[Openvas-commits] r12141 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Mon Nov 21 10:58:34 CET 2011
Author: jan
Date: 2011-11-21 10:58:28 +0100 (Mon, 21 Nov 2011)
New Revision: 12141
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/scripts/gb_java_prdts_detect_lin.nasl
trunk/openvas-plugins/scripts/secpod_sun_virtualbox_detect_lin.nasl
Log:
* scripts/gb_java_prdts_detect_lin.nasl: Reworked according to CR#57.
- Replaced script_id() by script_oid() call and moved SCRIPT_OID to top.
- Added cvss_base tag of 0.0.
- Added detection tag.
- Revised description with straighter text, no mentioning to KB (users
don't know about it and it is irrelevant for the report) and added
explanation how detection works.
- Remove mentioning of KB from summary.
- Changed family from Service detection to Product detection.
- Removed "SCRIPT_DESC" use at is not necessary anymore.
- Removed comments that provide no extra information
- In case of socket error, don't just exit with 0. Instead issue
error_message (if available) and exit with -1.
- Instead of security_note issue a log_message. Changed text of
message to explain the results.
- changed "binaryFile" to "executableFile" which is more precise
(register_cpe): Added param binFile and replaced call of
register_host_detail by call of register_product.
* scripts/secpod_sun_virtualbox_detect_lin.nasl: Improved description slightly.
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2011-11-21 09:06:21 UTC (rev 12140)
+++ trunk/openvas-plugins/ChangeLog 2011-11-21 09:58:28 UTC (rev 12141)
@@ -19,6 +19,29 @@
(register_cpe): Added param binFile and replaced call of
register_host_detail by call of register_product.
+ * scripts/secpod_sun_virtualbox_detect_lin.nasl: Improved description slightly.
+
+2011-11-21 Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>
+
+ * scripts/gb_java_prdts_detect_lin.nasl: Reworked according to CR#57.
+ - Replaced script_id() by script_oid() call and moved SCRIPT_OID to top.
+ - Added cvss_base tag of 0.0.
+ - Added detection tag.
+ - Revised description with straighter text, no mentioning to KB (users
+ don't know about it and it is irrelevant for the report) and added
+ explanation how detection works.
+ - Remove mentioning of KB from summary.
+ - Changed family from Service detection to Product detection.
+ - Removed "SCRIPT_DESC" use at is not necessary anymore.
+ - Removed comments that provide no extra information
+ - In case of socket error, don't just exit with 0. Instead issue
+ error_message (if available) and exit with -1.
+ - Instead of security_note issue a log_message. Changed text of
+ message to explain the results.
+ - changed "binaryFile" to "executableFile" which is more precise
+ (register_cpe): Added param binFile and replaced call of
+ register_host_detail by call of register_product.
+
2011-11-21 Henri Doreau <henri.doreau at greenbone.net>
* scripts/host_details.inc (register_host_details): Made the description
Modified: trunk/openvas-plugins/scripts/gb_java_prdts_detect_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_java_prdts_detect_lin.nasl 2011-11-21 09:06:21 UTC (rev 12140)
+++ trunk/openvas-plugins/scripts/gb_java_prdts_detect_lin.nasl 2011-11-21 09:58:28 UTC (rev 12141)
@@ -7,6 +7,9 @@
# Authors:
# Sharath S <sharaths at secpod.com>
#
+# Updated by: <jan-oliver.wagner at greenbone.net> on 2011-11-21
+# Revsied to comply with Change Request #57.
+#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
@@ -24,69 +27,66 @@
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
+SCRIPT_OID = "1.3.6.1.4.1.25623.1.0.800385";
+
if(description)
{
- script_id(800385);
+ script_oid(SCRIPT_OID);
script_version("$Revision$");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2009-04-23 08:16:04 +0200 (Thu, 23 Apr 2009)");
script_tag(name:"risk_factor", value:"None");
+ script_tag(name:"cvss_base", value:"0.0");
script_name("Sun Java Products Version Detection (Linux)");
- desc = "
- Overview : This script finds the installed version of Java Products
- and sets the results in KB.";
+ script_description("Detection of installed version of Java products
+on Linux systems. It covers Sun Java, IBM Java and GCJ.
- script_description(desc);
- script_summary("Set the KB for the version of Java Products");
+The script logs in via ssh, searches for executables 'javaaws' and
+'java' and queries the found executables via command line option '-fullversion'.");
+ script_summary("Detects Sun Java Products");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
- script_family("Service detection");
+ script_family("Product detection");
exit(0);
}
-
include("ssh_func.inc");
include("version_func.inc");
include("cpe.inc");
include("host_details.inc");
-## Constant values
-SCRIPT_OID = "1.3.6.1.4.1.25623.1.0.800385";
-SCRIPT_DESC = "Sun Java Products Version Detection (Linux)";
-
-## functions for script
-function register_cpe(tmpVers, tmpExpr, tmpBase){
-
- local_var cpe;
- ## build cpe and store it as host_detail
- cpe = build_cpe(value:tmpVers, exp:tmpExpr, base:tmpBase);
- if(!isnull(cpe))
- register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+function register_cpe(tmpVers, tmpExpr, tmpBase, binFile){
+ local_var cpe;
+ cpe = build_cpe(value:tmpVers, exp:tmpExpr, base:tmpBase);
+ if(!isnull(cpe))
+ register_product(cpe:cpe, location:binFile, nvt:SCRIPT_OID);
}
-## start script
sock = ssh_login_or_reuse_connection();
if(!sock){
- exit(0);
+ if (defined_func("error_message"))
+ error_message(port:port, data:"Failed to open ssh port.");
+ exit(-1);
}
# Check for Java Web Start
jwspaths = find_bin(prog_name:"javaws", sock:sock);
if(jwspaths)
{
- foreach jwsBin (jwspaths)
+ foreach executableFile (jwspaths)
{
- jwsVer = get_bin_version(full_prog_name:chomp(jwsBin), sock:sock,
+ jwsVer = get_bin_version(full_prog_name:chomp(executableFile), sock:sock,
version_argv:"-fullversion",
ver_pattern:"Java\(TM\) Web Start ([0-9_.]+)");
if(jwsVer[1] != NULL)
{
set_kb_item(name:"Java/WebStart/Linux/Ver", value:jwsVer[1]);
- security_note(data:"Java WebStart version " + jwsVer[1] + " was detected on the host");
+ log_message(data:'Detected Java WebStart version: ' + jwsVer[1] +
+ '\nLocation: ' + executableFile +
+ '\n\nConcluded from version identification result:\n' + jwsVer[max_index(jwsVer)-1]);
- ## build cpe and store it as host_detail
- register_cpe(tmpVers:jwsVer[1], tmpExpr:"^([0-9]\.[0-9_.]+)", tmpBase:"cpe:/a:sun:java_web_start:");
-
+ register_cpe(tmpVers:jwsVer[1], tmpExpr:"^([0-9]\.[0-9_.]+)",
+ tmpBase:"cpe:/a:sun:java_web_start:", binFile:executableFile);
}
}
}
@@ -95,9 +95,9 @@
javapaths = find_bin(prog_name:"java", sock:sock);
if(javapaths)
{
- foreach javaBin (javapaths)
+ foreach executableFile (javapaths)
{
- javaVer = get_bin_version(full_prog_name:chomp(javaBin), sock:sock,
+ javaVer = get_bin_version(full_prog_name:chomp(executableFile), sock:sock,
version_argv:"-fullversion ",
ver_pattern:'java.? full version \"(.*)\"');
# LibGCJ
@@ -107,7 +107,10 @@
if(gcjVer[1] != NULL)
{
set_kb_item(name:"Java/JRE/Linux/LibGCJ/Ver", value:gcjVer[1]);
- security_note(data:"Java JRE version " + gcjVer[1] + " was detected on the host");
+ log_message(data:'Detected Java JRE version: ' + gcjVer[1] +
+ '\nLocation: ' + executableFile +
+ '\n\nConcluded from version identification result:\n' +
+ javaVer[max_index(javaVer)-1]);
}
}
# IBM Java
@@ -117,7 +120,10 @@
{
ibmVer = ibmVer[1] + "." + ibmVer[2];
set_kb_item(name:"IBM/Java/JRE/Linux/Ver", value:ibmVer);
- security_note(data:"IBM Java JRE version " + ibmVer + " was detected on the host");
+ log_message(data:'Detected IBM Java JRE version: ' + ibmVer +
+ '\nLocation: ' + executableFile +
+ '\n\nConcluded from version identification result:\n' +
+ javaVer[max_index(javaVer)-1]);
}
}
# Sun Java
@@ -125,11 +131,13 @@
{
set_kb_item(name:"Sun/Java/JRE/Linux/Ver", value:javaVer[1]);
security_note(data:"Sun Java JRE version " + javaVer[1] + " was detected on the host");
-
- ## build cpe and store it as host_detail
+ log_message(data:'Detected Sun Java JRE version: ' + javaVer +
+ '\nLocation: ' + executableFile +
+ '\n\nConcluded from version identification result:\n' +
+ javaVer[max_index(javaVer)-1]);
register_cpe(tmpVers:javaVer[1], tmpExpr:"^([0-9._]+)", tmpBase:"cpe:/a:sun:jre:");
-
}
}
}
+
ssh_close_connection();
Modified: trunk/openvas-plugins/scripts/secpod_sun_virtualbox_detect_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_sun_virtualbox_detect_lin.nasl 2011-11-21 09:06:21 UTC (rev 12140)
+++ trunk/openvas-plugins/scripts/secpod_sun_virtualbox_detect_lin.nasl 2011-11-21 09:58:28 UTC (rev 12141)
@@ -45,8 +45,8 @@
script_description("Detection of installed versions of Sun VirtualBox,
a hypervisor tool, on Linux systems.
-The script logs in via ssh, searches for binaries of VirtualBox and
-queries the found binaries via command line option '--version'.");
+The script logs in via ssh, searches for executables of VirtualBox and
+queries the found executables via command line option '--version'.");
script_summary("Detects Sun VirtualBox on Linux");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 SecPod");
More information about the Openvas-commits
mailing list