
+ scripts/hello_detect.nasl,
+ scripts/tomcat_status.nasl,
+ scripts/punBB_img_xss.nasl,
+ scripts/mssql_brute_force.nasl,
+ scripts/ipswitch_whatsup_auth_bypass.nasl,
+ scripts/yawcam_dir_traversal.nasl,
+ scripts/tripwire_webpage.nasl,
+ scripts/lcdproc_buffer_overflow.nasl,
+ scripts/smb_reg_service_pack_XP.nasl,
+ scripts/dbman_cgi.nasl,
+ scripts/cheopsNG_detect.nasl,
+ scripts/mtl_remote_file_include.nasl,
+ scripts/cutenews_xss.nasl,
+ scripts/rcblog_dir_transversal.nasl,
+ scripts/tftpd_backdoor.nasl,
+ scripts/worldclient_server_detection.nasl,
+ scripts/rip_poison.nasl,
+ scripts/punBB_install_xss.nasl,
+ scripts/eyeos_command_execution.nasl,
+ scripts/wsus_detect.nasl,
+ scripts/phpeasydownload_code_injection.nasl,
+ scripts/yacy_xss.nasl,
+ scripts/osX_apache_finder_content.nasl,
+ scripts/articlelive_xss.nasl,
+ scripts/atutor_xss.nasl,
+ scripts/ftp_writeable_directories.nasl,
+ scripts/iis_viewcode.nasl,
+ scripts/basilix_detect.nasl,
+ scripts/cheopsNG_clear_text_password.nasl,
+ scripts/securemote.nasl,
+ scripts/asip-status.nasl,
+ scripts/codered_x.nasl,
+ scripts/phpweblog_xss.nasl,
+ scripts/shoutcast_version.nasl,
+ scripts/sapdb_detect.nasl,
+ scripts/ntds_get_info.nasl,
+ scripts/cvsweb_version.nasl,
+ scripts/monkeyweb_too_big_post.nasl,
+ scripts/sybase_asa_ping.nasl,
+ scripts/sip_detection.nasl,
+ scripts/kerio_wrf_management_detection.nasl,
+ scripts/nfs_user_mount.nasl,
+ scripts/samba_CB-A08-0085.nasl,
+ scripts/cutenews_145_xss.nasl,
+ scripts/packeteer_web_version.nasl,
+ scripts/uploadskrip.nasl,
+ scripts/cutenews_show_news_xss.nasl,
+ scripts/ssh_ssf.nasl,
+ scripts/basilix_webmail.nasl,
+ scripts/symantec_ws_detection.nasl,
+ scripts/netop_infopublic.nasl,
+ scripts/packeteer_web_login.nasl,
+ scripts/unprotected_cheopsNG.nasl,
+ scripts/account_user_debug.nasl,
+ scripts/calendar_express_flaws.nasl,
+ scripts/http_trace.nasl,
+ scripts/netscaler_web_xss.nasl,
+ scripts/incomplete_http_requests_DoS.nasl,
+ scripts/xaraya_detection.nasl,
+ scripts/visnetic_mailserver_flaws.nasl,
+ scripts/open_X11_server.nasl,
+ scripts/mailenable_httpmail_content_length_overflow.nasl,
+ scripts/odbc_tools_check.nasl,
+ scripts/avengers_news_system_command_execution.nasl,
+ scripts/ipswitch_whatsup_info_disclosure.nasl,
+ scripts/libpng_CB-A08-0064.nasl,
+ scripts/phpwebthings_sql_injection.nasl,
+ scripts/asterisk_pbx_guest_access_enabled.nasl,
+ scripts/limbo_multiple_flaws.nasl,
+ scripts/groupwise_web_interface_help_hole.nasl,
+ scripts/segue_rfi.nasl,
+ scripts/eshop_information_disclosure.nasl,
+ scripts/wowBB_sql_injection.nasl,
+ scripts/mssql_version.nasl,
+ scripts/ventrilo_detect.nasl,
+ scripts/ftp_administrator.nasl,
+ scripts/webalbum_local_file_include.nasl,
+ scripts/SWS_DoS.nasl,
+ scripts/3com_switches.nasl,
+ scripts/wowBB_flaws.nasl,
+ scripts/cgicso_cross_site_scripting.nasl,
+ scripts/digital_scribe_login_sql_inject.nasl,
+ scripts/webwasher_conf_xss.nasl,
+ scripts/basilix_content_type_xss.nasl,
+ scripts/poprelayd_auth.nasl,
+ scripts/cisco_ios_ftp_server_auth_bypass.nasl,
+ scripts/e107_sql_injection.nasl,
+ scripts/sendmail_custom_config.nasl,
+ scripts/account_super_forgot.nasl,
+ scripts/linux_icmp_sctp_DoS.nasl,
+ scripts/find_service_3digits.nasl,
+ scripts/vnc.nasl,
+ scripts/netscaler_web_unencrypted.nasl,
+ scripts/free_articles_directory_file_includes.nasl,
+ scripts/exhibit_engine_rfi.nasl,
+ scripts/apache_server_info.nasl,
+ scripts/fsp_detection.nasl,
+ scripts/ypupdated_remote_exec.nasl,
+ scripts/egp_detect.nasl,
+ scripts/gcards_dir_transversal.nasl,
+ scripts/iax2_detection.nasl,
+ scripts/punBB_detect.nasl,
+ scripts/cesarftp_mkd_command_buffer_overflow.nasl,
+ scripts/X.nasl,
+ scripts/tftpd_detect.nasl,
+ scripts/sugarcrm_remote_file_inclusion.nasl,
+ scripts/cisco_acs_web_overflow.nasl,
+ scripts/netware_perl_overflow.nasl,
+ scripts/find_service1.nasl,
+ scripts/guppy_directory_traversal.nasl,
+ scripts/phpSurveyor_sql_inject.nasl,
+ scripts/weblogic_dotdotdos.nasl,
+ scripts/vmware_server_detect.nasl,
+ scripts/kiwi_cattools_dir_traversal.nasl,
+ scripts/yapig_multiple_flaws.nasl,
+ scripts/basit_xss.nasl,
+ scripts/rip_detect.nasl,
+ scripts/netscaler_web_detect.nasl,
+ scripts/punbb_register_lfi.nasl,
+ scripts/phpMyAgenda_30final_file_include.nasl,
+ scripts/smb_explorer_version.nasl,
+ scripts/iplanet_perf.nasl,
+ scripts/account_user_forgot.nasl,
+ scripts/dcshop_information_disclosure.nasl,
+ scripts/punBB_url_quote_xss.nasl,
+ scripts/nmap.nasl,
+ scripts/shambala_www_dos.nasl,
+ scripts/websphere_cache_DoS.nasl,
+ scripts/securemote_info_leak.nasl,
+ scripts/mssqlserver_detect.nasl,
+ scripts/sybase_asa_default_password.nasl,
+ scripts/netscaler_web_cookie_info.nasl,
+ scripts/yapig_remote_vuln.nasl,
+ scripts/packeteer_web_detect.nasl,
+ scripts/squirrelmail_detect.nasl,
+ scripts/opera_remote_location_object_flaw.nasl,
+ scripts/ftpglob.nasl,
+ scripts/etomite_0612_sql_injection.nasl,
+ scripts/ventrilo_dos.nasl,
+ scripts/snmp_hpJetDirectEWS.nasl,
+ scripts/xoops_viewtopic_xss.nasl,
+ scripts/orion_webserver_37717.nasl,
+ scripts/guppy_request_header_flaws.nasl,
+ scripts/netbios_name_get.nasl,
+ scripts/egd_detect.nasl,
+ scripts/cp-firewall-auth.nasl,
+ scripts/webnews.nasl,
+ scripts/modx_0921_rfi.nasl,
+ scripts/atutor_multiple_flaws.nasl,
+ scripts/zeroboard_flaws2.nasl,
+ scripts/tetrinet_detect.nasl,
+ scripts/wu_ftpd_site_exec.nasl,
+ scripts/cyrus_imsp_overflow.nasl,
+ scripts/webserver_favicon.nasl,
+ scripts/xhp_cms_file_upload.nasl,
+ scripts/cutenews_dir_traversal.nasl,
+ scripts/mantis_multiple_vulns4.nasl,
+ scripts/simpleserverwww_dos.nasl,
+ scripts/tomcat_server_default_files.nasl,
+ scripts/phptonuke_dir_trav.nasl,
+ scripts/patchlink_detection.nasl,
+ scripts/fs_policy_manager_7_dos.nasl,
+ scripts/iis5_isapi_printer.nasl,
+ scripts/ospf_detect.nasl,
+ scripts/symantec_ws_dos.nasl,
+ scripts/mediahouse_statistics_web_server.nasl,
+ scripts/lcdproc_detect.nasl,
+ scripts/apache_server_status.nasl,
+ scripts/apache_Tomcat_Servlet_XSS.nasl,
+ scripts/asterisk_null_pointer_dereference.nasl,
+ scripts/dont_scan_printers.nasl,
+ scripts/netop.inc,
+ scripts/weblogic_percent.nasl,
+ scripts/cart32_xss.nasl,
+ scripts/ilohamail_email_header_html_injection.nasl,
+ scripts/punBB_info_disclosure.nasl,
+ scripts/mysql_hotcopy_tempfile.nasl,
+ scripts/iis_xss_idc.nasl,
+ scripts/cutenews_indexphp_xss.nasl,
+ scripts/leafnode_version.nasl,
+ scripts/xot_detect.nasl,
+ scripts/atutor_password_reminder_sql.nasl,
+ scripts/ftp_kibuv_worm.nasl,
+ scripts/sybase_blank_password.nasl,
+ scripts/ossim_server_detect.nasl,
+ scripts/netscape_server_default_files.nasl,
+ scripts/shopping_cart_information_disclosure.nasl,
+ scripts/xnews.nasl,
+ scripts/burning_board_database_sql_injection.nasl,
+ scripts/novell_novonyx_default_files.nasl,
+ scripts/netscaler_web_cookie_crypto.nasl,
+ scripts/sglmerchant_information_disclosure.nasl,
+ scripts/smb_virii.nasl,
+ scripts/quote.nasl,
+ scripts/smb_suspicious_files.nasl,
+ scripts/php_nuke_bb_smilies_passwd.nasl,
+ scripts/efs_webserver_infodisclose.nasl,
+ scripts/asterisk_sdp_header_overflow.nasl,
+ scripts/silverstream_dirlisting.nasl,
+ scripts/brio_dir_traversal.nasl,
+ scripts/phpMyAdmin_remote_cmd.nasl,
+ scripts/yabb_xss.nasl,
+ scripts/finger_overflow.nasl,
+ scripts/mailgust_sql_injection.nasl,
+ scripts/netware_post_perl.nasl,
+ scripts/citrix.nasl,
+ scripts/lotus_domino_xss.nasl,
+ scripts/gentoo_unmaintained_packages.nasl,
+ scripts/spip_sql_injection.nasl,
+ scripts/PGPCert_DoS.nasl,
+ scripts/propfind_internal_ip.nasl,
+ scripts/cisco_vpn_client_priv_escalation.nasl,
+ scripts/phpwebthings_rfi.nasl,
+ scripts/phpbb_2_0_18.nasl,
+ scripts/basilix_sql_injection.nasl,
+ scripts/aspdev_imgtag.nasl,
+ scripts/bigip_cookie.nasl,
+ scripts/yapig_pass_dir_access.nasl,
+ scripts/kiwi_cattools_tftpd_dir_traversal.nasl,
+ scripts/cross_site_scripting.nasl,
+ scripts/trac_sql_injection.nasl: Removed risk factor text from
+ description (CR56).
+
2011-11-18 Antu Sanadi <santu at secpod.com>
* scripts/gb_mozilla_prdts_browser_engine_dos_vuln_win.nasl,
Modified: trunk/openvas-plugins/scripts/3com_switches.nasl
===================================================================
--- trunk/openvas-plugins/scripts/3com_switches.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/3com_switches.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -126,8 +126,7 @@
}
res = string(res, "\nSolution : Telnet to this switch immediately and ",
- "change the passwords above.\n",
- "Risk factor : High\n");
+ "change the passwords above.\n");
if ( bfound == 1 )
{
Modified: trunk/openvas-plugins/scripts/DDI_JavaServer_Default.nasl
===================================================================
--- trunk/openvas-plugins/scripts/DDI_JavaServer_Default.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/DDI_JavaServer_Default.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,11 +45,7 @@
Solution: Set the web administration interface to require a
complex password. For more information please
consult the documentation located in the /system/
- directory of the web server.
-
-
-Risk factor: Medium
-";
+ directory of the web server.";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/DDI_MRTG_File_Read.nasl
===================================================================
--- trunk/openvas-plugins/scripts/DDI_MRTG_File_Read.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/DDI_MRTG_File_Read.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,13 +48,10 @@
in this script which allows an attacker to view the
first line of any file on the system.
-Solution: Block access to this CGI
+Solution: Block access to this CGI";
-Risk factor: Medium
-";
-
script_description(desc);
summary = "checks for mrtg.cgi";
Modified: trunk/openvas-plugins/scripts/Jserv_css.nasl
===================================================================
--- trunk/openvas-plugins/scripts/Jserv_css.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/Jserv_css.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,7 +50,7 @@
Also consider switching from JServ to TomCat, since JServ is no longer
maintained.
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/PGPCert_DoS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/PGPCert_DoS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/PGPCert_DoS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,9 +42,7 @@
An attacker may use this flaw to prevent your PGP
certificate server from working properly.
-Solution: Upgrade to the latest version.
-
-Risk factor: Medium");
+Solution: Upgrade to the latest version.");
script_summary("Check for DoS in PGP Cert Server");
script_category(ACT_DENIAL);
script_family("Denial of Service");
Modified: trunk/openvas-plugins/scripts/RA_www_css.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RA_www_css.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/RA_www_css.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,7 +58,7 @@
Upgrade to the newest version of this software
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/SHN_MySQL_Privilege_Escalation.nasl
===================================================================
--- trunk/openvas-plugins/scripts/SHN_MySQL_Privilege_Escalation.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/SHN_MySQL_Privilege_Escalation.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -47,7 +47,6 @@
When the mysqld service is executed, it will run as the root
user instead of the default user.
-Risk factor: Critical
Solution : Upgrade to at least version 3.23.56";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/SWS_DoS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/SWS_DoS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/SWS_DoS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -57,8 +57,6 @@
A cracker may exploit this flaw to disable this service.
-
-Risk factor: Medium
Solution : Upgrade your web server";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/X.nasl
===================================================================
--- trunk/openvas-plugins/scripts/X.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/X.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -183,8 +183,7 @@
"your X session or even kill the server.\n\n",
"Here is the server version : ", ver, "\n",
"Here is the message we received : ", textresult, "\n\n",
- "Solution : filter incoming connections to ports 6000-6009\n",
- "Risk factor: Critical");
+ "Solution : filter incoming connections to ports 6000-6009");
security_note(port:port, data:report);
register_service(port: port, proto: "X11");
}
@@ -218,8 +217,7 @@
"to this port as attacker may send garbage data and slow down\n",
"your X session or even kill the server.\n\n",
"Here is the message we received : ", textresult, "\n\n",
- "Solution : filter incoming connections to ports 6000-6009\n",
- "Risk factor : Low");
+ "Solution : filter incoming connections to ports 6000-6009");
security_note(port:port, data:report);
register_service(port: port, proto: "X11");
}
Modified: trunk/openvas-plugins/scripts/account_super_debug.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_super_debug.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/account_super_debug.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,7 +42,6 @@
The account 'super' has the password 'debug'. An attacker may use it to
gain further privileges on this system.
-Risk factor: Critical
Solution : Set a password for this account or disable it";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/account_super_forgot.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_super_forgot.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/account_super_forgot.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,7 +42,6 @@
The account 'super' has the password 'forgot'. An attacker may use it
to gain further privileges on this system.
-Risk factor: Critical
Solution : Set a password for this account or disable it";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/account_user_debug.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_user_debug.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/account_user_debug.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,7 +41,6 @@
The account 'user' has the password 'debug'. An attacker may use it to
gain further privileges on this system.
-Risk factor: Critical
Solution : Set a password for this account or disable it";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/account_user_forgot.nasl
===================================================================
--- trunk/openvas-plugins/scripts/account_user_forgot.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/account_user_forgot.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,7 +41,6 @@
The account 'user' has the password 'forgot'. An attacker may use it to
gain further privileges on this system.
-Risk factor: Critical
Solution : Set a password for this account or disable it";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/anti_nessus.nasl
===================================================================
--- trunk/openvas-plugins/scripts/anti_nessus.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/anti_nessus.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -37,8 +37,6 @@
It seems that your web server rejects requests
from OpenVAS. It is probably protected by a reverse proxy.
-Risk factor : None
-
Solution : change your configuration if you want accurate audit results";
@@ -81,16 +79,11 @@
However, the way the filter is implemented, it may in fact
help a script kiddy that uses OpenVAS to scan your system.
-
-Risk factor : Low
-
Solution : change your configuration if you want accurate
audit results and a better protection";
else
rep += "
-Risk factor : None
-
Solution : change your configuration
if you want accurate audit results";
Modified: trunk/openvas-plugins/scripts/apache_Tomcat_DOS_Device_XSS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/apache_Tomcat_DOS_Device_XSS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/apache_Tomcat_DOS_Device_XSS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -68,7 +68,7 @@
http://www.westpoint.ltd.uk/advisories/wp-02-0008.txt
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/apache_Tomcat_Servlet_XSS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/apache_Tomcat_Servlet_XSS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/apache_Tomcat_Servlet_XSS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -73,7 +73,7 @@
www.westpoint.ltd.uk/advisories/wp-02-0008.txt
-Risk factor : High / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/apache_Tomcat_TroubleShooter.nasl
===================================================================
--- trunk/openvas-plugins/scripts/apache_Tomcat_TroubleShooter.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/apache_Tomcat_TroubleShooter.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,7 +60,7 @@
http://www.osvdb.org/displayvuln.php?osvdb_id=849
-Risk factor : Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/apache_auth_sql_insertion.nasl
===================================================================
--- trunk/openvas-plugins/scripts/apache_auth_sql_insertion.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/apache_auth_sql_insertion.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,7 +44,6 @@
using Apache Auth modules which are known to be vulnerable to SQL
insertion attacks.
-Risk factor : High
Solution: Upgrade the module";
@@ -84,7 +83,6 @@
"Apache Web Server.\n",
"This module is vulnerable to a SQL insertion attack that could allow an\n",
"attacker to execute arbitrary SQL statements.\n\n",
-"Risk factor : High\n",
"Solution: Get the latest version of this module (probably VERSION) at URL\n\n",
"References: RUS CERT Advisory available at http://cert-uni-stuttgart.de/advisories/apache_auth.php");
Modified: trunk/openvas-plugins/scripts/apache_server_info.nasl
===================================================================
--- trunk/openvas-plugins/scripts/apache_server_info.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/apache_server_info.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -37,7 +37,6 @@
Requesting the URI /server-info gives information about
your Apache configuration.
-Risk factor : Low
Solution :
If you don't use this feature, comment the appropriate section in
your httpd.conf file. If you really need it, limit its access to
Modified: trunk/openvas-plugins/scripts/apache_server_status.nasl
===================================================================
--- trunk/openvas-plugins/scripts/apache_server_status.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/apache_server_status.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -37,7 +37,6 @@
Requesting the URI /server-status gives information about
the currently running Apache.
-Risk factor : Low
Solution :
If you don't use this feature, comment the appropriate section in
your httpd.conf file. If you really need it, limit its access to
Modified: trunk/openvas-plugins/scripts/articlelive_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/articlelive_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/articlelive_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Upgrade to the newest version of this software
-Risk factor : Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/asip-status.nasl
===================================================================
--- trunk/openvas-plugins/scripts/asip-status.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/asip-status.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -37,9 +37,7 @@
By sending DSIGetStatus request on tcp port 548, it was
possible to disclose information about the remote host.
-Risk factor :
-
-None / CVSS Base Score : 0
+CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/aspdev_imgtag.nasl
===================================================================
--- trunk/openvas-plugins/scripts/aspdev_imgtag.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/aspdev_imgtag.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -59,9 +59,7 @@
Unknown at this time.
-Risk factor :
-
-Medium / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/asterisk_null_pointer_dereference.nasl
===================================================================
--- trunk/openvas-plugins/scripts/asterisk_null_pointer_dereference.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/asterisk_null_pointer_dereference.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -63,9 +63,7 @@
Upgrade to Asterisk PBX release 1.4.1 or 1.2.16.
-Risk factor :
-
-Medium / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:N/A:C/I:N/B:A)";
script_description(desc);
summary = "Detect a null pointer dereference overflow in Asterisk PBX";
Modified: trunk/openvas-plugins/scripts/asterisk_pbx_guest_access_enabled.nasl
===================================================================
--- trunk/openvas-plugins/scripts/asterisk_pbx_guest_access_enabled.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/asterisk_pbx_guest_access_enabled.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,9 +58,7 @@
If guest access is not needed, disable it by setting 'allowguest=no'
in the sip.conf file.
-Risk factor :
-
-Medium / CVSS Base Score : 3.5
+CVSS Base Score : 3.5
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
script_name(name);
Modified: trunk/openvas-plugins/scripts/asterisk_sdp_header_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/asterisk_sdp_header_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/asterisk_sdp_header_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -68,9 +68,7 @@
Upgrade to Asterisk release 1.4.2/1.2.17 or newer.
-Risk factor : High
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(AV:R/AC:L/Au:NR/C:N/A:C/I:N/B:A)";
script_description(desc);
script_name(name);
Modified: trunk/openvas-plugins/scripts/atutor_multiple_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/atutor_multiple_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/atutor_multiple_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -49,7 +49,7 @@
Apply patch 1.5.1-pl1 or upgrade to version 1.5.2 or later.
-Risk factor : High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
if(description)
Modified: trunk/openvas-plugins/scripts/atutor_password_reminder_sql.nasl
===================================================================
--- trunk/openvas-plugins/scripts/atutor_password_reminder_sql.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/atutor_password_reminder_sql.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Upgrade to ATutor 1.5.1 pl1 or later
-Risk factor: High / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/atutor_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/atutor_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/atutor_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Unknown at this time.
-Risk factor : Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/avengers_news_system_command_execution.nasl
===================================================================
--- trunk/openvas-plugins/scripts/avengers_news_system_command_execution.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/avengers_news_system_command_execution.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,7 +41,6 @@
command execution by remote attackers who have access to the ANS
page.
-Risk factor : High
Solution : see http://www.securiteam.com/unixfocus/5MP090A6KG.html";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/aztek_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/aztek_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/aztek_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -57,7 +57,7 @@
Upgrade to the latest version of this software
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/basilix_arbitrary_command_execution.nasl
===================================================================
--- trunk/openvas-plugins/scripts/basilix_arbitrary_command_execution.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/basilix_arbitrary_command_execution.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,9 +58,7 @@
Upgrade to BasiliX version 1.1.0 or later.
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/basilix_arbitrary_file_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/basilix_arbitrary_file_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/basilix_arbitrary_file_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -63,9 +63,7 @@
Upgrade to BasiliX version 1.1.1 or later.
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/basilix_attachment_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/basilix_attachment_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/basilix_attachment_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,7 +58,7 @@
Upgrade to BasiliX version 1.1.1 or later.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:L/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/basilix_content_type_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/basilix_content_type_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/basilix_content_type_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,7 +58,7 @@
http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-2.txt
http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/basilix_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/basilix_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/basilix_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -40,13 +40,9 @@
See also :
-http://sourceforge.net/projects/basilix/
+http://sourceforge.net/projects/basilix/";
-Risk factor :
-None";
-
-
if (description) {
script_id(14308);
script_version("$Revision$");
Modified: trunk/openvas-plugins/scripts/basilix_message_content_script_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/basilix_message_content_script_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/basilix_message_content_script_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,7 +58,7 @@
Upgrade to BasiliX version 1.1.1 or later.
-Risk factor: High / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/basilix_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/basilix_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/basilix_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,7 +56,7 @@
Upgrade to BasiliX version 1.1.1 or later.
-Risk factor: High / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:N/A:N/I:P/B:I)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/basilix_webmail.nasl
===================================================================
--- trunk/openvas-plugins/scripts/basilix_webmail.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/basilix_webmail.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -63,7 +63,7 @@
Update Basilix or remove DUMMY from lang.inc.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/basit_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/basit_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/basit_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -57,7 +57,7 @@
Upgrade to a newer version.
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/bgp_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/bgp_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/bgp_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,12 +50,8 @@
If the remote service is not used, disable it.
Make sure that access to this service is either filtered so that only
allowed hosts can connect to it, or that TCP MD5 is enabled to protect
-this service from rogue connections.
+this service from rogue connections.";
-Risk factor :
-
-None";
-
script_description(desc);
summary = "Sends a BGP Hello packet";
Modified: trunk/openvas-plugins/scripts/bigip_cookie.nasl
===================================================================
--- trunk/openvas-plugins/scripts/bigip_cookie.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/bigip_cookie.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,9 +44,7 @@
http://asia.f5.com/solutions/archives/techbriefs/cookie.html
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/bmforum_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/bmforum_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/bmforum_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -67,7 +67,7 @@
Unknown at this time
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/bookreview_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/bookreview_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/bookreview_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -69,7 +69,7 @@
None at this time
-Risk factor : Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/breakcal_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/breakcal_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/breakcal_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,7 +55,7 @@
Update or disable this CGI suite
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
Modified: trunk/openvas-plugins/scripts/brio_dir_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/brio_dir_traversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/brio_dir_traversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -40,8 +40,7 @@
http://www.example.com/ods-cgi/odscgi?HTMLFile=../../../../../../etc/passwd
-Solution: Check www.brio.com for updated software.
-Risk Factor: Medium");
+Solution: Check www.brio.com for updated software.");
script_summary("Brio Unix Directory Traversal");
Modified: trunk/openvas-plugins/scripts/burning_board_database_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/burning_board_database_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/burning_board_database_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,9 +61,7 @@
Unknown at this time.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/calendar_express_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/calendar_express_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/calendar_express_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Upgrade to the latest version of this software.
-Risk factor: High / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/calendar_scheduler_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/calendar_scheduler_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/calendar_scheduler_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Disable this module or upgrade to a newer version
-Risk factor : Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/cart32_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cart32_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cart32_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Upgrade to the newest version of this software
-Risk factor : High / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/cesarftp_mkd_command_buffer_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cesarftp_mkd_command_buffer_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cesarftp_mkd_command_buffer_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -71,7 +71,7 @@
Filter access to the FTP service, so that it can be used by trusted
sources only.
-Risk factor : High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:L/Au:R/C:C/A:C/I:C/B:N)";
script_description(desc);
summary = "Detect a buffer overflow in CesarFTP server via a long MKD string";
Modified: trunk/openvas-plugins/scripts/cgicso_cross_site_scripting.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cgicso_cross_site_scripting.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cgicso_cross_site_scripting.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,7 +51,7 @@
Modify cgilib.c to contain a stripper function that will remove any HTML
or JavaScript tags.
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/chargen.nasl
===================================================================
--- trunk/openvas-plugins/scripts/chargen.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/chargen.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -72,7 +72,7 @@
To restart the service.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/cheopsNG_clear_text_password.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cheopsNG_clear_text_password.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cheopsNG_clear_text_password.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -54,9 +54,7 @@
from outside communication if you want to further restrict
the use of Cheops.
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:H/Au:NR/C:P/A:N/I:P/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/cheopsNG_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cheopsNG_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cheopsNG_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,12 +45,8 @@
See also :
-http://cheops-ng.sourceforge.net/
+http://cheops-ng.sourceforge.net/";
-Risk factor :
-
-None";
-
script_description(desc);
script_summary( "Cheops NG agent is running");
script_category(ACT_GATHER_INFO);
Modified: trunk/openvas-plugins/scripts/cherokee_0_4_7.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cherokee_0_4_7.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cherokee_0_4_7.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,7 +56,7 @@
Upgrade to Cherokee 0.4.8 or newer.
-Risk factor : Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/cisco_acs_web_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cisco_acs_web_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cisco_acs_web_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,8 +45,6 @@
server(login.exe) execute arbitrary code by sending
it a too long login url.
-Risk factor : High
-
Solution : Cisco has already released a patch for this problem";
Modified: trunk/openvas-plugins/scripts/cisco_ios_ftp_server_auth_bypass.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cisco_ios_ftp_server_auth_bypass.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cisco_ios_ftp_server_auth_bypass.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,7 +43,7 @@
Disable the FTP Server by using 'no ftp-server enable'
or upgrade to a newer release (see cisco-sa-20070509-iosftp).
-Risk factor : Critical / CVSS Base Score : 8.5
+CVSS Base Score : 8.5
(AV:R/AC:L/Au:NR/C:C/A:P/I:P/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/cisco_vpn_client_priv_escalation.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cisco_vpn_client_priv_escalation.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cisco_vpn_client_priv_escalation.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,9 +58,7 @@
Upgrade to version 4.8.01.0300 or a later.
-Risk factor :
-
-High / CVSS Base Score : 7.0
+CVSS Base Score : 7.0
(AV:L/AC:L/Au:NR/C:C/I:C/A:C/B:N)";
script_description(desc);
summary = "Detects a privilege escalation in the Cisco VPN Client by query its version number";
Modified: trunk/openvas-plugins/scripts/citrix.nasl
===================================================================
--- trunk/openvas-plugins/scripts/citrix.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/citrix.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -84,7 +84,6 @@
if(incoming) {
mywarning = string("The Citrix server is configured in a way which may allow an external attacker\n");
mywarning = string(mywarning, "to enumerate remote services.\n\n");
- mywarning = string(mywarning, "Risk factor: Medium\n");
mywarning = string(mywarning, "Solution: see http://sh0dan.org/files/hackingcitrix.txt for more info");
security_warning(port:port, data:mywarning, proto:"udp");
}
Modified: trunk/openvas-plugins/scripts/codered_x.nasl
===================================================================
--- trunk/openvas-plugins/scripts/codered_x.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/codered_x.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,8 +53,6 @@
It is recommended that hosts that have been compromised by Code Red X would reinstall the operating system from scratch and patch it accordingly.
-Risk factor: Critical
-
Additional information:
http://www.securiteam.com/securitynews/5GP0V004UQ.html
http://www.securiteam.com/windowsntfocus/5WP0L004US.html
Modified: trunk/openvas-plugins/scripts/compaq_web_mgmt_password.nasl
===================================================================
--- trunk/openvas-plugins/scripts/compaq_web_mgmt_password.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/compaq_web_mgmt_password.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -83,7 +83,7 @@
report = string("The Compaq Web-based Management / HP System Management Agent active on the remote host is configured with the default, or a predictable, administrator password.\n\nDepending on the agents integrated, this allows an attacker to view sensitive and verbose system information, and may even allow more active attacks such as rebooting the remote system. Furthermore, if an SNMP agent is configured on the remote host it may disclose the SNMP community strings in use, allowing an attacker to set device configuration if the 'write' community string is uncovered.\n\nTo manually test for this bug, you can log into the Compaq web server via a browser (https://host:2381/). Log in with a username/password combination of administrator/");
-solution = string("\n\nSolution: Ensure that all passwords for Compaq Web-based Management / HP System Management Agent accounts are set to stronger, less easily guessable, alternatives. As a further precaution, use the 'IP Restricted Logins' setting to allow only authorised IP's to manage this agent.\n\nRisk factor: High");
+solution = string("\n\nSolution: Ensure that all passwords for Compaq Web-based Management / HP System Management Agent accounts are set to stronger, less easily guessable, alternatives. As a further precaution, use the 'IP Restricted Logins' setting to allow only authorised IP's to manage this agent.");
passlist = make_list ('administrator', 'admin', 'cim', 'cim7', 'password');
Modified: trunk/openvas-plugins/scripts/cp-firewall-auth.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cp-firewall-auth.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cp-firewall-auth.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -38,8 +38,7 @@
the remote network or to gather a list of valid user names
by a brute-force attack.
-Solution : if you do not use this service, disable it.
-Risk factor : Low");
+Solution : if you do not use this service, disable it.");
script_summary("The remote CheckPoint Firewall-1 can be accessed via a telnet interface");
script_category(ACT_GATHER_INFO);
Modified: trunk/openvas-plugins/scripts/cp-firewall-webauth.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cp-firewall-webauth.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cp-firewall-webauth.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,8 +42,7 @@
prior to checking their passwords, allowing attackers to easily
bruteforce a valid list of usernames.
-Solution : if you do not use this service, disable it
-Risk factor : Low");
+Solution : if you do not use this service, disable it");
script_summary("The remote CheckPoint Firewall-1 can be authenticated with via a web interface");
script_category(ACT_GATHER_INFO);
script_family("Firewalls");
Modified: trunk/openvas-plugins/scripts/cross_site_scripting.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cross_site_scripting.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cross_site_scripting.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -52,8 +52,6 @@
level of the server (for example, the trust level of banks, shopping centers,
etc. would usually be high).
-Risk factor : Medium
-
Solutions:
. Allaire/Macromedia Jrun:
@@ -139,8 +137,6 @@
Sample url : " + exploit_url + "
-Risk factor : Medium
-
Solutions:
. Allaire/Macromedia Jrun:
Modified: trunk/openvas-plugins/scripts/cubecart_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cubecart_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cubecart_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,7 +44,7 @@
http://lostmon.blogspot.com/2005/09/cubecart-303-multiple-variable-cross.html
Solution:
Upgrade to CubeCart version 3.0.4 or later.
- Risk factor : Medium / CVSS Base Score : 3
+ CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/cutenews_145_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cutenews_145_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cutenews_145_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -64,9 +64,7 @@
Unknown at this time.
-Risk factor :
-
-Medium / CVSS Base Score : 4.3
+CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)";
script_description(desc);
script_summary(summary);
Modified: trunk/openvas-plugins/scripts/cutenews_dir_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cutenews_dir_traversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cutenews_dir_traversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,8 +53,7 @@
http://retrogod.altervista.org/cute141.html
Solution: Unknown at this time.
- Risk factor : Medium;
- High / CVSS Base Score : 7
+ CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
script_summary("Checks for CuteNews dir traversal");
Modified: trunk/openvas-plugins/scripts/cutenews_indexphp_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cutenews_indexphp_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cutenews_indexphp_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -63,7 +63,7 @@
Upgrade to the latest version.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/cutenews_show_news_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cutenews_show_news_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cutenews_show_news_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -66,7 +66,7 @@
Upgrade to the latest version of this software.
-Risk factor: High / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:N/A:N/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/cutenews_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cutenews_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cutenews_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -64,9 +64,7 @@
Upgrade to CuteNews v1.3.2 or newer.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/cvstrac_output_formatter_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvstrac_output_formatter_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cvstrac_output_formatter_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,9 +60,7 @@
Upgrade to CVSTrac 2.0.1 or later.
-Risk factor :
-
-Medium / CVSS Base Score : 4.3
+CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)";
Modified: trunk/openvas-plugins/scripts/cvsweb_version.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cvsweb_version.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cvsweb_version.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,7 +45,6 @@
This plugin tries to detect the presence of a CVSWeb CGI and
when it finds it, it tries to obtain its version.
-Risk factor : Low
Solution : Password protect the CGI if unauthorized access isn't wanted";
@@ -97,8 +96,7 @@
"programs if you keep them secret.\n\n",
"The installed version of this CGI is : ", result, "\n\n",
"Solution : Restrict the access to this CGI using password protection,\n",
-"or disable it if you do not use it\n",
-"Risk factor : Low");
+"or disable it if you do not use it");
security_warning(port:port, data: result);
exit(0);
Modified: trunk/openvas-plugins/scripts/cyrus_imsp_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cyrus_imsp_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/cyrus_imsp_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,7 +50,6 @@
The overflow occurs when the user issues a too long argument as his name,
causing an overflow in the abook_dbname function command.
-Risk factor : High
Solution : Upgrade cyrus-imsp server to version version 1.6a4 or 1.7a";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/datawizard_ftpxq_test_accts.nasl
===================================================================
--- trunk/openvas-plugins/scripts/datawizard_ftpxq_test_accts.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/datawizard_ftpxq_test_accts.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,7 +42,7 @@
Disable or change the password for any unnecessary user accounts.
-Risk factor: High / CVSS Base Score : 6.4
+CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)";
if (description)
Modified: trunk/openvas-plugins/scripts/dbman_cgi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/dbman_cgi.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/dbman_cgi.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,7 +43,6 @@
GET /scripts/dbman/db.cgi?db=no-db
-Risk factor: High
Solution : Upgrade to the latest version";
script_description(desc);
@@ -114,8 +113,7 @@
result = result - strstr(result, string("\n"));
result = result - string("SERVER_SOFTWARE : ");
report = report + "Server software: " + result + string("\n");
- report = report + string("\nRisk factor : Medium\n",
- "Solution : Upgrade to the latest version\n");
+ report = report + string("\nSolution : Upgrade to the latest version\n");
security_warning(port, data: report);
}
}
Modified: trunk/openvas-plugins/scripts/dcetest.nasl
===================================================================
--- trunk/openvas-plugins/scripts/dcetest.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/dcetest.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -754,8 +754,7 @@
mypostreport = string("
-Solution : filter incoming traffic to this port(s).
-Risk factor : Low");
+Solution : filter incoming traffic to this port(s).");
Modified: trunk/openvas-plugins/scripts/dcshop_information_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/dcshop_information_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/dcshop_information_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -91,8 +91,6 @@
6. Replace your current files with above files
-Risk factor: Medium
-
Additional information:
http://www.securiteam.com/unixfocus/5RP0N2K4KE.html
";
Modified: trunk/openvas-plugins/scripts/digital_scribe_login_sql_inject.nasl
===================================================================
--- trunk/openvas-plugins/scripts/digital_scribe_login_sql_inject.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/digital_scribe_login_sql_inject.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,7 +60,7 @@
Unknown at this time.
-Risk factor : High / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/docebo_globals_overwrite.nasl
===================================================================
--- trunk/openvas-plugins/scripts/docebo_globals_overwrite.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/docebo_globals_overwrite.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,7 +53,7 @@
Disable PHP's register_globals and/or upgrade to a newer PHP release.
-Risk factor : High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/dont_scan_printers.nasl
===================================================================
--- trunk/openvas-plugins/scripts/dont_scan_printers.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/dont_scan_printers.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,9 +50,7 @@
If you want to scan the remote host, disable the 'safe checks' option and
re-scan it.
-Risk factor :
-
-None / CVSS Base Score : 0
+CVSS Base Score : 0
(AV:L/AC:H/Au:R/C:N/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/doublecheck_std_services.nasl
===================================================================
--- trunk/openvas-plugins/scripts/doublecheck_std_services.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/doublecheck_std_services.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,13 +42,9 @@
This plugin is a complement of find_service.nes. It attempts
to identify common services which might have been missed because
-of a network problem.
+of a network problem.";
-Risk factor :
-None";
-
-
script_description(desc);
summary = "Identifies common services (second chance)";
Modified: trunk/openvas-plugins/scripts/e107_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/e107_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/e107_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Upgrade to e107 version 0.6173 or later.
-Risk factor: High / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/easy_message_board_cmd_exec.nasl
===================================================================
--- trunk/openvas-plugins/scripts/easy_message_board_cmd_exec.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/easy_message_board_cmd_exec.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -35,8 +35,7 @@
or execute arbitrary commands on the remote host with the privileges of
the web server.
-Solution : Upgrade to the newest version of this CGI or disable it
-Risk factor : High';
+Solution : Upgrade to the newest version of this CGI or disable it';
if(description)
{
Modified: trunk/openvas-plugins/scripts/efs_webserver_infodisclose.nasl
===================================================================
--- trunk/openvas-plugins/scripts/efs_webserver_infodisclose.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/efs_webserver_infodisclose.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,9 +44,7 @@
Unknown at this time.
-Risk factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)";
if (description)
Modified: trunk/openvas-plugins/scripts/egd_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/egd_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/egd_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -47,12 +47,8 @@
Solution :
If this service is not needed, disable it or filter incoming traffic
-to this port.
+to this port.";
-Risk factor :
-
-None";
-
script_name( "EGD detection");
script_description(desc);
script_summary( "Detect the Entropy Gathering Daemon (EGD)");
Modified: trunk/openvas-plugins/scripts/egp_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/egp_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/egp_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -49,12 +49,8 @@
Solution :
If this protocol is not needed, disable it or filter incoming traffic going
-to IP protocol #8
+to IP protocol #8";
-Risk factor :
-
-None";
-
script_description(desc);
summary = "Sends an EGP Neighbor Acquisition Message";
Modified: trunk/openvas-plugins/scripts/elog_logbook_global_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/elog_logbook_global_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/elog_logbook_global_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -65,9 +65,7 @@
Upgrade to ELOG version 2.6.2-7 or later.
-Risk Factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)";
script_description(desc);
script_summary(summary);
Modified: trunk/openvas-plugins/scripts/eshop_information_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/eshop_information_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/eshop_information_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,7 +43,6 @@
web server.
Solution: Contact the author for a patch.
-Risk factor : High
Additional information:
http://www.securiteam.com/unixfocus/5JP0M005FU.html
Modified: trunk/openvas-plugins/scripts/etomite_0612_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/etomite_0612_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/etomite_0612_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -49,7 +49,7 @@
No patches or upgrades have been reported by the vendor at this time.
-Risk factor: High / CVSS Base Score : 6.8
+CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)";
if(description)
Modified: trunk/openvas-plugins/scripts/exchange_public_folders_information_leak.nasl
===================================================================
--- trunk/openvas-plugins/scripts/exchange_public_folders_information_leak.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/exchange_public_folders_information_leak.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -40,8 +40,6 @@
desc = "Microsoft Exchange Public Folders can be set to allow anonymous connections (set by default). If this is not changed it is possible for
an attacker to gain critical information about the users (such as full email address, phone number, etc) that are present in the Exchange Server.
-Risk factor : Medium
-
Additional information:
http://www.securiteam.com/windowsntfocus/5WP091P5FQ.html
";
Modified: trunk/openvas-plugins/scripts/exhibit_engine_rfi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/exhibit_engine_rfi.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/exhibit_engine_rfi.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,7 +44,7 @@
No patches or upgrades have been reported by the vendor at this time.
-Risk factor: High / CVSS Base Score : 6.8
+CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)";
if(description)
Modified: trunk/openvas-plugins/scripts/external_svc_ident.nasl
===================================================================
--- trunk/openvas-plugins/scripts/external_svc_ident.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/external_svc_ident.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,12 +43,8 @@
This plugin registers services that were identified
by external scanners (amap, nmap, etc...).
-It does not perform any fingerprinting by itself.
-
-Risk factor :
+It does not perform any fingerprinting by itself.";
-None";
-
script_description( desc);
script_copyright("(C) 2004 Michel Arboi");
script_name( "external services identification");
Modified: trunk/openvas-plugins/scripts/eyeos_command_execution.nasl
===================================================================
--- trunk/openvas-plugins/scripts/eyeos_command_execution.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/eyeos_command_execution.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,9 +60,7 @@
Upgrade to eyeOS version 0.8.10.
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:H/Au:NR/C:P/A:C/I:P/B:A)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/famd_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/famd_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/famd_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,12 +51,8 @@
Start famd with the -L option or edit /etc/fam.conf and set the
option 'local_only' to 'true' and restartd the famd service.
-Alternatively, you may wish to filter incoming traffic to this port.
+Alternatively, you may wish to filter incoming traffic to this port.";
-Risk factor :
-
-Low";
-
script_description(desc);
script_summary("Detect the File Alteration Monitor daemon");
script_category(ACT_GATHER_INFO);
@@ -106,7 +102,7 @@
r = 'The File Alteration Monitor daemon is running on this port.\n';
-if (local) security_note(port: port, data: r + '.\n\nRisk factor : None\n');
+if (local) security_note(port: port, data: r + '.\n');
else
{
r += ' and does not need\nto be reachable from the outside.\n';
@@ -114,6 +110,6 @@
if (! lan)
r += 'Exposing it on Internet is definitely not a good idea.\n';
r += '\nSolution : to restrict it to the loopback interface,
-run it with -L or set "local_only = false" in /etc/fam.conf\n\nRisk factor : Low';
+run it with -L or set "local_only = false" in /etc/fam.conf';
security_warning(port: port, data: r);
}
Modified: trunk/openvas-plugins/scripts/find_service1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/find_service1.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/find_service1.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,13 +42,9 @@
This plugin is a complement of find_service.nes. It sends a GET
request to the remaining unknown services and tries to identify
-them.
+them.";
-Risk factor :
-None";
-
-
script_description(desc);
summary = "Sends 'GET' to unknown services and look at the answer";
Modified: trunk/openvas-plugins/scripts/find_service2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/find_service2.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/find_service2.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,14 +42,10 @@
This plugin is a complement of find_service.nes. It sends a HELP
request to the remaining unknown services and tries to identify
-them.
+them.";
-Risk factor :
-None";
-
-
script_description(desc);
summary = "Sends 'HELP' to unknown services and look at the answer";
Modified: trunk/openvas-plugins/scripts/find_service_3digits.nasl
===================================================================
--- trunk/openvas-plugins/scripts/find_service_3digits.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/find_service_3digits.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,14 +41,10 @@
Description :
This plugin is a complement of find_service.nes. It attempts to
-identify services that return 3 ASCII digits codes (ie: FTP, SMTP, NNTP, ...)
+identify services that return 3 ASCII digits codes (ie: FTP, SMTP, NNTP, ...)";
-Risk factor :
-None";
-
-
script_description(desc);
summary = "Identifies services that return 3 ASCII digits codes";
@@ -272,6 +268,5 @@
** If you know what it is, consider this message as a false alert
** and please report it to the OpenVAS team.
-Solution : disinfect or reinstall your operating system
-Risk factor : High');
+Solution : disinfect or reinstall your operating system');
}
Modified: trunk/openvas-plugins/scripts/find_service_nmap.nasl
===================================================================
--- trunk/openvas-plugins/scripts/find_service_nmap.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/find_service_nmap.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,12 +55,8 @@
This plugin is a complement of find_service.nes. It launches
nmap -sV (probe requests) against ports that are running
-unidentified services.
+unidentified services.";
-Risk factor :
-
-None";
-
script_description(desc);
script_summary("Launches nmap -sV against ports running unidentified services");
Modified: trunk/openvas-plugins/scripts/finger_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/finger_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/finger_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -94,6 +94,4 @@
Solution : Disable your finger daemon,
apply the latest patches from your vendor,
- or a safer software.
-
-Risk factor : High");
+ or a safer software.");
Modified: trunk/openvas-plugins/scripts/firewall_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/firewall_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/firewall_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,10 +44,6 @@
Solution :
-None
-
-Risk factor :
-
None";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/formmail_version_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/formmail_version_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/formmail_version_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -32,8 +32,6 @@
Solution: Upgrade to the latest version.
-Risk factor: High
-
Additional information:
http://www.securiteam.com/cgi-bin/htsearch?config=htdigSecuriTeam&words=Formmail";
@@ -102,8 +100,6 @@
Matt Wright's Formmail CGI is installed on the remote host.
The product exposes its version number.
-Risk factor : Low
-
Additional information:
http://www.securiteam.com/cgi-bin/htsearch?config=htdigSecuriTeam&words=Formmail";
security_note(port:port, data:report);
Modified: trunk/openvas-plugins/scripts/free_articles_directory_file_includes.nasl
===================================================================
--- trunk/openvas-plugins/scripts/free_articles_directory_file_includes.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/free_articles_directory_file_includes.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,9 +48,7 @@
Unknown at this time.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
Modified: trunk/openvas-plugins/scripts/freesshd_key_exchange_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freesshd_key_exchange_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/freesshd_key_exchange_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -64,7 +64,7 @@
At this point the FreeSSHD Service is reported down.
You should start it manualy again.
-Risk factor: High / CVSS Base Score : 10
+CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/fs_policy_manager_7_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fs_policy_manager_7_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/fs_policy_manager_7_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -59,9 +59,7 @@
Upgrade to F-Secure Policy Manager Server 7.01 or later.
-Risk factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/fsp_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fsp_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/fsp_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,12 +44,8 @@
Solution :
If this service is not needed, disable it or filter incoming traffic
-to this port.
+to this port.";
-Risk factor :
-
-None";
-
if(description)
{
script_id(11987);
Modified: trunk/openvas-plugins/scripts/ftp_administrator.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ftp_administrator.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ftp_administrator.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -37,9 +37,7 @@
with a NULL password for the user 'Administrator' and has
FTP enabled.
-Solution : Change the Administrator password on this host.
-
-Risk factor : High");
+Solution : Change the Administrator password on this host.");
script_summary("Checks for a NULL Windows Administrator FTP password");
Modified: trunk/openvas-plugins/scripts/ftp_kibuv_worm.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ftp_kibuv_worm.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ftp_kibuv_worm.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,7 +42,6 @@
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_KIBUV.B&VSect=T
-Risk factor : High
Solution : patch your system and run an antivirus";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/ftp_writeable_directories.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ftp_writeable_directories.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ftp_writeable_directories.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,9 +41,7 @@
Configure the remote FTP directories so that they are not
world-writeable.
-Risk factor :
-
-Medium / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:N/A:P/I:P/B:I)
";
Modified: trunk/openvas-plugins/scripts/ftpd_any_cmd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ftpd_any_cmd.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ftpd_any_cmd.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,12 +41,7 @@
The remote server advertises itself as being a a FTP server, but it
accepts any command, which indicates that it may be a backdoor or a proxy.
-Further FTP tests on this port will be disabled to avoid false alerts.
-
-Risk factor :
-
-None"
-);
+Further FTP tests on this port will be disabled to avoid false alerts.");
script_summary( "Checks that the FTP server rejects invalid commands");
script_category(ACT_GATHER_INFO);
Modified: trunk/openvas-plugins/scripts/ftpd_bad_sequence.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ftpd_bad_sequence.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ftpd_bad_sequence.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,11 +42,7 @@
accepts commands sent in bad order, which indicates that it may be a
backdoor or a proxy.
-Further FTP tests on this port will be disabled to avoid false alerts.
-
-Risk factor :
-
-None");
+Further FTP tests on this port will be disabled to avoid false alerts.");
script_summary( "Checks that the FTP server rejects commands in wrong order");
script_category(ACT_GATHER_INFO);
Modified: trunk/openvas-plugins/scripts/ftpd_no_cmd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ftpd_no_cmd.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ftpd_no_cmd.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,12 +41,7 @@
The remote server advertises itself as being a a FTP server, but it does
not accept any command, which indicates that it may be a backdoor or a proxy.
-Further FTP tests on this port will be disabled to avoid false alerts.
-
-Risk factor :
-
-None
-");
+Further FTP tests on this port will be disabled to avoid false alerts.");
script_summary( "Checks that the FTP server accepts common commands");
script_category(ACT_GATHER_INFO);
Modified: trunk/openvas-plugins/scripts/ftpglob.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ftpglob.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ftpglob.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -116,8 +116,7 @@
buggy = string(
"You seem to be running an FTP server which is vulnerable to the 'glob heap corruption'\n",
"flaw, but which can not be exploited on this server.\n",
- "Solution: Upgrade your ftp server software to the latest version.\n",
- "Risk factor : Medium\n");
+ "Solution: Upgrade your ftp server software to the latest version.\n");
@@ -128,8 +127,7 @@
"You seem to be running an FTP server which is vulnerable to the 'glob heap corruption'\n",
"flaw, which is known to be exploitable remotely against this server. An attacker may use \n",
"this flaw to execute arbitrary commands on this host.\n\n",
- "Solution: Upgrade your ftp server software to the latest version.\n",
- "Risk factor : High\n");
+ "Solution: Upgrade your ftp server software to the latest version.\n");
#
@@ -255,8 +253,7 @@
"*** OpenVAS relied solely on the banner of the server to issue this warning,\n",
"*** so this alert might be a false positive\n",
"*** NOTE: must have a valid username/password to fully check this vulnerability\n\n",
- "Solution : Upgrade your ftp server software to the latest version.\n",
- "Risk factor : High\n");
+ "Solution : Upgrade your ftp server software to the latest version.\n");
security_hole(port:port, data:banvuln);
exit(0);
Modified: trunk/openvas-plugins/scripts/gcards_dir_transversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gcards_dir_transversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/gcards_dir_transversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -52,9 +52,7 @@
Upgrade to gCards version 1.46 or later.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
if (description) {
Modified: trunk/openvas-plugins/scripts/gentoo_unmaintained_packages.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_unmaintained_packages.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/gentoo_unmaintained_packages.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,7 +44,7 @@
Remove or upgrade those packages.
-Risk factor: High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)
';
Modified: trunk/openvas-plugins/scripts/goaheadwebserver_source_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/goaheadwebserver_source_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/goaheadwebserver_source_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -62,9 +62,7 @@
Upgrade to GoAhead WebServer 2.1.8 or a newer release.
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
summary = "Checks for script source disclosure in GoAhead Webserver <= 2.1.7";
Modified: trunk/openvas-plugins/scripts/groupwise_web_interface_help_hole.nasl
===================================================================
--- trunk/openvas-plugins/scripts/groupwise_web_interface_help_hole.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/groupwise_web_interface_help_hole.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,7 +41,6 @@
remote computer and even read local files from its hard
drive.
-Risk factor: Medium
Solution : Contact your vendor for a patch
See also : http://www.securiteam.com/exploits/3I5QDQ0QAG.html
";
Modified: trunk/openvas-plugins/scripts/guppy_directory_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/guppy_directory_traversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/guppy_directory_traversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -59,7 +59,7 @@
Upgrade to version 4.5.6a or later.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/guppy_request_header_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/guppy_request_header_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/guppy_request_header_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -47,9 +47,7 @@
Upgrade to Guppy version 4.5.4 or later.
-Risk factor :
-
-Medium / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/hcl_file_include.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hcl_file_include.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/hcl_file_include.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,7 +45,7 @@
Unknown at this time.
-Risk factor: High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/healthd_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/healthd_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/healthd_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -102,8 +102,7 @@
"network.",
"\n\nThe HealthD version we found is: ", resultrecv, "\n\n",
"Solution: Configure your firewall to block access to this port.\n",
-"\n",
-"Risk factor : Low\n");
+"\n");
security_warning(port:port, data:data);
}
close(soctcphealthd);
Modified: trunk/openvas-plugins/scripts/hello_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/hello_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/hello_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -49,12 +49,8 @@
Solution :
If this protocol is not needed, disable it or filter incoming traffic going
-to IP protocol #63.
+to IP protocol #63.";
-Risk factor :
-
-None";
-
script_description(desc);
summary = "Sends an DCH HELLO Message";
Modified: trunk/openvas-plugins/scripts/http_methods.nasl
===================================================================
--- trunk/openvas-plugins/scripts/http_methods.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/http_methods.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -144,14 +144,14 @@
if (exists(port:port, file:name)) {
upload=1;
security_warning(port:port, protocol:"tcp",
-data: string("We could upload the file '",name, "' onto your web server\nThis allows an attacker to run arbitrary code on your server, or set a trojan horse\nSolution : disable this method\nRisk factor : High") );
+data: string("We could upload the file '",name, "' onto your web server\nThis allows an attacker to run arbitrary code on your server, or set a trojan horse\nSolution : disable this method") );
} else {
#if("yes" >< integrist)
{
if (" 401 " >< l && "PUT" >< allow) {
#display("answer = ", l, "\n");
security_warning(port:port, protocol:"tcp",
-data:string("It seems that the PUT method is enabled on your web server\nAlthough we could not exploit this, you'd better disable it\nSolution : disable this method\nRisk factor : Medium"));
+data:string("It seems that the PUT method is enabled on your web server\nAlthough we could not exploit this, you'd better disable it\nSolution : disable this method"));
}
}
}
@@ -179,11 +179,11 @@
if(!e)
security_hole(port:port, protocol:"tcp",
-data: string("We could DELETE the file '", name, "'on your web server\nThis allows an attacker to destroy some of your pages\nSolution : disable this method\nRisk factor : High") ) ;
+data: string("We could DELETE the file '", name, "'on your web server\nThis allows an attacker to destroy some of your pages\nSolution : disable this method") ) ;
} else {
if (" 401 " >< l && " is disabled " >!< l && "DELETE" >< allow) {
security_warning(port:port, protocol:"tcp",
-data:string("It seems that the DELETE method is enabled on your web server\nAlthough we could not exploit this, you'd better disable it\nSolution : disable this method\nRisk factor : Medium"));
+data:string("It seems that the DELETE method is enabled on your web server\nAlthough we could not exploit this, you'd better disable it\nSolution : disable this method"));
}
}
Modified: trunk/openvas-plugins/scripts/http_trace.nasl
===================================================================
--- trunk/openvas-plugins/scripts/http_trace.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/http_trace.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -180,4 +180,4 @@
security_note(port:port, protocol:"tcp",
data:string("The TRACE method revealed ", n,
" proxy(s) between us and the web server :\n",
- trace,"\nRisk factor : None"));
+ trace));
Modified: trunk/openvas-plugins/scripts/iax2_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/iax2_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/iax2_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,12 +51,8 @@
Solution :
If possible, filter incoming connections to the port so that it is
-used by trusted sources only.
+used by trusted sources only. ";
-Risk factor :
-
-None";
-
script_description(desc);
summary = "Checks if the remote system is running the IAX2 protocol";
Modified: trunk/openvas-plugins/scripts/icmp_domain_name.nasl
===================================================================
--- trunk/openvas-plugins/scripts/icmp_domain_name.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/icmp_domain_name.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -46,13 +46,8 @@
Solution :
If you do not use this feature, filter out incoming ICMP packets
-of type 37 and outgoing ICMP packets of type 38.
+of type 37 and outgoing ICMP packets of type 38.";
-Risk factor :
-
-None
-";
-
if(description)
{
script_id(80066);;
Modified: trunk/openvas-plugins/scripts/iis5_isapi_printer.nasl
===================================================================
--- trunk/openvas-plugins/scripts/iis5_isapi_printer.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/iis5_isapi_printer.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -65,9 +65,7 @@
http://online.securityfocus.com/archive/1/181109
-Risk factor :
-
-None / CVSS Base Score : 0
+CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/iis_frag_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/iis_frag_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/iis_frag_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -171,8 +171,7 @@
- remove the application mappings reference to .htr
If .htr functionality is required, install the relevant patches
-from Microsoft (MS01-004)\n
-Risk factor : High") );
+from Microsoft (MS01-004)") );
}
}
# HTTP/1.x 401 - Access denied
@@ -198,8 +197,7 @@
If .htr functionality is required, install the relevant patches
from Microsoft (MS01-004)
-See also: http://www.microsoft.com/technet/security/bulletin/MS01-004.mspx
-Risk factor : High");
+See also: http://www.microsoft.com/technet/security/bulletin/MS01-004.mspx");
}
else
{
@@ -222,8 +220,7 @@
If .htr functionality is required, install the relevant patches
from Microsoft (MS01-004)
-See also: http://www.microsoft.com/technet/security/bulletin/MS01-004.mspx
-Risk factor : High");
+See also: http://www.microsoft.com/technet/security/bulletin/MS01-004.mspx");
}
}
}
Modified: trunk/openvas-plugins/scripts/iis_ida_isapi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/iis_ida_isapi.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/iis_ida_isapi.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -69,7 +69,7 @@
Microsoft Technet web site. URLSCAN, by default, blocks all .ida
requests to the IIS server.
-Risk factor: Critical / CVSS Base Score : 0
+CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/iis_nat.nasl
===================================================================
--- trunk/openvas-plugins/scripts/iis_nat.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/iis_nat.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -40,7 +40,7 @@
http://support.microsoft.com/support/kb/articles/Q218/1/80.ASP
See the Bugtraq reference for a full discussion.
-Risk factor: Medium / CVSS Base Score : 0
+CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/iis_viewcode.nasl
===================================================================
--- trunk/openvas-plugins/scripts/iis_viewcode.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/iis_viewcode.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -98,8 +98,7 @@
"web server : ", list,
"\nThese files allow anyone to read arbitrary files on the remote host\n",
"Example, http://your.url.com/pathto/viewcode.asp?source=../../../../autoexec.bat\n",
- "\n\nSolution : delete these files\n",
- "Risk factor : High");
+ "\n\nSolution : delete these files");
security_warning(port:port, data:mywarning);
}
Modified: trunk/openvas-plugins/scripts/iis_xss_idc.nasl
===================================================================
--- trunk/openvas-plugins/scripts/iis_xss_idc.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/iis_xss_idc.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -40,8 +40,6 @@
an idc file. It is possible to inject Javascript
in the URL, that will appear in the resulting page.
-Risk factor : Medium
-
See also : http://online.securityfocus.com/bid/5900
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0210&L=ntbugtraq&F=P&S=&P=1391
";
Modified: trunk/openvas-plugins/scripts/ilo_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ilo_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ilo_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,12 +53,8 @@
Solution :
-Filter incoming traffic to this port if you do not use it
+Filter incoming traffic to this port if you do not use it";
-Risk factor :
-
-None";
-
script_description(desc);
script_summary("Detects iLO");
Modified: trunk/openvas-plugins/scripts/ilohamail_email_header_html_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ilohamail_email_header_html_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ilohamail_email_header_html_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,7 +53,7 @@
Upgrade to IlohaMail version 0.8.13 or later.
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/includer_rcmdexec.nasl
===================================================================
--- trunk/openvas-plugins/scripts/includer_rcmdexec.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/includer_rcmdexec.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,9 +45,7 @@
http://marc.theaimsgroup.com/?l=bugtraq&m=111021730710779&w=2
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/incomplete_http_requests_DoS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/incomplete_http_requests_DoS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/incomplete_http_requests_DoS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,7 +56,6 @@
but you'd better check your machine.
Solution : Contact your vendor for a patch
-Risk factor: Medium
Solution : Upgrade your web server";
@@ -138,7 +137,6 @@
However, it runs again when the connections are closed.
Solution : Contact your vendor for a patch
-Risk factor : Medium
Solution : Upgrade your web server";
Modified: trunk/openvas-plugins/scripts/iplanet_perf.nasl
===================================================================
--- trunk/openvas-plugins/scripts/iplanet_perf.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/iplanet_perf.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -37,7 +37,6 @@
Requesting the URI /.perf gives information about
the currently running Netscape/iPlanet web server.
-Risk factor : Low
Solution : If you don't use this feature, server monitoring should be
disabled in the magnus.conf file or web server admin.";
Modified: trunk/openvas-plugins/scripts/ipswitch_whatsup_auth_bypass.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ipswitch_whatsup_auth_bypass.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ipswitch_whatsup_auth_bypass.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,9 +61,7 @@
Upgrade to WhatsUp Professional 2006.01 or later.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/ipswitch_whatsup_info_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ipswitch_whatsup_info_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ipswitch_whatsup_info_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -64,9 +64,7 @@
Unknown at this time.
-Risk factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/kerio_PF_buffer_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/kerio_PF_buffer_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/kerio_PF_buffer_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,7 +55,6 @@
A cracker may use this to crash Kerio or worse, execute arbitrary
code on the system.
-Risk factor : High
Solution : Upgrade your personal firewall";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/kerio_wrf_management_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/kerio_wrf_management_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/kerio_wrf_management_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,9 +42,7 @@
If the service is not needed, disable HTTP and/or HTTPS management,
or filter incomming requests to the ports from untrusted sources.
-Risk factor :
-
-Low / CVSS Base Score : 1
+CVSS Base Score : 1
(AV:R/AC:L/Au:R/C:P/A:N/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/kiwi_cattools_dir_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/kiwi_cattools_dir_traversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/kiwi_cattools_dir_traversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,7 +42,7 @@
Upgrade to Kiwi CatTools version 3.2.9 or later.
-Risk factor: Critical / CVSS Base Score : 6.8
+CVSS Base Score : 6.8
(AV:R/AC:L/Au:NR/C:C/A:N/I:P/B:C)";
if (description) {
Modified: trunk/openvas-plugins/scripts/kiwi_cattools_tftpd_dir_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/kiwi_cattools_tftpd_dir_traversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/kiwi_cattools_tftpd_dir_traversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,9 +51,7 @@
Upgrade to Kiwi CatTools version 3.2.9 or later.
-Risk factor :
-
-Critical / CVSS Base Score : 10.0
+CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)";
Modified: trunk/openvas-plugins/scripts/lcdproc_buffer_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/lcdproc_buffer_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/lcdproc_buffer_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -49,7 +49,6 @@
http://www.securiteam.com/exploits/Remote_vulnerability_in_LCDproc_0_4__shell_access_.html
(NOTE: URL maybe wrapped)
-Risk factor: Critical
Solution: Disable access to this service from outside by disabling access
to TCP port 13666 (default port used)";
Modified: trunk/openvas-plugins/scripts/lcdproc_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/lcdproc_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/lcdproc_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -40,7 +40,6 @@
The LCDproc version 0.4 and above uses a client-server protocol, allowing
anyone with access to the LCDproc server to modify the displayed content.
-Risk factor : Low
Solution: Disable access to this service from outside by disabling
access to TCP port 13666 (default port used).";
Modified: trunk/openvas-plugins/scripts/ldu_801.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ldu_801.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ldu_801.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,7 +60,7 @@
Unknown at this time.
-Risk factor: High / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:H/Au:NR/C:P/A:N/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/ldu_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ldu_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ldu_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,11 +48,7 @@
See also :
-http://www.neocrome.net/
-
-Risk factor :
-
-None";
+http://www.neocrome.net/";
script_description(desc);
summary = "LDU detection";
Modified: trunk/openvas-plugins/scripts/ldu_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ldu_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ldu_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,9 +56,7 @@
Upgrade to Land Down Under version 801 or later.
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:H/Au:NR/C:P/A:N/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/leafnode_version.nasl
===================================================================
--- trunk/openvas-plugins/scripts/leafnode_version.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/leafnode_version.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,7 +43,6 @@
** Note that OpenVAS did not check the actual flaw and
** relied upon the banner, so this may be a false positive.
-Risk factor : Medium
Solution: upgrade it to 1.9.48 or later";
script_description(desc);
@@ -97,7 +96,6 @@
** Note that OpenVAS did not check the actual flaw and
** relied upon the banner, so this may be a false positive.
-Risk factor : Medium
Solution: upgrade it to 1.9.48 or later";
security_warning(port: port, data: report);
}
@@ -112,7 +110,6 @@
** Note that OpenVAS did not check the actual flaw and
** relied upon the banner, so this may be a false positive.
-Risk factor : Low
Solution: upgrade it to 1.9.48 or later";
security_warning(port: port, data: report);
}
@@ -130,7 +127,6 @@
** Note that OpenVAS did not check the actual flaw and
** relied upon the banner, so this may be a false positive.
-Risk factor : Medium
Solution: upgrade it to 1.9.48 or later";
security_warning(port: port, data: report);
}
Modified: trunk/openvas-plugins/scripts/libpng_CB-A08-0064.nasl
===================================================================
--- trunk/openvas-plugins/scripts/libpng_CB-A08-0064.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/libpng_CB-A08-0064.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -52,12 +52,8 @@
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
Solution:
- All users should upgrade to the latest libpng version of their Linux Distribution.
+ All users should upgrade to the latest libpng version of their Linux Distribution.";
-
-Risk factor : High
-";
-
script_description(desc);
summary = "Determines the Version of libpng";
script_summary(summary);
Modified: trunk/openvas-plugins/scripts/limbo_multiple_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/limbo_multiple_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/limbo_multiple_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,9 +58,7 @@
Apply the patch http://www.limbo-cms.com/downs/patch_1_0_4_2.zip
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/linksys_multiple_vulns.nasl
===================================================================
--- trunk/openvas-plugins/scripts/linksys_multiple_vulns.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/linksys_multiple_vulns.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -75,7 +75,7 @@
Upgrade to firmware version 4.20.7 or later.
-Risk factor: High / CVSS Base Score : 10
+CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/linux_icmp_sctp_DoS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/linux_icmp_sctp_DoS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/linux_icmp_sctp_DoS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -59,9 +59,7 @@
Ugprade to Linux 2.6.13 or newer, or disable SCTP support.
-Risk factor :
-
-Medium / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:N/A:C/I:N/B:A)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/listrec.nasl
===================================================================
--- trunk/openvas-plugins/scripts/listrec.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/listrec.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,8 +41,6 @@
Solution: Remove it from /cgi-bin/common/.
-Risk factor : High
-
References:
www.textor.com/index.html (vendor)
www.securitytracker.com/alerts/2001/Sep/1002404.html (advisory)
Modified: trunk/openvas-plugins/scripts/localweb2k.nasl
===================================================================
--- trunk/openvas-plugins/scripts/localweb2k.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/localweb2k.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,9 +48,7 @@
It may also disclose the NetBIOS name of the remote host when
it receives malformed directory requests.
-Solution: Contact http://www.intranet-server.co.uk for an update.
-
-Risk factor: Medium");
+Solution: Contact http://www.intranet-server.co.uk for an update.");
script_summary("Checks for LocalWeb2000");
Modified: trunk/openvas-plugins/scripts/lotus_domino_ldap_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/lotus_domino_ldap_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/lotus_domino_ldap_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -69,7 +69,7 @@
Unknown at this time.
-Risk factor: High / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:A)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/lotus_domino_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/lotus_domino_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/lotus_domino_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,7 +53,7 @@
Upgrade to Domino 6.5.2 or newer
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/lotus_notes_openserver_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/lotus_notes_openserver_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/lotus_notes_openserver_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,8 +44,6 @@
Solution: To disable this behavior open names.nsf and edit the Servers document in the Server view. From the Internet Protocols tab set 'Allow HTTP Clients to browse databases' to No.
This command doesn't affect a single database - it is a server-wide issue.
-Risk factor : Medium
-
Additional information:
http://www.securiteam.com/securitynews/6W0030U35W.html
http://online.securityfocus.com/archive/1/223810
Modified: trunk/openvas-plugins/scripts/mailenable_httpmail_authorization_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mailenable_httpmail_authorization_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mailenable_httpmail_authorization_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,9 +55,7 @@
Upgrade to MailEnable Professional / Enterprise 1.19 or later.
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:A)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/mailenable_httpmail_content_length_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mailenable_httpmail_content_length_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mailenable_httpmail_content_length_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,9 +60,7 @@
the HTTPMail hotfix from 9th August 2004 found at
http://www.mailenable.com/hotfix/
-Risk factor :
-
-Critical / CVSS Base Score : 10
+CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/mailenable_imap_rename_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mailenable_imap_rename_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mailenable_imap_rename_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,7 +48,7 @@
Apply the IMAP Cumulative Hotfix/Update provided in the zip file
referenced above.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:R/C:N/A:P/I:N/B:A)";
Modified: trunk/openvas-plugins/scripts/mailgust_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mailgust_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mailgust_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,7 +58,7 @@
Unknown at this time.
-Risk factor: High / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/mailman_privatepy_directory_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mailman_privatepy_directory_traversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mailman_privatepy_directory_traversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -71,7 +71,7 @@
Upgrade to Mailman 2.1.6b1 or apply the fix referenced in the first
URL above.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:H/Au:R/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/mantis_file_incl_sql_inject.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mantis_file_incl_sql_inject.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mantis_file_incl_sql_inject.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -63,7 +63,7 @@
Upgrade to Mantis 0.19.3 or newer.
-Risk factor: High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/mantis_multiple_vulns4.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mantis_multiple_vulns4.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mantis_multiple_vulns4.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,7 +48,7 @@
Upgrade to Mantis 1.0.0rc2 or newer.
-Risk factor: High / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/mantis_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mantis_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mantis_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,9 +60,7 @@
Upgrade to Mantis 0.18.1 or newer.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/mediahouse_statistics_web_server.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mediahouse_statistics_web_server.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mediahouse_statistics_web_server.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -118,8 +118,7 @@
report = string("According to its version number, the remote MediaHouse\n",
"Statistics Server is vulnerable to a buffer overflow that\n",
"allows anyone to execute arbitrary code as root.\n\n",
- "Solution: Upgrade to version 5.03 or newer\n",
- "Risk factor : High");
+ "Solution: Upgrade to version 5.03 or newer");
security_hole(data:report, port:port);
}
else
Modified: trunk/openvas-plugins/scripts/mercur_imap_buffer_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mercur_imap_buffer_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mercur_imap_buffer_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,7 +51,7 @@
Filter access to the IMAP4 Service, so that it can be used
by trusted sources only.
-Risk factor: Critical / CVSS Base Score : 8
+CVSS Base Score : 8
(AV:R/AC:L/Au:NR/C:P/A:C/I:P/B:A)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/minibb_rfi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/minibb_rfi.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/minibb_rfi.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -49,7 +49,7 @@
Update to version 2.0.2a or later.
-Risk factor: High / CVSS Base Score : 6.8
+CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)";
if(description)
Modified: trunk/openvas-plugins/scripts/modx_0921_rfi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/modx_0921_rfi.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/modx_0921_rfi.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,7 +50,7 @@
Update to version 0.9.2.2 or later.
-Risk factor: High / CVSS Base Score : 5.1
+CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)";
if(description)
Modified: trunk/openvas-plugins/scripts/monkeyweb_post_DoS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/monkeyweb_post_DoS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/monkeyweb_post_DoS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -49,8 +49,6 @@
A cracker may use this bug to disable your server, preventing
it from publishing your information.
-Risk factor: Medium
-
Solution : Upgrade your web server.";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/monkeyweb_too_big_post.nasl
===================================================================
--- trunk/openvas-plugins/scripts/monkeyweb_too_big_post.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/monkeyweb_too_big_post.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,8 +48,6 @@
It *may* even be possible to make this web server execute
arbitrary code with this attack.
-Risk factor : High
-
Solution : Upgrade your web server.";
script_description(desc);
@@ -88,8 +86,6 @@
It is possible to make this web server crash or execute
arbitrary code.
-Risk factor : High
-
Solution : Upgrade to Monkey server 0.6.2";
security_hole(port: port, data: report);
Modified: trunk/openvas-plugins/scripts/mssql_brute_force.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mssql_brute_force.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mssql_brute_force.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -52,11 +52,8 @@
These accounts may be used to gain access to the records in
the database or even allow remote command execution.
- Solution: Please set a difficult to guess password for these accounts.
+ Solution: Please set a difficult to guess password for these accounts.";
- Risk factor : High
- ";
-
script_description(desc);
summary = "Microsoft's SQL Server Brute Force";
Modified: trunk/openvas-plugins/scripts/mssql_ping.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mssql_ping.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mssql_ping.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,9 +43,7 @@
filter incoming traffic to this port
-Risk factor :
-
-None / CVSS Base Score : 0
+CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/mssql_version.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mssql_version.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mssql_version.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -64,7 +64,6 @@
attacks, and the ability of a hacker to run code of their
choice.
-Risk factor : High
Solution : Apply current service packs and hotfixes";
Modified: trunk/openvas-plugins/scripts/mssqlserver_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mssqlserver_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mssqlserver_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,9 +55,7 @@
Block this port from outside communication
-Risk factor :
-
-None / CVSS Base Score : 0
+CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/mtl_remote_file_include.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mtl_remote_file_include.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mtl_remote_file_include.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,9 +50,7 @@
Unknown at this time.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
Modified: trunk/openvas-plugins/scripts/myevent_multiple_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/myevent_multiple_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/myevent_multiple_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,9 +58,7 @@
Unknown at this time.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
Modified: trunk/openvas-plugins/scripts/mysql_buff_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mysql_buff_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mysql_buff_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,7 +51,6 @@
by the MySQL server. A successful attack would give the attacker
the ability to execute arbitrary code on the remote machine.
-Risk factor: Critical
Solution : Upgrade to the latest version of MySQL 4.0.21 or newer";
Modified: trunk/openvas-plugins/scripts/mysql_hotcopy_tempfile.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mysql_hotcopy_tempfile.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mysql_hotcopy_tempfile.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -54,7 +54,6 @@
*** Note : this vulnerability is local only
-Risk factor : Medium
Solution : Upgrade to the latest version of MySQL 4.0.21 or newer";
Modified: trunk/openvas-plugins/scripts/mysql_single_row_subselect_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mysql_single_row_subselect_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/mysql_single_row_subselect_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,9 +61,7 @@
Upgrade to MySQL version 5.0.37 or newer.
-Risk factor :
-
-Medium / CVSS Base Score : 4.9
+CVSS Base Score : 4.9
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/netbios_name_get.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netbios_name_get.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netbios_name_get.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -369,7 +369,7 @@
hole_answer = hole_answer + string("The remote host has the following MAC address on its adapter :\n");
hole_answer = hole_answer + " " + adapter_name;
}
- hole_answer = hole_answer + string("\n\nIf you do not want to allow everyone to find the NetBios name\nof your computer, you should filter incoming traffic to this port.\n\nRisk factor : Medium");
+ hole_answer = hole_answer + string("\n\nIf you do not want to allow everyone to find the NetBios name\nof your computer, you should filter incoming traffic to this port.");
security_warning(port:137, data:hole_answer, protocol:"udp");
}
if(!hostname_found)
Modified: trunk/openvas-plugins/scripts/netop.inc
===================================================================
--- trunk/openvas-plugins/scripts/netop.inc 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netop.inc 2011-11-18 11:38:04 UTC (rev 12135)
@@ -338,16 +338,14 @@
msg += 'Make sure the user of this machine is' +
' authorized to remotely manage other computers' +
' or has been permitted to use this computer as' +
- ' a terminal to access other computers.\n\n' +
- 'Risk factor: Low\n';
+ ' a terminal to access other computers.\n';
}
else if (netop_prod_typ == 'STCH')
{
info_only = 1;
msg += 'Make sure the user of this machine is a teacher' +
' or is acting as a group leader for some' +
- ' teamwork\n\n' +
- 'Risk factor: Low\n';
+ ' teamwork\n';
}
else if (netop_prod_typ == 'SSTD' || netop_prod_typ == 'SCH?')
{
@@ -358,8 +356,7 @@
' set on the Student.\n\n' +
'Outside dedicated teaching environments, NetOp' +
' School should not be running when the user is' +
- ' not actively participating in a class\n\n' +
- 'Risk factor: Medium\n';
+ ' not actively participating in a class\n';
}
else if (netop_prod_typ == 'RHST' || netop_prod_typ == 'NRC?')
{
@@ -370,8 +367,7 @@
' too many bad password attempts\n\n' +
'If this program is unused, disable load at' +
' system startup from the programs option menu or' +
- ' uninstall the software.\n\n' +
- 'Risk factor: Low\n';
+ ' uninstall the software.\n';
}
else
{
@@ -382,8 +378,7 @@
' effective action on too many failed logins\n\n' +
'If this service is not supposed to be running,' +
' uninstall it and investigate why and how it was' +
- ' installed.\n\n' +
- 'Risk factor: Medium\n';
+ ' installed.\n';
}
security_warning(proto:proto_nam, port:port, data:msg);
Modified: trunk/openvas-plugins/scripts/netop_infopublic.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netop_infopublic.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netop_infopublic.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -106,8 +106,7 @@
'You can control access to this information by' +
' removing help services from the program' +
' options or by reducing the set of' +
- ' preinitialized communication profiles\n\n' +
- 'Risk factor: Low\n';
+ ' preinitialized communication profiles\n';
}
else if (netop_prod_typ[0] != 'S')
{
@@ -116,7 +115,7 @@
'The following information is made publicly visible for' +
' easy network browsing from NetOp Guest:\n\n' +
vals + '\n' +
- 'Solution: If using a version of the software prior to 7.65 build 2004278, then it is necessary to upgrade to correct this issue. Simply use the built-in WebUpdate feature or download the update from http://www.netop.com.\n\nFor all other versions, you can turn this feature off by unchecking the "Public Host Name" check box in the program options (on the host name tab) and restarting the communication layer from the action menu or toolbar.\n\nAdditional information is available from http://www.corsaire.com/advisories/c040619-001.txt\n\nRisk factor: Low\n\n';
+ 'Solution: If using a version of the software prior to 7.65 build 2004278, then it is necessary to upgrade to correct this issue. Simply use the built-in WebUpdate feature or download the update from http://www.netop.com.\n\nFor all other versions, you can turn this feature off by unchecking the "Public Host Name" check box in the program options (on the host name tab) and restarting the communication layer from the action menu or toolbar.\n\nAdditional information is available from http://www.corsaire.com/advisories/c040619-001.txt\n\n';
}
else
{
Modified: trunk/openvas-plugins/scripts/netscaler_web_cookie_crypto.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netscaler_web_cookie_crypto.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netscaler_web_cookie_crypto.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -47,9 +47,7 @@
Do not stay logged into the NetScaler web management interface while
browsing other web sites.
-Risk factor :
-
-Medium / CVSS Base Score : 4.3
+CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)";
Modified: trunk/openvas-plugins/scripts/netscaler_web_cookie_info.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netscaler_web_cookie_info.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netscaler_web_cookie_info.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,9 +42,7 @@
http://www.securityfocus.com/archive/1/484182/100/0/threaded
-Risk factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)";
Modified: trunk/openvas-plugins/scripts/netscaler_web_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netscaler_web_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netscaler_web_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,11 +51,7 @@
Solution :
-Filter incoming traffic to this port.
-
-Risk factor :
-
-None";
+Filter incoming traffic to this port.";
summary="Detects NetScaler web management interface";
family="Web Servers";
script_name(name);
Modified: trunk/openvas-plugins/scripts/netscaler_web_login.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netscaler_web_login.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netscaler_web_login.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,11 +43,7 @@
OpenVAS successfully logged into the remote Citrix NetScaler web
management interface using the supplied credentials and stored the
-authentication cookie for later use.
-
-Risk factor :
-
-None";
+authentication cookie for later use.";
summary="Logs into NetScaler web management interface";
family="Settings";
script_name(name);
Modified: trunk/openvas-plugins/scripts/netscaler_web_unencrypted.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netscaler_web_unencrypted.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netscaler_web_unencrypted.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,9 +45,7 @@
Consider disabling this port completely and using only HTTPS.
-Risk factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)";
summary="Detects an unencrypted NetScaler web management interface";
family="Web Servers";
Modified: trunk/openvas-plugins/scripts/netscaler_web_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netscaler_web_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netscaler_web_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,9 +44,7 @@
Unknown at this time.
-Risk factor :
-
-Medium / CVSS Base Score : 4.3
+CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)";
Modified: trunk/openvas-plugins/scripts/netscape_server_default_files.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netscape_server_default_files.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netscape_server_default_files.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -96,7 +96,6 @@
}
if (flag > 0) {
- warning += '\n\nRisk factor : Low';
security_warning(port:port, data:warning);
}
}
Modified: trunk/openvas-plugins/scripts/netware_perl_overflow.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netware_perl_overflow.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netware_perl_overflow.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -46,8 +46,6 @@
It might be possible to make it execute arbitrary code through this flaw.
See http://support.novell.com/servlet/tidfinder/2966549
-Risk factor: Medium
-
Solution : Upgrade your web server.";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/netware_post_perl.nasl
===================================================================
--- trunk/openvas-plugins/scripts/netware_post_perl.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/netware_post_perl.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,8 +45,6 @@
handler which will run arbitrary code given to in a POST request
version 5.x (through SP4) and 6.x (through SP1) are effected.
-Risk factor : High
-
Solution : Install 5.x SP5 or 6.0 SP2
Additionally, the enterprise manager web interface may be used to
Modified: trunk/openvas-plugins/scripts/nfs_user_mount.nasl
===================================================================
--- trunk/openvas-plugins/scripts/nfs_user_mount.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/nfs_user_mount.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,9 +43,7 @@
The remote NFS server should prevent mount requests originating from a non-privileged port.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
Modified: trunk/openvas-plugins/scripts/nmap.nasl
===================================================================
--- trunk/openvas-plugins/scripts/nmap.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/nmap.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -450,8 +450,7 @@
constant ! A cracker may use this flaw to spoof TCP connections
easily.
-Solution : contact your vendor for a patch
-Risk factor : High");
+Solution : contact your vendor for a patch");
set_kb_item(name: "Host/tcp_seq", value: "constant");
}
else if (idx == 1)
@@ -462,8 +461,7 @@
guessed rather easily. A cracker may use
this flaw to spoof TCP connections easily.
-Solution : contact your vendor for a patch
-Risk factor : High");
+Solution : contact your vendor for a patch");
set_kb_item(name: "Host/tcp_seq", value: "64000");
}
else if (idx == 10)
@@ -474,8 +472,7 @@
guessed rather easily. A cracker may use
this flaw to spoof TCP connections easily.
-Solution : contact your vendor for a patch
-Risk factor : High");
+Solution : contact your vendor for a patch");
set_kb_item(name: "Host/tcp_seq", value: "800");
}
else if (idx < 75)
@@ -486,8 +483,7 @@
guessed rather easily. A cracker may use
this flaw to spoof TCP connections easily.
-Solution : http://www.microsoft.com/technet/security/bulletin/ms99-046.asp
-Risk factor : High ");
+Solution : http://www.microsoft.com/technet/security/bulletin/ms99-046.asp");
set_kb_item(name: "Host/tcp_seq", value: "time");
}
else
Modified: trunk/openvas-plugins/scripts/nntp_too_long_password.nasl
===================================================================
--- trunk/openvas-plugins/scripts/nntp_too_long_password.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/nntp_too_long_password.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -114,8 +114,6 @@
*** it is impossible to reliably test this kind of flaw.
Solution : apply the latest patches from your vendor,
- or a safer software.
+ or a safer software.");
-Risk factor : High");
-
Modified: trunk/openvas-plugins/scripts/no404.nasl
===================================================================
--- trunk/openvas-plugins/scripts/no404.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/no404.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,12 +48,8 @@
OpenVAS enabled some counter measures for that, however they might
be insufficient. If a great number of security holes are produced
-for this port, they might not all be accurate
+for this port, they might not all be accurate";
-Risk factor :
-
-None";
-
script_description(desc);
summary = "Checks if the remote webserver issues 404 errors";
Modified: trunk/openvas-plugins/scripts/novell_groupwise_servletmanager_default_password.nasl
===================================================================
--- trunk/openvas-plugins/scripts/novell_groupwise_servletmanager_default_password.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/novell_groupwise_servletmanager_default_password.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -93,12 +93,10 @@
change the username and password in this section
servlet.ServletManager.initArgs=datamethod=POST,user=servlet,password=manager,bgcolor
-See also: http://www.securityfocus.com/bid/3697
+See also: http://www.securityfocus.com/bid/3697");
-Risk factor : Medium");
-
port = get_http_port(default:443);
req = string("GET /servlet/ServletManager HTTP/1.1\r\nHost: ", get_host_name(), "\r\nAuthorization: Basic c2VydmxldDptYW5hZ2Vy\r\n\r\n");
Modified: trunk/openvas-plugins/scripts/novell_groupwise_webacc_information_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/novell_groupwise_webacc_information_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/novell_groupwise_webacc_information_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,7 +45,6 @@
critical system information, and allows remote attackers to read any file.
Solution: Disable access to the servlet until the author releases a patch.
-Risk factor: Medium
Additional information:
http://www.securiteam.com/securitynews/6S00N0K2UM.html";
Modified: trunk/openvas-plugins/scripts/novell_netbasic_directory_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/novell_netbasic_directory_traversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/novell_netbasic_directory_traversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -141,7 +141,6 @@
}
if (flag > 0) {
warning += string("\n\nSolution : Apply the relevant patch and remove all default files from their respective directories.\n\n");
- warning += string("Risk factor : Medium");
security_warning(port:port, data:warning);
} else {
exit(0);
Modified: trunk/openvas-plugins/scripts/novell_novonyx_default_files.nasl
===================================================================
--- trunk/openvas-plugins/scripts/novell_novonyx_default_files.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/novell_novonyx_default_files.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -121,7 +121,6 @@
}
if (flag > 0) {
warning += string("\n\nSolution : If not required, remove all default Novonyx web server files\n");
- warning += string("Risk factor : Medium");
security_warning(port:port, data:warning);
} else {
exit(0);
Modified: trunk/openvas-plugins/scripts/nsm2004_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/nsm2004_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/nsm2004_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -63,7 +63,7 @@
Upgrade to Juniper NSM version 2005.1
-Risk factor: High / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:A)";
Modified: trunk/openvas-plugins/scripts/ntds_get_info.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ntds_get_info.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ntds_get_info.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,9 +43,7 @@
net localgroup 'Pre-Windows 2000 Compatible Access' everyone /delete
- restart the remote host
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
if (description)
Modified: trunk/openvas-plugins/scripts/nullhttpd_content_length.nasl
===================================================================
--- trunk/openvas-plugins/scripts/nullhttpd_content_length.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/nullhttpd_content_length.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,8 +50,6 @@
A cracker may exploit this flaw to disable your service or
even execute arbitrary code on your system.
-Risk factor : High
-
Solution : Upgrade your web server";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/odbc_tools_check.nasl
===================================================================
--- trunk/openvas-plugins/scripts/odbc_tools_check.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/odbc_tools_check.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -108,7 +108,6 @@
}
if (flag > 0) {
warning += string("Solution : Remove the specified ODBC tools from the /scripts/tools directory.\n");
- warning += string("Risk factor : High");
security_hole(port:port, data:warning);
} else {
exit(0);
Modified: trunk/openvas-plugins/scripts/open_X11_server.nasl
===================================================================
--- trunk/openvas-plugins/scripts/open_X11_server.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/open_X11_server.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -75,7 +75,6 @@
"allows an attacker to connect to it and record any of your keystrokes.\n\n",
"Here is the server version : ", ver, "\n",
"Here is the server type : ", textresult, "\n\n",
- "Solution : use xauth or MIT cookies to restrict the access to this server\n",
- "Risk factor : High");
-
+ "Solution : use xauth or MIT cookies to restrict the access to this server");
+
security_hole(port:port, data:report);
Modified: trunk/openvas-plugins/scripts/openoffice_CB-A08-0068.nasl
===================================================================
--- trunk/openvas-plugins/scripts/openoffice_CB-A08-0068.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/openoffice_CB-A08-0068.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -64,12 +64,8 @@
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3282
Solution:
- All OpenOffice.org users should upgrade to the latest version:
+ All OpenOffice.org users should upgrade to the latest version.";
-
-Risk factor: Critical
-";
-
script_description(desc);
summary = "Determines OpenOffice.org <= 2.4.1 vulnerability";
script_summary(summary);
Modified: trunk/openvas-plugins/scripts/openwebmail_logindomain_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/openwebmail_logindomain_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/openwebmail_logindomain_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,7 +56,7 @@
Upgrade to Open WebMail version 2.50 20040212 or later.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/opera_favicon_address_bar_spoofing.nasl
===================================================================
--- trunk/openvas-plugins/scripts/opera_favicon_address_bar_spoofing.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/opera_favicon_address_bar_spoofing.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -64,7 +64,7 @@
Solution :
Install to Opera 7.51 or newer.
- Risk factor: Medium / CVSS Base Score : 2
+ CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:N/A:N/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/opera_remote_location_object_flaw.nasl
===================================================================
--- trunk/openvas-plugins/scripts/opera_remote_location_object_flaw.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/opera_remote_location_object_flaw.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,10 +58,7 @@
Solution :
Upgrade to Opera 7.54 or newer.
- Risk factor :
-
- Medium / CVSS Base Score : 5
-
+ CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)";
script_description(desc);
script_summary("Determines the version of Opera.exe");
Modified: trunk/openvas-plugins/scripts/oracle9iAS_too_long_url.nasl
===================================================================
--- trunk/openvas-plugins/scripts/oracle9iAS_too_long_url.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/oracle9iAS_too_long_url.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,8 +50,6 @@
crash or execute arbitrary code by sending it a too long url
specially crafted URL.
-Risk factor : High
-
Solution : Upgrade your server.";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/oracle9i_isqlplus_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/oracle9i_isqlplus_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/oracle9i_isqlplus_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,7 +58,7 @@
http://www.securitytracker.com/alerts/2004/Jan/1008838.html
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/oracle9i_java_process_manager.nasl
===================================================================
--- trunk/openvas-plugins/scripts/oracle9i_java_process_manager.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/oracle9i_java_process_manager.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,7 +55,7 @@
Restrict access to /oprocmgr-status in httpd.conf
-Risk factor: Medium / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/oracle_tnslsnr_security.nasl
===================================================================
--- trunk/openvas-plugins/scripts/oracle_tnslsnr_security.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/oracle_tnslsnr_security.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -38,11 +38,8 @@
An attacker may use this fact to shut it down arbitrarily,
thus preventing legitimate users from using it properly.
-Solution: use the lsnrctrl SET PASSWORD command to assign a password to, the tnslsnr.
-Risk factor : High"
+Solution: use the lsnrctrl SET PASSWORD command to assign a password to, the tnslsnr.");
- );
-
script_summary( "Determines if the Oracle tnslsnr has been assigned a password.");
script_category(ACT_GATHER_INFO);
Modified: trunk/openvas-plugins/scripts/oracle_tnslsnr_version.nasl
===================================================================
--- trunk/openvas-plugins/scripts/oracle_tnslsnr_version.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/oracle_tnslsnr_version.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -200,8 +200,7 @@
"also are subject to denial-of-service attacks which can shut\n",
"down or crash the listener.\n",
"Solution : Upgrade\n",
- "See http://otn.oracle.com/deploy/security/pdf/listener_alert.pdf\n",
- "Risk factor : High");
+ "See http://otn.oracle.com/deploy/security/pdf/listener_alert.pdf");
security_hole(port:port, data:report);
}
else
Modified: trunk/openvas-plugins/scripts/orion_webserver_37717.nasl
===================================================================
--- trunk/openvas-plugins/scripts/orion_webserver_37717.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/orion_webserver_37717.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,10 +51,8 @@
References:
http://www.securityfocus.com/bid/37717
http://www.orionserver.com
-http://www.securityfocus.com/archive/1/508830
+http://www.securityfocus.com/archive/1/508830";
-Risk factor : ;Medium";
-
script_description(desc);
script_summary("Determine if Orion Application Server version is <= 2.0.7");
script_category(ACT_GATHER_INFO);
Modified: trunk/openvas-plugins/scripts/osX_apache_finder.nasl
===================================================================
--- trunk/openvas-plugins/scripts/osX_apache_finder.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/osX_apache_finder.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,11 +45,7 @@
and restart Apache.
-Risk factor : Medium
-(possibly High depending on the sensitivity of your web content)
-
References:
-
www.macintouch.com/mosxreaderreports46.html
";
Modified: trunk/openvas-plugins/scripts/osX_apache_finder_content.nasl
===================================================================
--- trunk/openvas-plugins/scripts/osX_apache_finder_content.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/osX_apache_finder_content.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -54,11 +54,8 @@
Deny from all
</FilesMatch>
-And restart Apache.
+And restart Apache.";
-Risk factor: High
-";
-
script_description(desc);
summary = "MacOS X Finder reveals contents of Apache Web files";
Modified: trunk/openvas-plugins/scripts/ospf_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ospf_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ospf_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,14 +56,10 @@
Solution :
-If the remote service is not used, disable it.
+If the remote service is not used, disable it.";
-Risk factor :
-None";
-
-
script_description(desc);
summary = "Listen to OSPF packets";
@@ -179,6 +175,5 @@
rep += strcat('Neighbor ', n, ' has been seen\n');
}
-rep += '\nRisk factor : Low';
security_note(port: 0, protocol: "ospf", data: rep);
Modified: trunk/openvas-plugins/scripts/ossim_server_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ossim_server_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ossim_server_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,11 +48,8 @@
Solution :
If possible, filter incoming connections to the service so that it is
-used by trusted sources only.
+used by trusted sources only.";
-Risk factor :
-
-None";
script_description(desc);
summary = "Checks for a OSSIM server on the default port tcp/40001";
script_summary(summary);
Modified: trunk/openvas-plugins/scripts/owa_sqlinject.nasl
===================================================================
--- trunk/openvas-plugins/scripts/owa_sqlinject.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/owa_sqlinject.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
None at this time
-Risk factor: High / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
Modified: trunk/openvas-plugins/scripts/packeteer_packetshaper_web_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/packeteer_packetshaper_web_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/packeteer_packetshaper_web_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,9 +42,7 @@
Restrict network access to the device management interfaces.
-Risk factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)";
Modified: trunk/openvas-plugins/scripts/packeteer_web_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/packeteer_web_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/packeteer_web_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -59,9 +59,7 @@
Consider disabling this port completely and using only HTTPS. And
filter incoming traffic to this port.
-Risk factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)";
Modified: trunk/openvas-plugins/scripts/packeteer_web_login.nasl
===================================================================
--- trunk/openvas-plugins/scripts/packeteer_web_login.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/packeteer_web_login.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,11 +42,7 @@
OpenVAS was able to log onto the remote Packeteer web management
interface with the given credentials and has stored the authentication
-cookie in the KB for use with other plugins.
-
-Risk factor :
-
-None";
+cookie in the KB for use with other plugins.";
script_description(desc);
summary="Logs into Packeteer web management interface";
Modified: trunk/openvas-plugins/scripts/packeteer_web_version.nasl
===================================================================
--- trunk/openvas-plugins/scripts/packeteer_web_version.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/packeteer_web_version.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -30,13 +30,9 @@
Description :
OpenVAS was able to determine the software version of the Packeteer web
-management interface running on the remote host.
+management interface running on the remote host.";
-Risk factor :
-None";
-
-
if (description)
{
script_id(80033);
Modified: trunk/openvas-plugins/scripts/patchlink_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/patchlink_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/patchlink_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -37,11 +37,8 @@
patch management system.
See also :
-http://www.patchlink.com/
+http://www.patchlink.com/";
-Risk Factor:
-None";
-
if(description)
{
script_id(80039);
Modified: trunk/openvas-plugins/scripts/phpMyAdmin_remote_cmd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpMyAdmin_remote_cmd.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpMyAdmin_remote_cmd.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Upgrade to phpMyAdmin version 2.6.0-pl2 or later.
-Risk factor: High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/phpMyAgenda_30final_file_include.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpMyAgenda_30final_file_include.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpMyAgenda_30final_file_include.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -68,9 +68,7 @@
No patch information provided at this time.
Disable PHP's 'register_globals'
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
summary = "Checks for a possible file inclusion flaw in phpMyAgenda";
Modified: trunk/openvas-plugins/scripts/phpSurveyor_sql_inject.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpSurveyor_sql_inject.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpSurveyor_sql_inject.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -65,7 +65,7 @@
Upgrade to PHPSurveyor version 0.991 or later.
-Risk factor: High / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/php_nuke_admin_cp.nasl
===================================================================
--- trunk/openvas-plugins/scripts/php_nuke_admin_cp.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/php_nuke_admin_cp.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,8 +55,6 @@
if(($upload) && ($admintest))
Or upgrade to the latest version (Version 5.3 and above).
- Risk factor:High
-
Additional information:
http://www.securiteam.com/unixfocus/TOBA";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/php_nuke_bb_smilies_passwd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/php_nuke_bb_smilies_passwd.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/php_nuke_bb_smilies_passwd.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,8 +48,6 @@
Solution:upgrade to the latest version (Version 4.4.1 and above).
- Risk factor: Critical
-
Additional information:
http://www.securiteam.com/securitynews/Serious_security_hole_in_PHP-Nuke__bb_smilies_.html";
Modified: trunk/openvas-plugins/scripts/phpbb_2_0_18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpbb_2_0_18.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpbb_2_0_18.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,9 +56,7 @@
Upgrade to phpBB version 2.0.19 or later.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_name("phpBB <= 2.0.18 Multiple Cross-Site Scripting Flaws");
Modified: trunk/openvas-plugins/scripts/phpdocumentor_1_3_remote_file_inclusion.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpdocumentor_1_3_remote_file_inclusion.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpdocumentor_1_3_remote_file_inclusion.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -67,7 +67,7 @@
Disable PHP's 'register_globals' setting.
-Risk factor: High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/phpeasydownload_code_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpeasydownload_code_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpeasydownload_code_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,9 +45,7 @@
Unknown at this time.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
if(description)
Modified: trunk/openvas-plugins/scripts/phpinfo.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpinfo.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpinfo.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -99,8 +99,7 @@
disclose potentially sensitive information to the remote attacker :
", rep, "
-Solution : Delete them or restrict access to them
-Risk factor : Low");
+Solution : Delete them or restrict access to them");
security_warning(port:port, data:report);
}
Modified: trunk/openvas-plugins/scripts/phplistpro_remote_file_include.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phplistpro_remote_file_include.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phplistpro_remote_file_include.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,9 +55,7 @@
Edit the affected files as discussed in the vendor advisory above.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
Modified: trunk/openvas-plugins/scripts/phpmyfaq_action_parameter_flaw.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpmyfaq_action_parameter_flaw.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpmyfaq_action_parameter_flaw.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -65,7 +65,7 @@
Upgrade to phpMyFAQ 1.3.13 or newer.
-Risk factor: High / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/phpshop_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpshop_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpshop_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -65,9 +65,7 @@
Upgrade to the latest version of phpShop.
-Risk factor :
-
-Medium / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/phptonuke_dir_trav.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phptonuke_dir_trav.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phptonuke_dir_trav.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -68,7 +68,7 @@
Upgrade to the latest version.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/phpweblog_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpweblog_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpweblog_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -67,9 +67,7 @@
Disable this script.
-Risk factor:
-
-Medium / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/phpwebthings_rfi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpwebthings_rfi.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpwebthings_rfi.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,7 +48,7 @@
No patches or upgrades have been reported by the vendor at this time.
-Risk factor: High / CVSS Base Score : 6.8
+CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)";
if(description)
Modified: trunk/openvas-plugins/scripts/phpwebthings_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/phpwebthings_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/phpwebthings_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -66,7 +66,7 @@
Apply the phpWebthings 1.4 forum patch referenced in the third URL
above.
-Risk factor: High / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/pjl_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/pjl_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/pjl_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,13 +41,9 @@
http://www.maths.usyd.edu.au/u/psz/ps.html
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=bpl04568
http://h20000.www2.hp.com/bc/docs/support/SupportManual/bpl13208/bpl13208.pdf
-http://h20000.www2.hp.com/bc/docs/support/SupportManual/bpl13207/bpl13207.pdf
+http://h20000.www2.hp.com/bc/docs/support/SupportManual/bpl13207/bpl13207.pdf";
-Risk factor :
-None";
-
-
if (description)
{
script_id(80079);;
Modified: trunk/openvas-plugins/scripts/plumecms_prepend_file_inclusion.nasl
===================================================================
--- trunk/openvas-plugins/scripts/plumecms_prepend_file_inclusion.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/plumecms_prepend_file_inclusion.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -65,7 +65,7 @@
file as advised by the developer (see first URL) or
upgrade to Plume CMS version 1.0.3 or later
-Risk factor: High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/poppassd_too_long_user.nasl
===================================================================
--- trunk/openvas-plugins/scripts/poppassd_too_long_user.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/poppassd_too_long_user.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -102,6 +102,4 @@
*** However, if the poppassd service is run through inetd
*** it is impossible to reliably test this kind of flaw.
-Solution : upgrade your software or use another one
-
-Risk factor : High");
+Solution : upgrade your software or use another one");
Modified: trunk/openvas-plugins/scripts/poprelayd_auth.nasl
===================================================================
--- trunk/openvas-plugins/scripts/poprelayd_auth.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/poprelayd_auth.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -54,8 +54,6 @@
*** Some SMTP servers such as Postfix will display a false positive
*** here
-Risk factor: Medium
-
Solution : Disable poprelayd";
Modified: trunk/openvas-plugins/scripts/powerup_information_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/powerup_information_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/powerup_information_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,7 +44,6 @@
to read any world readable file.
Solution: Disable access to the CGI until the author releases a patch.
-Risk factor : High
Additional information:
http://www.securiteam.com/unixfocus/5PP062K5FO.html
Modified: trunk/openvas-plugins/scripts/propfind_internal_ip.nasl
===================================================================
--- trunk/openvas-plugins/scripts/propfind_internal_ip.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/propfind_internal_ip.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -102,8 +102,7 @@
This is typical of IIS 5.0 installations that are not configured properly.
See also : http://www.nextgenss.com/papers/iisrconfig.pdf
-Solution : http://support.microsoft.com/default.aspx?scid=KB%3BEN-US%3BQ218180&ID=KB%3BEN-US%3BQ218180
-Risk factor : Low");
+Solution : http://support.microsoft.com/default.aspx?scid=KB%3BEN-US%3BQ218180&ID=KB%3BEN-US%3BQ218180");
security_note(port:port, data:report);
}
Modified: trunk/openvas-plugins/scripts/punBB_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/punBB_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/punBB_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -46,12 +46,8 @@
See also :
-http://www.punbb.org/
-
-Risk factor :
+http://www.punbb.org/";
-None";
-
script_description(desc);
script_summary("Checks for presence of PunBB");
Modified: trunk/openvas-plugins/scripts/punBB_img_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/punBB_img_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/punBB_img_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -57,9 +57,7 @@
Update to PunBB version 1.0.1 or later.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/punBB_info_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/punBB_info_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/punBB_info_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,9 +55,7 @@
Update to PunBB version 1.1.5 or later.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/punBB_install_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/punBB_install_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/punBB_install_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,9 +58,7 @@
Update to PunBB version 1.1.2 or later.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/punBB_profile_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/punBB_profile_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/punBB_profile_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,9 +58,7 @@
Update to PunBB version 1.1.4 or later.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/punBB_url_quote_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/punBB_url_quote_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/punBB_url_quote_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -59,9 +59,7 @@
Upgrade to PunBB version 1.1.5 or later.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/punbb_register_lfi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/punbb_register_lfi.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/punbb_register_lfi.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -46,9 +46,7 @@
Update to version 1.2.14 or later.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
if(description)
Modified: trunk/openvas-plugins/scripts/qk_smtp_server_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/qk_smtp_server_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/qk_smtp_server_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -57,7 +57,7 @@
Upgrade to QK SMTP Server 3.1 beta or a newer release.
-Risk factor: High / CVSS Base Score : 10
+CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)";
script_description(desc);
summary = "Checks for the presence of a buffer overflow in QK SMTP Server";
Modified: trunk/openvas-plugins/scripts/quote.nasl
===================================================================
--- trunk/openvas-plugins/scripts/quote.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/quote.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -72,7 +72,7 @@
To restart the service.
-Risk factor: Medium / CVSS Base Score : 0
+CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)";
Modified: trunk/openvas-plugins/scripts/rcblog_dir_transversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/rcblog_dir_transversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/rcblog_dir_transversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -66,7 +66,7 @@
Remove the application as its author no longer supports it.
-Risk factor: Medium / CVSS Base Score : 3
+CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/remote-net-hub-3com.nasl
===================================================================
--- trunk/openvas-plugins/scripts/remote-net-hub-3com.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/remote-net-hub-3com.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -52,11 +52,8 @@
http://www.securitybugware.org/Other/2041.html
Solution : Lock Mac addresses on each port of the remote switch or
-buy newer switch.
+buy newer switch.";
-Risk factor :
-High";
-
script_description(desc);
script_copyright("(C) 2009 Vlatko Kosturjak");
script_name("3com switch2hub");
Modified: trunk/openvas-plugins/scripts/remote-sgi-objectserver.nasl
===================================================================
--- trunk/openvas-plugins/scripts/remote-sgi-objectserver.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/remote-sgi-objectserver.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -39,11 +39,8 @@
gain a root account rather easily.
Solution :
-Filter incoming traffic to this port.
+Filter incoming traffic to this port.";
-Risk factor :
-High";
-
script_description( desc);
script_copyright("(C) 2009 Vlatko Kosturjak");
script_name( "SGI Objectserver vuln");
Modified: trunk/openvas-plugins/scripts/remote-smtp-smad.nasl
===================================================================
--- trunk/openvas-plugins/scripts/remote-smtp-smad.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/remote-smtp-smad.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,11 +50,8 @@
http://online.securityfocus.com/archive/1/11073
Solution : upgrade your Linux kernel to a newer version
-or filter incoming traffic to this port.
+or filter incoming traffic to this port.";
-Risk factor :
-High";
-
script_description( desc);
script_copyright("(C) 2009 Vlatko Kosturjak");
script_name( "Sendmail smad vuln");
Modified: trunk/openvas-plugins/scripts/resin_server_status.nasl
===================================================================
--- trunk/openvas-plugins/scripts/resin_server_status.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/resin_server_status.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -37,7 +37,6 @@
Requesting the URI /caucho-status gives information about
the currently running Resin java servlet container.
-Risk factor : Low
Solution :
If you don't use this feature, set the content of the '<caucho-status>' element
to 'false' in the resin.conf file.";
Modified: trunk/openvas-plugins/scripts/rich_media_ecommerce_stores_sensitive_information_insecurely.nasl
===================================================================
--- trunk/openvas-plugins/scripts/rich_media_ecommerce_stores_sensitive_information_insecurely.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/rich_media_ecommerce_stores_sensitive_information_insecurely.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,7 +42,6 @@
to gain sensitive client information by accessing a log file that is stored
in an insecure manner
-Risk factor : Medium
Solution : contact the vendor for a patch
See also : http://www.securiteam.com/windowsntfocus/5XP0N0A6AU.html";
Modified: trunk/openvas-plugins/scripts/rip_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/rip_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/rip_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -174,9 +174,7 @@
}
if (n > 0)
- report += 'This information on your network topology may help an attacker \n\nRisk factor : Low';
-else
- report += '\nRisk factor: None';
+ report += 'This information on your network topology may help an attacker\n';
security_note(port: port, data: report, protocol: "udp");
register_service(port: port, ipproto: "udp", proto: "rip");
@@ -189,8 +187,7 @@
'Running RIP on Internet is definitely a bad idea, as this "IGP"
routing protocol is neither efficient nor secure for wide area networks.
-Solution: disable the RIP agent and use an "EGP" routing protocol
-Risk factor: High');
+Solution: disable the RIP agent and use an "EGP" routing protocol');
else
if (ver == 1)
security_warning(port: port, protocol: "udp", data:
@@ -199,8 +196,7 @@
hijack network connections.
Solution : disable the RIP agent if you don\'t use it, or use
- RIP-2 and implement authentication
-Risk factor : Medium');
+ RIP-2 and implement authentication');
else # RIP-2
if (! islocalnet()) # rip_poison will not be able to test the security
security_note(port: port, protocol: "udp", data:
@@ -210,8 +206,7 @@
hijack network connections.
Solution : implement RIP-2 authentication if necessary or
- disable the RIP agent if you don\'t use it.
-Risk factor : Low / Medium');
+ disable the RIP agent if you don\'t use it.');
return(1);
}
Modified: trunk/openvas-plugins/scripts/rip_poison.nasl
===================================================================
--- trunk/openvas-plugins/scripts/rip_poison.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/rip_poison.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -148,10 +148,8 @@
Solution : reconfigure your RIP listener if possible
or use another routing protocol,
- or disable the RIP listener if you don't need it.
+ or disable the RIP listener if you don't need it.");
-Risk factor : High");
-
# Fix it: set the number of hops to "infinity".
req = raw_string(2, 1, 0, 0,
Modified: trunk/openvas-plugins/scripts/samba_CB-A08-0085.nasl
===================================================================
--- trunk/openvas-plugins/scripts/samba_CB-A08-0085.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/samba_CB-A08-0085.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,12 +53,8 @@
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
Solution:
- All Samba users should upgrade to the latest version:
+ All Samba users should upgrade to the latest version.";
-
-Risk factor : High
-";
-
script_description(desc);
summary = "Determines Samba < 3.0.29 vulnerability";
script_summary(summary);
Modified: trunk/openvas-plugins/scripts/sambar_pagecount.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sambar_pagecount.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sambar_pagecount.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,7 +44,6 @@
parameter is not checked against '../../' attacks.
Reference : http://www.securityfocus.com/archive/1/199410
-Risk factor: Medium
Solution : Remove this script";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/sapdb_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sapdb_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sapdb_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,12 +50,8 @@
Make sure to be running version 7.4.03.30 or newer.
If this service is not needed, disable it or filter incoming traffic
-to this port.
+to this port.";
-Risk factor :
-
-None";
-
# In fact, the overflow is against niserver (on port 7269)
script_description(desc);
Modified: trunk/openvas-plugins/scripts/savant_cgitest.nasl
===================================================================
--- trunk/openvas-plugins/scripts/savant_cgitest.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/savant_cgitest.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,8 +48,6 @@
vulnerable to a buffer overflow which may allow a cracker to
crash your server or even run code on your system.
-Risk factor : High
-
Solution : Upgrade your web server or remove this CGI.";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/secpod_ca_mult_prdts_detect_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ca_mult_prdts_detect_win.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/secpod_ca_mult_prdts_detect_win.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,10 +41,8 @@
script_name("CA Multiple Products Version Detection (Win)");
desc = "
Overview : This script detects the installed version of CA multiple
- products and sets the result in KB.
+ products and sets the result in KB.";
- Risk factor : None";
-
script_description(desc);
script_summary("Sets the version of multiple CA products in KB");
script_category(ACT_GATHER_INFO);
Modified: trunk/openvas-plugins/scripts/securemote.nasl
===================================================================
--- trunk/openvas-plugins/scripts/securemote.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/securemote.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,8 +42,6 @@
Solution:
Restrict access to this port from untrusted networks.
-Risk factor : Low
-
For More Information:
http://www.securiteam.com/securitynews/CheckPoint_FW1_SecureRemote_DoS.html";
Modified: trunk/openvas-plugins/scripts/securemote_info_leak.nasl
===================================================================
--- trunk/openvas-plugins/scripts/securemote_info_leak.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/securemote_info_leak.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,8 +61,6 @@
After installing the Policy only authenticated Users can download
the Topology.
-Risk factor : Medium
-
Reference : http://online.securityfocus.com/archive/1/197566
http://online.securityfocus.com/bid/3058
@@ -168,7 +166,6 @@
"uncheck 'respond to unauthenticated topology requests'.\n",
"After installing the Policy only authenticated Users can download \n",
"the Topology.\n\n",
-"Risk factor : Medium\n",
"For More Information:\n",
"http://www.securiteam.com/securitynews/5HP0D2A4UC.html");
security_warning(port:port, data:report);
Modified: trunk/openvas-plugins/scripts/segue_rfi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/segue_rfi.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/segue_rfi.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,9 +50,7 @@
Update to version 1.5.9 or later.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
if(description)
Modified: trunk/openvas-plugins/scripts/sendmail_custom_config.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sendmail_custom_config.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sendmail_custom_config.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,7 +51,6 @@
dropped privileges and run commands as root.
Solution : upgrade to the latest version of Sendmail
-Risk factor: Medium
Note : This vulnerability is _local_ only";
Modified: trunk/openvas-plugins/scripts/sendmail_debug_leak.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sendmail_debug_leak.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sendmail_debug_leak.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,7 +56,6 @@
Solution : upgrade to the latest version of Sendmail or
do not allow users to process the queue (RestrictQRun option)
-Risk factor: Medium
Note : This vulnerability is _local_ only";
Modified: trunk/openvas-plugins/scripts/sendmail_queue_destruction.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sendmail_queue_destruction.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sendmail_queue_destruction.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,7 +53,6 @@
Solution : upgrade to the latest version of Sendmail or
do not allow users to process the queue (RestrictQRun option)
-Risk factor: Medium
Note : This vulnerability is _local_ only";
Modified: trunk/openvas-plugins/scripts/sglmerchant_information_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sglmerchant_information_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sglmerchant_information_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,7 +44,6 @@
the bounding HTML root directory and read arbitrary system files.
Solution: Contact the author of the program
-Risk factor: Medium
Additional information:
http://www.securiteam.com/unixfocus/5KP012K5FK.html";
Modified: trunk/openvas-plugins/scripts/shambala_www_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/shambala_www_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/shambala_www_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,8 +43,7 @@
desc = string("It was possible to kill the web server by\n",
"sending this request :\nGET ", req, "\n\n",
- "Workaround : install a safer server or upgrade it\n\n",
- "Risk factor : Medium");
+ "Workaround : install a safer server or upgrade it");
script_description(desc);
Modified: trunk/openvas-plugins/scripts/shopping_cart_information_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/shopping_cart_information_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/shopping_cart_information_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,8 +43,6 @@
Solution: Contact the author for a patch.
-Risk factor : High
-
Additional information:
http://www.securiteam.com/unixfocus/5QP072K5FK.html";
Modified: trunk/openvas-plugins/scripts/shopplus_information_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/shopplus_information_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/shopplus_information_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,8 +44,6 @@
Solution:
Upgrade to the latest version available by contacting the author of the program.
-Risk factor : High
-
Additional information:
http://www.securiteam.com/unixfocus/5PP021P5FK.html
";
Modified: trunk/openvas-plugins/scripts/shoutcast_version.nasl
===================================================================
--- trunk/openvas-plugins/scripts/shoutcast_version.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/shoutcast_version.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -41,8 +41,6 @@
Solution: Upgrade to the latest version of SHOUTcast Server.
-Risk factor : Medium
-
Additional information:
http://www.securiteam.com/exploits/5YP031555Q.html
";
Modified: trunk/openvas-plugins/scripts/silverstream_database.nasl
===================================================================
--- trunk/openvas-plugins/scripts/silverstream_database.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/silverstream_database.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,7 +51,6 @@
Reference : http://online.securityfocus.com/archive/101/144786
-Risk factor : Medium
Solution : Reconfigure the server so that others
cannot view database structure";
Modified: trunk/openvas-plugins/scripts/silverstream_dirlisting.nasl
===================================================================
--- trunk/openvas-plugins/scripts/silverstream_dirlisting.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/silverstream_dirlisting.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,8 +45,6 @@
on this server and possibly to get files you would want
to hide.
-Risk factor : Medium
-
Reference : http://online.securityfocus.com/archive/101/144786
Solution : Reconfigure the server so that others
Modified: trunk/openvas-plugins/scripts/simpleserverwww_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/simpleserverwww_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/simpleserverwww_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -92,9 +92,7 @@
preventing it from working properly.
Solution : upgrade your software or use another
-HTTP server.
-
-Risk factor : High");
+HTTP server.");
}
exit(0);
}
Modified: trunk/openvas-plugins/scripts/sip_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sip_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sip_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,12 +44,8 @@
Solution :
If this service is not needed, disable it or filter incoming traffic
-to this port.
+to this port.";
-Risk factor :
-
-None";
-
if(description)
{
script_id(11963);
Modified: trunk/openvas-plugins/scripts/smb_explorer_version.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smb_explorer_version.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/smb_explorer_version.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -98,12 +98,8 @@
Solution :
-Update Internet Explorer.
+Update Internet Explorer.";
-Risk factor :
-
-High";
-
script_description(desc);
summary = "Checks that Internet Explorer is a supported version.";
script_summary(summary);
Modified: trunk/openvas-plugins/scripts/smb_nt_ms02-006.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smb_nt_ms02-006.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/smb_nt_ms02-006.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -52,8 +52,8 @@
http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx
-Risk factor: High / CVSS Base Score : 10
-(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)";
+CVSS Base Score : 7.5
+(AV:N/AC:L/Au:N/C:P/I:P/A:P)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/smb_reg_service_pack_XP.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smb_reg_service_pack_XP.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/smb_reg_service_pack_XP.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,9 +50,7 @@
Apply Windows XP Service Pack 2.
-Risk factor :
-
-Medium / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
@@ -75,9 +73,7 @@
This script reads the registry key HKLM\SOFTWARE\Microsoft\Windows NT\CSDVersion
to determine the Service Pack the host is running.
-Sensitive servers should always run the latest service pack for security reasons.
-Risk factor : Critical
-";
+Sensitive servers should always run the latest service pack for security reasons.";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/smb_suspicious_files.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smb_suspicious_files.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/smb_suspicious_files.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -103,8 +103,7 @@
"Make sure that the user of the remote host intended to install
this software and that its use matches your corporate security
policy.\n\n",
-"Solution : ", url, "\n",
-"Risk factor : High");
+"Solution : ", url);
security_hole(port:kb_smb_transport(), data:report);
}
@@ -3704,7 +3703,7 @@
if(myread)
{
- report = string("The dll ", nname[i], " (", my_file ,") is present on the remote host\nSolution: ", url[i], "\nRisk factor : High");
+ report = string("The dll ", nname[i], " (", my_file ,") is present on the remote host\nSolution: ", url[i]);
security_hole(port:port, data:report);
}
}
Modified: trunk/openvas-plugins/scripts/smb_virii.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smb_virii.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/smb_virii.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -83,7 +83,6 @@
- W32.Randex.GEL
- W32.Fujacks.B
-Risk factor : High
Solution : See the URLs which will appear in the report";
script_description(desc);
@@ -124,8 +123,7 @@
{
report = string(
"The virus '", nname, "' is present on the remote host\n",
-"Solution : ", url, "\n",
-"Risk factor : High");
+"Solution : ", url);
security_hole(port:kb_smb_transport(), data:report);
}
@@ -643,8 +641,7 @@
{
report = string(
"The virus 'W32.Nimda.A at mm' is present on the remote host\n",
-"Solution : http://www.symantec.com/avcenter/venc/data/w32.nimda.a@mm.html\n",
-"Risk factor : High");
+"Solution : http://www.symantec.com/avcenter/venc/data/w32.nimda.a@mm.html");
security_hole(port:port, data:report);
}
@@ -657,8 +654,7 @@
{
report = string(
"The virus 'W32.Goner.A at mm' is present on the remote host\n",
-"Solution : http://www.symantec.com/avcenter/venc/data/w32.goner.a@mm.html\n",
-"Risk factor : High");
+"Solution : http://www.symantec.com/avcenter/venc/data/w32.goner.a@mm.html");
security_hole(port:port, data:report);
}
@@ -669,8 +665,7 @@
{
report = string(
"The virus 'W32.Bable.AG at mm' is present on the remote host\n",
-"Solution : http://www.symantec.com/avcenter/venc/data/w32.beagle.ag@mm.html\n",
-"Risk factor : High");
+"Solution : http://www.symantec.com/avcenter/venc/data/w32.beagle.ag@mm.html");
security_hole(port:port, data:report);
}
@@ -691,8 +686,7 @@
Delete these files and make sure to disable IE's Autofill feature for important
data (ie: online banking, credit cart numbers, etc...)
-Solution : http://securityresponse.symantec.com/avcenter/venc/data/backdoor.berbew.k.html
-Risk factor : High");
+Solution : http://securityresponse.symantec.com/avcenter/venc/data/backdoor.berbew.k.html");
security_hole(port:port, data:report);
}
@@ -703,8 +697,7 @@
{
report = string(
"The virus 'W32.Swen.A at mm' is present on the remote host\n",
-"Solution : http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html\n",
-"Risk factor : High");
+"Solution : http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html");
security_hole(port:port, data:report);
}
@@ -754,8 +747,7 @@
"The trojan 'hotword' is present on the remote host\n",
"See also : http://securityresponse.symantec.com/avcenter/venc/data/trojan.hotword.html\n",
"See also : http://securityresponse.symantec.com/avcenter/venc/data/trojan.rona.html\n",
-"Solution : Use latest anti-virus signatures to clean the machine.\n",
-"Risk factor : High");
+"Solution : Use latest anti-virus signatures to clean the machine.");
security_hole(port:port, data:report);
}
@@ -783,8 +775,7 @@
{
report = string(
"The virus 'Sober.i at mm' is present on the remote host\n",
-"Solution : http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.i@mm.html\n",
-"Risk factor : High");
+"Solution : http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.i@mm.html");
security_hole(port:port, data:report);
break;
}
@@ -796,8 +787,7 @@
{
report = string(
"The virus 'W32.Wargbot at mm' is present on the remote host\n",
-"Solution : http://www.symantec.com/security_response/writeup.jsp?docid=2006-081312-3302-99\n",
-"Risk factor : High");
+"Solution : http://www.symantec.com/security_response/writeup.jsp?docid=2006-081312-3302-99");
security_hole(port:port, data:report);
}
@@ -812,8 +802,7 @@
report = string(
"The backdoor 'W32.Backdoor.Ginwui.B' is present on the remote host\n",
"See also : http://securityresponse.symantec.com/avcenter/venc/data/backdoor.ginwui.b.html\n",
- "Solution : Use latest anti-virus signatures to clean the machine.\n",
- "Risk factor : High");
+ "Solution : Use latest anti-virus signatures to clean the machine.");
security_hole(port:port, data:report);
break;
}
Modified: trunk/openvas-plugins/scripts/smbcl_gnutls_CB-A08-0079.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smbcl_gnutls_CB-A08-0079.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/smbcl_gnutls_CB-A08-0079.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -79,11 +79,8 @@
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950
Solution:
- All GnuTLS users should upgrade to the latest version:
+ All GnuTLS users should upgrade to the latest version.";
-Risk factor: Critical
-";
-
script_description(desc);
summary = "Determines GnuTLS < 2.2.4 vulnerability";
script_summary(summary);
Modified: trunk/openvas-plugins/scripts/smtp_relay2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smtp_relay2.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/smtp_relay2.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,8 +51,6 @@
This means that spammers might be able to use your mail server
to send their mails to the world.
-Risk factor : Critical
-
Solution : upgrade your software or improve the configuration so that
your SMTP server cannot be used as a relay any more.";
@@ -200,9 +198,7 @@
OpenVAS was able to relay mails by sending those sequences:
",
- rep, "Risk factor : Critical
-
-Solution : upgrade your software or improve the configuration so that
+ rep, "Solution : upgrade your software or improve the configuration so that
your SMTP server cannot be used as a relay any more.");
security_warning(port: port, data: report);
}
Modified: trunk/openvas-plugins/scripts/smtpserver_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/smtpserver_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/smtpserver_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -213,9 +213,7 @@
You probably mistyped your hostname and OpenVAS is scanning the wildcard
address in the .COM or .NET domain.
-Solution : enter a correct hostname
-
-Risk factor : None");
+Solution : enter a correct hostname");
}
data = string("Remote SMTP server banner :\n", bannertxt);
Modified: trunk/openvas-plugins/scripts/snmp_default_communities.nasl
===================================================================
--- trunk/openvas-plugins/scripts/snmp_default_communities.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/snmp_default_communities.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -90,9 +90,6 @@
'writeall' access will give the remote attacker full administrative rights over the
remote machine.
-
-Risk factor: Critical
-
More Information:
http://www.securiteam.com/exploits/Windows_NT_s_SNMP_service_vulnerability.html
";
Modified: trunk/openvas-plugins/scripts/snmp_hpJetDirectEWS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/snmp_hpJetDirectEWS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/snmp_hpJetDirectEWS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -232,9 +232,7 @@
.1.3.6.1.4.1.11.2.3.9.1.1.13.0.
An attacker may use this flaw to gain administrative privileges on this
-printer
-
-Risk factor : High");
+printer");
}
else
{
Modified: trunk/openvas-plugins/scripts/source_routed.nasl
===================================================================
--- trunk/openvas-plugins/scripts/source_routed.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/source_routed.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -127,10 +127,7 @@
source routed TCP packets. This makes attacks easier.
Solution : drop source routed packets on this host or on other ingress
-routers or firewalls.
-
-
-Risk factor : Medium");
+routers or firewalls.");
exit(0);
}
if (opt[i] == 1) i ++;
Modified: trunk/openvas-plugins/scripts/spip_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/spip_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/spip_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -65,7 +65,7 @@
Upgrade to SPIP version 1.8.2-g or later.
-Risk factor: High / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/spybot_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/spybot_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/spybot_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -34,11 +34,8 @@
kinds from your computer.
See also :
-http://www.safer-networking.org/
+http://www.safer-networking.org/";
-Risk factor :
-None";
-
if(description)
{
script_id(80045);
Modified: trunk/openvas-plugins/scripts/sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -375,7 +375,6 @@
Solution : Modify the relevant CGIs so that they properly escape arguments
-Risk factor : High
See also : http://www.securiteam.com/securityreviews/5DP0N1P76E.html");
@@ -397,7 +396,6 @@
Solution : Modify the relevant CGIs so that they properly escape arguments
-Risk factor : High
See also : http://www.securitydocs.com/library/2651");
Modified: trunk/openvas-plugins/scripts/sqlqhit_information_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sqlqhit_information_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sqlqhit_information_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,8 +45,6 @@
Solution: Use Microsoft's Secure IIS Guide (For IIS 4.0 or IIS 5.0 respectively) or
Microsoft's IIS Lockdown tool to remove IIS samples.
-Risk factor : Medium
-
Additional information:
http://www.securiteam.com/tools/5QP0N1F55Q.html (IIS Lookdown)
http://www.securiteam.com/windowsntfocus/5HP05150AQ.html (Secure IIS 4.0)
Modified: trunk/openvas-plugins/scripts/squirrelmail_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/squirrelmail_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/squirrelmail_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -32,12 +32,8 @@
that provides access to mail accounts via POP3 or IMAP.
See also :
- http://www.squirrelmail.org/
+ http://www.squirrelmail.org/";
- Risk factor :
-
- None";
-
if (description) {
script_id(12647);
script_version("$Revision$");
Modified: trunk/openvas-plugins/scripts/ssh_ssf.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ssh_ssf.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ssh_ssf.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -68,7 +68,7 @@
Remove SSF and install an up to date version of OpenSSH.
-Risk factor: Medium / CVSS Base Score : 2.6
+CVSS Base Score : 2.6
(CVSS#2:AV:R/AC:H/Au:NR/C:P/I:N/A:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/ssl_cert_expiry.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ssl_cert_expiry.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ssl_cert_expiry.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,11 +51,7 @@
Solution :
Purchase or generate a new SSL certificate to replace the existing
-one.
-
-Risk factor :
-
-None";
+one.";
script_description(desc);
script_category(ACT_GATHER_INFO);
Modified: trunk/openvas-plugins/scripts/stun_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/stun_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/stun_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,12 +48,8 @@
Solution :
If this service is not needed, disable it or filter incoming traffic
-to this port.
+to this port.";
-Risk factor :
-
-None";
-
if(description)
{
script_id(11986);
Modified: trunk/openvas-plugins/scripts/sugarcrm_remote_file_inclusion.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sugarcrm_remote_file_inclusion.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sugarcrm_remote_file_inclusion.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -66,7 +66,7 @@
Upgrade to Sugar Suite version 3.5.1e and/or disable PHP's
'register_globals' setting.
-Risk factor: High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/sybase_asa_default_password.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sybase_asa_default_password.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sybase_asa_default_password.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,9 +50,7 @@
Change the default password.
-Risk factor :
-
-High / CVSS Base Score: 7.5
+CVSS Base Score: 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/sybase_asa_ping.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sybase_asa_ping.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sybase_asa_ping.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,9 +45,7 @@
Switch off broadcast listening via the '-sb' switch when starting
Sybase.
-Risk factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)";
if(description)
Modified: trunk/openvas-plugins/scripts/sybase_blank_password.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sybase_blank_password.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sybase_blank_password.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,9 +51,7 @@
Either disable this account or set a password for it.
-Risk factor :
-
-High / CVSS Base Score : 7.5
+CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/symantec_ws_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/symantec_ws_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/symantec_ws_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,12 +42,8 @@
Description :
The remote web server appears to be running Symantec Web Security,
-for filtering traffic of viruses and inappropriate content.
+for filtering traffic of viruses and inappropriate content.";
-Risk factor :
-
-None";
-
script_description(desc);
summary = "Checks for SWS";
Modified: trunk/openvas-plugins/scripts/symantec_ws_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/symantec_ws_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/symantec_ws_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,9 +56,7 @@
Upgrade at least to version 3.0.1.85.
-Risk factor :
-
-Medium / CVSS Base Score : 4.3
+CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/sympa_new_list_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sympa_new_list_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/sympa_new_list_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,7 +60,7 @@
Update to version 4.1.3 or newer.
-Risk factor: Medium / CVSS Base Score : 3.5
+CVSS Base Score : 3.5
(CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/tetrinet_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/tetrinet_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/tetrinet_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -46,13 +46,8 @@
Solution :
If this service is not needed, disable it or filter incoming
-traffic to this port.
+traffic to this port.";
-Risk factor :
-
-None";
-
-
script_description(desc);
script_summary( "Detect Tetrinet game server");
Modified: trunk/openvas-plugins/scripts/tftpd_backdoor.nasl
===================================================================
--- trunk/openvas-plugins/scripts/tftpd_backdoor.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/tftpd_backdoor.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -65,8 +65,7 @@
This is probably a backdoor.
-Solution : disinfect your system
-Risk factor : High');
+Solution : disinfect your system');
if (port == 69)
set_kb_item(name: 'tftp/backdoor', value: TRUE);
set_kb_item(name: 'tftp/'+port+'/backdoor', value: TRUE);
Modified: trunk/openvas-plugins/scripts/tftpd_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/tftpd_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/tftpd_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,12 +42,8 @@
Solution :
-Disable TFTP server if not used.
+Disable TFTP server if not used.";
-Risk factor :
-
-None";
-
script_description( desc);
script_copyright("Copyright (C) 2009 Vlatko Kosturjak");
script_name( "TFTP detection");
Modified: trunk/openvas-plugins/scripts/tomcat_server_default_files.nasl
===================================================================
--- trunk/openvas-plugins/scripts/tomcat_server_default_files.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/tomcat_server_default_files.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -109,7 +109,6 @@
}
}
if (flag > 0) {
- warning += '\n\nRisk factor : Low';
security_warning(port:port, data:warning);
}
}
Modified: trunk/openvas-plugins/scripts/tomcat_srcjsp_malformed_request.nasl
===================================================================
--- trunk/openvas-plugins/scripts/tomcat_srcjsp_malformed_request.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/tomcat_srcjsp_malformed_request.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -97,7 +97,6 @@
warning += string("\n", buf);
warning += string("\nSolution: Remove default files from the web server");
warning += string("\nSee also: http://www.securityfocus.com/bid/4876");
- warning += string("\nRisk factor : Medium");
security_warning(port:port, data:warning);
exit(0);
}
Modified: trunk/openvas-plugins/scripts/tomcat_status.nasl
===================================================================
--- trunk/openvas-plugins/scripts/tomcat_status.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/tomcat_status.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -39,8 +39,6 @@
It also allows anybody to reset (ie: permanently delete) the current
statistics.
-Risk factor : Low
-
Solution : If you don't use this feature, comment the appropriate section in
your httpd.conf file. If you really need it, limit its access to
the administrator's machine.";
Modified: trunk/openvas-plugins/scripts/trac_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/trac_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/trac_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,7 +60,7 @@
Upgrade to Trac version 0.9.1 or later.
-Risk factor: High / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/tripwire_webpage.nasl
===================================================================
--- trunk/openvas-plugins/scripts/tripwire_webpage.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/tripwire_webpage.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -46,8 +46,6 @@
Solution: Modify the banner used by Apache by adding the option
'ServerTokens' to 'ProductOnly' in httpd.conf
-Risk factor : Low
-
Additional information can be found at:
http://www.securiteam.com/securitynews/5RP0L1540K.html (Web Server banner removal guide)
";
Modified: trunk/openvas-plugins/scripts/trojan_horses.nasl
===================================================================
--- trunk/openvas-plugins/scripts/trojan_horses.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/trojan_horses.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -979,6 +979,5 @@
"check your system\n\n",
"*** Anyway, don't panic, OpenVAS only found an open port. It may\n",
"*** have been dynamically allocated to some service (RPC...)\n\n",
- "Solution: if a trojan horse is running, run a good antivirus scanner\n",
- "Risk factor : Low");
+ "Solution: if a trojan horse is running, run a good antivirus scanner");
security_note(port: port, data: m);
Modified: trunk/openvas-plugins/scripts/ultravnc_dsm_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ultravnc_dsm_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ultravnc_dsm_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,13 +51,9 @@
Solution :
If this service is not needed, disable it or filter incoming traffic
-to this port.
+to this port.";
-Risk factor :
-None";
-
-
script_description(desc);
script_summary( "Detect 12 pseudo-random bytes in banner (UltraVNC w/ DSM)");
Modified: trunk/openvas-plugins/scripts/unprotected_cheopsNG.nasl
===================================================================
--- trunk/openvas-plugins/scripts/unprotected_cheopsNG.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/unprotected_cheopsNG.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,9 +48,7 @@
Restrict access to this port or enable authentication by starting the
agent using the '-p' option.
-Risk factor :
-
-Medium / CVSS Base Score : 5
+CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/uploadskrip.nasl
===================================================================
--- trunk/openvas-plugins/scripts/uploadskrip.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/uploadskrip.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -59,9 +59,7 @@
Unknown at this time.
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/ventrilo_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ventrilo_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ventrilo_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,11 +50,8 @@
Make sure the use of this software is made in accordance to your local
security policy since Ventrilo is often associated with multi-player
-online games.
+online games.";
-Risk factor :
-
-None";
script_description(desc);
summary = "Detects a Ventrilo server";
Modified: trunk/openvas-plugins/scripts/ventrilo_dos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ventrilo_dos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ventrilo_dos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -40,9 +40,7 @@
Unknown at this time.
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:A)";
Modified: trunk/openvas-plugins/scripts/visnetic_mailserver_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/visnetic_mailserver_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/visnetic_mailserver_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -67,9 +67,7 @@
Upgrade to Merak Mail Server 8.3.5.r / VisNetic Mail Server version
8.3.5 or later.
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/vmware_server_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/vmware_server_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/vmware_server_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,12 +43,8 @@
See also :
-http://www.vmware.com/
+http://www.vmware.com/";
-Risk factor :
-
-None";
-
script_description(desc);
summary = "Detect VMware Server Authentication Daemon";
Modified: trunk/openvas-plugins/scripts/vnc.nasl
===================================================================
--- trunk/openvas-plugins/scripts/vnc.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/vnc.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -44,12 +44,8 @@
Solution :
Make sure the use of this software is done in accordance with your
-corporate security policy, filter incoming traffic to this port.
+corporate security policy, filter incoming traffic to this port.";
-Risk factor :
-
-None";
-
if(description)
{
script_id(10342);
Modified: trunk/openvas-plugins/scripts/vtiger_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/vtiger_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/vtiger_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,7 +58,7 @@
Upgrade to vtiger 4.5 alpha 2 or later.
-Risk factor : High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/webalbum_local_file_include.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webalbum_local_file_include.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/webalbum_local_file_include.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -50,7 +50,7 @@
Unknown at this time.
-Risk factor: High / CVSS Base Score : 5.1
+CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)";
Modified: trunk/openvas-plugins/scripts/webcalendar_info_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webcalendar_info_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/webcalendar_info_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -59,9 +59,7 @@
Upgrade to WebCalendar 1.0.4 or later.
-Risk factor :
-
-Medium / CVSS Base Score : 5.0
+CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/webgui_remote_cmd_exec.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webgui_remote_cmd_exec.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/webgui_remote_cmd_exec.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -47,9 +47,7 @@
Upgrade to WebGUI 6.7.6 or later.
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
if (description) {
Modified: trunk/openvas-plugins/scripts/weblogic_dotdotdos.nasl
===================================================================
--- trunk/openvas-plugins/scripts/weblogic_dotdotdos.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/weblogic_dotdotdos.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -40,7 +40,6 @@
Requesting an overly long URL starting with a double dot
can crash certain version of WebLogic servers.
-Risk factor: Critical
Solution : upgrade to at least WebLogic 5.1 with Service Pack 7";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/weblogic_percent.nasl
===================================================================
--- trunk/openvas-plugins/scripts/weblogic_percent.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/weblogic_percent.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,7 +43,6 @@
the source code of JSP files, or other dynamic content.
Reference : http://www.securityfocus.com/bid/2513
-Risk factor : High
Solution : upgrade to WebLogic 6.0 with Service Pack 1";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/webnews.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webnews.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/webnews.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -63,7 +63,7 @@
Apply the patch made released by the vendor on February 14th, 2002 if
running Webnews 1.1 or older.
-Risk factor: High / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:R/C:P/A:P/I:P/B:N)";
Modified: trunk/openvas-plugins/scripts/webplus_install_path.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webplus_install_path.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/webplus_install_path.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -42,9 +42,7 @@
Apply the vendor-supplied patch.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
if(description)
Modified: trunk/openvas-plugins/scripts/webserver4d.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webserver4d.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/webserver4d.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -47,8 +47,7 @@
on this host.
-Solution: Contact http://www.mdg.com for an update.
-Risk Factor: Medium");
+Solution: Contact http://www.mdg.com for an update.");
script_summary("Checks for Webserver 4D");
Modified: trunk/openvas-plugins/scripts/webserver_favicon.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webserver_favicon.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/webserver_favicon.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -43,9 +43,7 @@
Remove the 'favicon.ico' file or create a custom one for your site.
-Risk factor:
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
if(description) {
Modified: trunk/openvas-plugins/scripts/websphere_cache_DoS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/websphere_cache_DoS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/websphere_cache_DoS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -46,8 +46,6 @@
We could crash the WebSphere Edge caching proxy by sending a
bad request to the helpout.exe CGI
-Risk factor: Medium
-
Solution : Upgrade your web server or remove this CGI.";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/webspirs_cgi.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webspirs_cgi.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/webspirs_cgi.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -45,9 +45,7 @@
Remove this CGI script.
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
Modified: trunk/openvas-plugins/scripts/webwasher_conf_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/webwasher_conf_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/webwasher_conf_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,9 +61,7 @@
Upgrade to WebWasher CSM 4.4.1 Build 1613 or later.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/worldclient_server_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/worldclient_server_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/worldclient_server_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -54,8 +54,6 @@
that only authorized networks have access to this web server's port number
(block the web server's port number on your firewall).
-Risk factor: Medium
-
For more information see:
http://www.securiteam.com/cgi-bin/htsearch?config=htdigSecuriTeam&words=WorldClient";
@@ -105,7 +103,6 @@
# I'm wondering if this should not be in another plugin (rd)
report = string("\nThis version of WorldClient contains serious security vulnerabilities.\n",
"It is advisable that you upgrade to the latest version\n",
- "Risk factor : High\n",
"Solution : Upgrade\n");
security_hole(data:report, port:port);
}
Modified: trunk/openvas-plugins/scripts/wowBB_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/wowBB_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/wowBB_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -58,7 +58,7 @@
Unknown at this time.
-Risk factor : High / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/wowBB_sql_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/wowBB_sql_injection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/wowBB_sql_injection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -62,7 +62,7 @@
Unknown at this time.
-Risk factor: High / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/ws4e_too_long_url.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ws4e_too_long_url.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ws4e_too_long_url.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -49,8 +49,6 @@
arbitrary code by sending it a too long url with
the Host: field set to 127.0.0.1
-Risk factor: Medium
-
Solution : Upgrade your web server.";
Modified: trunk/openvas-plugins/scripts/wsus_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/wsus_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/wsus_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -51,12 +51,8 @@
See also:
-http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
+http://www.microsoft.com/windowsserversystem/updateservices/default.mspx";
-Risk factor :
-
-None";
-
script_description(desc);
summary = "Checks for WSUS console";
Modified: trunk/openvas-plugins/scripts/wu_ftpd_site_exec.nasl
===================================================================
--- trunk/openvas-plugins/scripts/wu_ftpd_site_exec.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/wu_ftpd_site_exec.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -126,8 +126,7 @@
"*** so it could not determine whether the option SITE\n",
"*** EXEC was activated or not, so this message may be\n",
"*** a false positive\n\n",
-"Solution : upgrade to wu-ftpd 2.6.1\n",
-"Risk factor : High");
+"Solution : upgrade to wu-ftpd 2.6.1");
security_hole(port:ftpport, data:data);
}
}
Modified: trunk/openvas-plugins/scripts/wuftpd_ls_DoS.nasl
===================================================================
--- trunk/openvas-plugins/scripts/wuftpd_ls_DoS.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/wuftpd_ls_DoS.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -49,8 +49,7 @@
ls "-w 1000000 -C"
See http://www.guninski.com/binls.html
-Solution : Contact your vendor for a fix
-Risk factor: Medium';
+Solution : Contact your vendor for a fix';
script_description( desc);
script_summary( "send ls -w 1000000 -C to the remote FTP server");
Modified: trunk/openvas-plugins/scripts/www_server_name.nasl
===================================================================
--- trunk/openvas-plugins/scripts/www_server_name.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/www_server_name.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -39,8 +39,6 @@
However, using a special crafted request, OpenVAS was able
to discover it.
-Risk factor : None
-
Solution : Fix your configuration.";
script_description(desc);
@@ -105,7 +103,6 @@
to determine that is is running :
" + s1 + "
-Risk factor : None
Solution : Fix your configuration.";
security_warning(port:port, data:rep);
Modified: trunk/openvas-plugins/scripts/www_too_long_options.nasl
===================================================================
--- trunk/openvas-plugins/scripts/www_too_long_options.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/www_too_long_options.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -48,8 +48,6 @@
execute arbitrary code by sending it a too long url through
the OPTIONS method.
-Risk factor: Critical
-
Solution : Upgrade your web server.";
Modified: trunk/openvas-plugins/scripts/www_too_long_url.nasl
===================================================================
--- trunk/openvas-plugins/scripts/www_too_long_url.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/www_too_long_url.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -37,10 +37,8 @@
possible to gain remote access using buffer overflow.
Solution:
-Upgrade vulnerable web server to latest version.
+Upgrade vulnerable web server to latest version.";
-Risk factor: Critical
-";
script_description(desc);
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"risk_factor", value:"Critical");
Modified: trunk/openvas-plugins/scripts/wwwboardpwd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/wwwboardpwd.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/wwwboardpwd.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Configure the wwwadmin.pl script to change the name and location of
'passwd.txt'.
-Risk factor: Critical / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/xaraya_detection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/xaraya_detection.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/xaraya_detection.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -38,13 +38,9 @@
See also :
-http://www.xaraya.com/
+http://www.xaraya.com/";
-Risk factor :
-None";
-
-
if(description)
{
script_id(19426);
Modified: trunk/openvas-plugins/scripts/xhp_cms_file_upload.nasl
===================================================================
--- trunk/openvas-plugins/scripts/xhp_cms_file_upload.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/xhp_cms_file_upload.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -55,7 +55,7 @@
Upgrade to version 0.51 or a newer release.
-Risk factor: Critical / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/xnews.nasl
===================================================================
--- trunk/openvas-plugins/scripts/xnews.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/xnews.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Deny access to the files in the 'db' directory through the webserver.
-Risk factor: High / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/xoops_viewtopic_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/xoops_viewtopic_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/xoops_viewtopic_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -60,7 +60,7 @@
Solution :
Unknown at this time.
- Risk factor: Medium / CVSS Base Score : 2
+ CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/xot_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/xot_detect.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/xot_detect.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -39,11 +39,7 @@
The remote target is an XOT router.
For more information, read RFC 1613 or
-http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/x25.pdf
-
-Risk factor :
-
-None';
+http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/x25.pdf';
script_description(desc);
script_summary( 'Detect XOT by sending an invalid packet');
script_copyright( 'This script is Copyright (C) 2008 Michel Arboi');
Modified: trunk/openvas-plugins/scripts/xst_http_trace.nasl
===================================================================
--- trunk/openvas-plugins/scripts/xst_http_trace.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/xst_http_trace.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,7 +53,7 @@
http://www.kb.cert.org/vuls/id/867593
-Risk factor: High / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)';
Modified: trunk/openvas-plugins/scripts/yabb_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/yabb_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/yabb_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -70,9 +70,7 @@
Unknown at this time.
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:R/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/yacy_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/yacy_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/yacy_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -65,7 +65,7 @@
Upgrade to YaCy 0.32 or later.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/yapig_multiple_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/yapig_multiple_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/yapig_multiple_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -68,9 +68,7 @@
Update to YaPiG 0.95b or later.
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/yapig_pass_dir_access.nasl
===================================================================
--- trunk/openvas-plugins/scripts/yapig_pass_dir_access.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/yapig_pass_dir_access.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,9 +61,7 @@
Unknown at this time.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/yapig_remote_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/yapig_remote_vuln.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/yapig_remote_vuln.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -69,9 +69,7 @@
Upgrade to YaPiG 0.92.2 or later.
-Risk factor :
-
-High / CVSS Base Score : 7
+CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/yawcam_dir_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/yawcam_dir_traversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/yawcam_dir_traversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -57,9 +57,7 @@
Upgrade to Yawcam 0.2.6 or later.
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/ypupdated_remote_exec.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ypupdated_remote_exec.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/ypupdated_remote_exec.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -56,7 +56,7 @@
If this option was not set, the rpc.ypupdated daemon is still vulnerable
to the old flaw; contact your vendor for a patch.
-Risk factor: Critical / CVSS Base Score : 9.3
+CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)";
Modified: trunk/openvas-plugins/scripts/zeroboard_flaws.nasl
===================================================================
--- trunk/openvas-plugins/scripts/zeroboard_flaws.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/zeroboard_flaws.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -64,7 +64,7 @@
Upgrade to Zeroboard 4.1pl5 or later.
-Risk factor: High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/zeroboard_flaws2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/zeroboard_flaws2.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/zeroboard_flaws2.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -61,7 +61,7 @@
Upgrade to Zeroboard 4.1pl6 or later.
-Risk factor: High / CVSS Base Score : 6
+CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/zeroboard_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/zeroboard_xss.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/zeroboard_xss.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -62,7 +62,7 @@
Upgrade to Zeroboard 4.1pl6 or later.
-Risk factor: Medium / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/zml_cgi_traversal.nasl
===================================================================
--- trunk/openvas-plugins/scripts/zml_cgi_traversal.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/zml_cgi_traversal.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -53,9 +53,7 @@
http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0086.html
-Risk factor :
-
-Medium / CVSS Base Score : 4
+CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
Modified: trunk/openvas-plugins/scripts/zope_path_disclosure.nasl
===================================================================
--- trunk/openvas-plugins/scripts/zope_path_disclosure.nasl 2011-11-18 09:15:11 UTC (rev 12134)
+++ trunk/openvas-plugins/scripts/zope_path_disclosure.nasl 2011-11-18 11:38:04 UTC (rev 12135)
@@ -57,9 +57,7 @@
Upgrade to Zope 2.5.1b1 / 2.6.0b1 or later.
-Risk factor :
-
-Low / CVSS Base Score : 2
+CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)";
script_description(desc);
More information about the Openvas-commits
mailing list