[Openvas-commits] r12201 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Fri Nov 25 23:22:21 CET 2011


Author: jan
Date: 2011-11-25 23:22:12 +0100 (Fri, 25 Nov 2011)
New Revision: 12201

Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/secpod_freetype_detect_lin.nasl
   trunk/openvas-plugins/scripts/secpod_hplip_detect_lin.nasl
   trunk/openvas-plugins/scripts/secpod_imagemagick_detect_lin.nasl
   trunk/openvas-plugins/scripts/secpod_pango_detect.nasl
   trunk/openvas-plugins/scripts/secpod_pidgin_detect_lin.nasl
   trunk/openvas-plugins/scripts/secpod_postgresql_detect_lin.nasl
Log:
* scripts/secpod_pidgin_detect_lin.nasl,
scripts/secpod_imagemagick_detect_lin.nasl,
scripts/secpod_pango_detect.nasl: Revised according
to CR#57. Also fixed bug of too early exit.

* scripts/secpod_freetype_detect_lin.nasl:
scripts/secpod_postgresql_detect_lin.nasl,
scripts/secpod_hplip_detect_lin.nasl,
scripts/secpod_libpng_detect_lin.nasl: Revised according
to CR#57. Also fixed bug of too early exit.



Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2011-11-25 17:03:39 UTC (rev 12200)
+++ trunk/openvas-plugins/ChangeLog	2011-11-25 22:22:12 UTC (rev 12201)
@@ -1,3 +1,16 @@
+2011-11-25  Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>
+
+	* scripts/secpod_pidgin_detect_lin.nasl,
+	scripts/secpod_imagemagick_detect_lin.nasl,
+	scripts/secpod_pango_detect.nasl: Revised according
+	to CR#57. Also fixed bug of too early exit.
+
+	* scripts/secpod_freetype_detect_lin.nasl:
+	scripts/secpod_postgresql_detect_lin.nasl,
+	scripts/secpod_hplip_detect_lin.nasl,
+	scripts/secpod_libpng_detect_lin.nasl: Revised according
+	to CR#57. Also fixed bug of too early exit.
+
 2011-11-25 Antu Sanadi <santu at secpod.com>
 
 	* scripts/secpod_hastymail2_rs_param_xss_vuln.nasl,

Modified: trunk/openvas-plugins/scripts/secpod_freetype_detect_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_freetype_detect_lin.nasl	2011-11-25 17:03:39 UTC (rev 12200)
+++ trunk/openvas-plugins/scripts/secpod_freetype_detect_lin.nasl	2011-11-25 22:22:12 UTC (rev 12201)
@@ -7,6 +7,9 @@
 # Authors:
 # Antu Sanadi <santu at secpod.com>
 #
+# Updated by: <jan-oliver.wagner at greenbone.net> on 2011-11-24
+# Revised to comply with Change Request #57.
+#
 # Copyright:
 # Copyright (c) 2009 SecPod, http://www.secpod.com
 #
@@ -24,60 +27,60 @@
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 ###############################################################################
 
+SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900626";
+
 if(description)
 {
-  script_id(900626);
+  script_oid(SCRIPT_OID);
   script_version("$Revision$");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-04-24 16:23:28 +0200 (Fri, 24 Apr 2009)");
   script_tag(name:"risk_factor", value:"None");
+  script_tag(name:"cvss_base", value:"0.0");
+  script_tag(name:"detection", value:"executable version check");
   script_name("FreeType Version Detection (Linux)");
-  desc = "
-  Overview : The script detects the installed version of FreeType and saves
-  the result in KB.";
+  script_description("Detection of installed version of FreeType.
 
-  script_description(desc);
-  script_summary("Set KB for the version of FreeType");
+The script logs in via ssh, searches for executable 'freetype-config' and
+queries the found executables via command line option '--ftversion'.");
+  script_summary("Detection of installed version of FreeType");
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2009 SecPod");
-  script_family("Service detection");
+  script_family("Product detection");
   exit(0);
 }
 
-
 include("ssh_func.inc");
 include("version_func.inc");
 include("cpe.inc");
 include("host_details.inc");
 
-## Constant values
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900626";
-SCRIPT_DESC = "FreeType Version Detection (Linux)";
-
 sock = ssh_login_or_reuse_connection();
 if(!sock){
-  exit(0);
+  if (defined_func("error_message"))
+    error_message(port:port, data:"Failed to open ssh port.");
+  exit(-1);
 }
 
 binFiles = find_file(file_name:"freetype-config",file_path:"/", useregex:TRUE,
                     regexpar:"$", sock:sock);
-foreach binName (binFiles)
+foreach executableFile (binFiles)
 {
-  ftVer = get_bin_version(full_prog_name:chomp(binName), sock:sock,
+  executableFile = chomp(executableFile);
+  ftVer = get_bin_version(full_prog_name:executableFile, sock:sock,
                   version_argv:"--ftversion",ver_pattern:"[0-9.]+");
   if(ftVer[0] != NULL)
   {
     set_kb_item(name:"FreeType/Linux/Ver", value:ftVer[0]);
-    security_note(data:"FreeType version " + ftVer[0] +
-             " running at location " + binName + " was detected on the host");
-    ssh_close_connection();
-    
-    ## build cpe and store it as host_detail
     cpe = build_cpe(value:ftVer[0], exp:"^([0-9.]+)", base:"cpe:/a:freetype:freetype:");
     if(!isnull(cpe))
-       register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+      register_product(cpe:cpe, location:executableFile, nvt:SCRIPT_OID);
 
-    exit(0);
+    log_message(data:'Detected FreeType version: ' + ftVer[0] +
+        '\nLocation: ' + executableFile +
+        '\nCPE: '+ cpe +
+        '\n\nConcluded from version identification result:\n' + ftVer[max_index(ftVer)-1]);
   }
 }
+
 ssh_close_connection();

Modified: trunk/openvas-plugins/scripts/secpod_hplip_detect_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_hplip_detect_lin.nasl	2011-11-25 17:03:39 UTC (rev 12200)
+++ trunk/openvas-plugins/scripts/secpod_hplip_detect_lin.nasl	2011-11-25 22:22:12 UTC (rev 12201)
@@ -7,6 +7,9 @@
 # Authors:
 # Sujit Ghosal <sghosal at secpod.com>
 #
+# Updated by: <jan-oliver.wagner at greenbone.net> on 2011-11-24
+# Revised to comply with Change Request #57.
+#
 # Copyright:
 # Copyright (c) 2009 SecPod, http://www.secpod.com
 #
@@ -24,63 +27,63 @@
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 ###############################################################################
 
+SCRIPT_OID = "1.3.6.1.4.1.25623.1.0.900428";
+
 if(description)
 {
-  script_id(900428);
+  script_oid(SCRIPT_OID);
   script_version("$Revision$");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-01-23 16:33:16 +0100 (Fri, 23 Jan 2009)");
   script_tag(name:"risk_factor", value:"None");
+  script_tag(name:"cvss_base", value:"0.0");
+  script_tag(name:"detection", value:"executable version check");
   script_name("HP Linux Imaging and Printing System Version Detection (Linux)");
-  desc = "
+  script_description("Detection of installed version of HP Linux Imaging and Printing System.
 
-  Overview: The script detects the version of HP Linux Imaging and Printing 
-  System and sets the result in KB.";
-
-  script_description(desc);
-  script_summary("Set the KB for the version of HP LIP");
+The script logs in via ssh, searches for executable 'avahi-daemon' and
+queries the found executables via command line option '--version'.");
+  script_summary("Detection of installed version of  HP Linux Imaging and Printing System");
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2009 SecPod");
-  script_family("General");
+  script_family("Product detection");
   exit(0);
 }
 
-
 include("ssh_func.inc");
 include("version_func.inc");
 include("cpe.inc");
 include("host_details.inc");
 
-## Constant values
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900428";
-SCRIPT_DESC = "HP Linux Imaging and Printing System Version Detection (Linux)";
-
 sock = ssh_login_or_reuse_connection();
 if(!sock){
-  exit(0);
+  if (defined_func("error_message"))
+    error_message(port:port, data:"Failed to open ssh port.");
+  exit(-1);
 }
 
 hplipPath = find_file(file_name:"hp-setup", file_path:"/", useregex:TRUE,
                       regexpar:"$", sock:sock);
-foreach hplipBin (hplipPath)
+foreach executableFile (hplipPath)
 {
-  hplipVer = get_bin_version(full_prog_name:chomp(hplipBin), sock:sock,
+  executableFile = chomp(executableFile);
+  hplipVer = get_bin_version(full_prog_name:executableFile, sock:sock,
                              version_argv:"--version",
                              ver_pattern:"ver. ([0-9]\.[0-9.]+)");
   if(hplipVer[1] != NULL)
   {
     set_kb_item(name:"HP-LIP/Linux/Ver", value:hplipVer[1]);
-    security_note(data:"HP Linux Imaging and Printing System Version "  +
-                       hplipVer[1] + " running at location " + hplipBin + 
-                      " was detected on the host");
-    ssh_close_connection();
-    
-    ## build cpe and store it as host_detail
     cpe = build_cpe(value:hplipVer[1], exp:"^([0-9.]+)", base:"cpe:/a:hp:hplip:");
     if(!isnull(cpe))
-       register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+      register_product(cpe:cpe, location:executableFile, nvt:SCRIPT_OID);
+    else
+      cpe = "Failed";
 
-    exit(0);
+    log_message(data:'Detected HP Linux Imaging and Printing System version: ' + hplipVer[1] +
+        '\nLocation: ' + executableFile +
+        '\nCPE: '+ cpe +
+        '\n\nConcluded from version identification result:\n' + hplipVer[max_index(hplipVer)-1]);
   }
 }
+
 ssh_close_connection();

Modified: trunk/openvas-plugins/scripts/secpod_imagemagick_detect_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_imagemagick_detect_lin.nasl	2011-11-25 17:03:39 UTC (rev 12200)
+++ trunk/openvas-plugins/scripts/secpod_imagemagick_detect_lin.nasl	2011-11-25 22:22:12 UTC (rev 12201)
@@ -7,6 +7,9 @@
 # Authors:
 # Nikita MR <rnikita at secpod.com>
 #
+# Updated by: <jan-oliver.wagner at greenbone.net> on 2011-11-24
+# Revised to comply with Change Request #57.
+#
 # Copyright:
 # Copyright (c) 2009 SecPod, http://www.secpod.com
 #
@@ -25,61 +28,61 @@
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 ###############################################################################
 
+SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900563";
+
 if(description)
 {
-  script_id(900563);
+  script_oid(SCRIPT_OID);
   script_version("$Revision$");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-06-02 08:16:42 +0200 (Tue, 02 Jun 2009)");
   script_tag(name:"risk_factor", value:"None");
+  script_tag(name:"cvss_base", value:"0.0");
+  script_tag(name:"detection", value:"executable version check");
   script_name("ImageMagick version Detection (Linux)");
-  desc = "
+  script_description("Detection of installed version of ImageMagick.
 
-  Overview : This script retrieves ImageMagick version and saves the
-  result in KB.";
-
-  script_description(desc);
-  script_family("Service detection");
+The script logs in via ssh, searches for executable 'identify' and
+queries the found executables via command line option '-version'.");
+  script_summary("Detection of installed version of ImageMagick");
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2009 SecPod");
-  script_summary("Set Version of ImageMagick in KB");
+  script_family("Product detection");
   exit(0);
 }
 
-
 include("ssh_func.inc");
 include("version_func.inc");
 include("cpe.inc");
 include("host_details.inc");
 
-## Constant values
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900563";
-SCRIPT_DESC = "ImageMagick version Detection (Linux)";
-
 sock = ssh_login_or_reuse_connection();
 if(!sock){
-  exit(0);
+  if (defined_func("error_message"))
+    error_message(port:port, data:"Failed to open ssh port.");
+  exit(-1);
 }
 
 getPath = find_bin(prog_name:"identify", sock:sock);
-foreach binaryFile (getPath)
+foreach executableFile (getPath)
 {
-  imageVer = get_bin_version(full_prog_name:chomp(binaryFile), version_argv:"-version",
+  executableFile = chomp(executableFile);
+  imageVer = get_bin_version(full_prog_name:chomp(executableFile), version_argv:"-version",
                           ver_pattern:"ImageMagick ([0-9.]+\-?[0-9]?)", sock:sock);
 
   if(imageVer[1] != NULL)
   {
     imageVer[1] = ereg_replace(pattern:"-", string:imageVer[1], replace: ".");
     set_kb_item(name:"ImageMagick/Lin/Ver", value:imageVer[1]);
-    security_note(data:"ImageMagick version " + imageVer[1] +
-          " running at location " + binaryFile + " was detected on the host");
-      
-    ## build cpe and store it as host_detail
     cpe = build_cpe(value:imageVer[1], exp:"^([0-9.]+)", base:"cpe:/a:imagemagick:imagemagick:");
     if(!isnull(cpe))
-       register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+      register_product(cpe:cpe, location:executableFile, nvt:SCRIPT_OID);
 
-
+    log_message(data:'Detected ImageMagick version: ' + imageVer[1] +
+        '\nLocation: ' + executableFile +
+        '\nCPE: '+ cpe +
+        '\n\nConcluded from version identification result:\n' + imageVer[max_index(imageVer)-1]);
   }
 }
+
 ssh_close_connection();

Modified: trunk/openvas-plugins/scripts/secpod_pango_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_pango_detect.nasl	2011-11-25 17:03:39 UTC (rev 12200)
+++ trunk/openvas-plugins/scripts/secpod_pango_detect.nasl	2011-11-25 22:22:12 UTC (rev 12201)
@@ -7,6 +7,9 @@
 # Authors:
 # Antu Sanadi <santu at secpod.com>
 #
+# Updated by: <jan-oliver.wagner at greenbone.net> on 2011-11-24
+# Revised to comply with Change Request #57.
+#
 # Copyright:
 # Copyright (c) 2009 SecPod, http://www.secpod.com
 #
@@ -24,57 +27,59 @@
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 ###############################################################################
 
+SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900643";
+
 if(description)
 {
-  script_id(900643);
+  script_oid(SCRIPT_OID);
   script_version("$Revision$");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-05-22 08:49:17 +0200 (Fri, 22 May 2009)");
   script_tag(name:"risk_factor", value:"None");
+  script_tag(name:"cvss_base", value:"0.0");
+  script_tag(name:"detection", value:"executable version check");
   script_name("Pango Version Detection");
-  desc = "
+  script_description("Detection of installed version of Pango.
 
-  Overview: This script detects the installed version of Pango and sets the
-  result in KB.";
-
-  script_description(desc);
-  script_summary("Set KB for the version of Pango");
+The script logs in via ssh, searches for executable 'pango-view' and
+queries the found executables via command line option '--version'.");
+  script_summary("Detection of installed version of Pango");
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2009 SecPod");
-  script_family("Service detection");
+  script_family("Product detection");
   exit(0);
 }
 
-
 include("ssh_func.inc");
 include("version_func.inc");
 include("cpe.inc");
 include("host_details.inc");
 
-## Constant values
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900643";
-SCRIPT_DESC = "Pango Version Detection";
-
 sock = ssh_login_or_reuse_connection();
 if(!sock){
-  exit(0);
+  if (defined_func("error_message"))
+    error_message(port:port, data:"Failed to open ssh port.");
+  exit(-1);
 }
 
 paths = find_bin(prog_name:"pango-view", sock:sock);
-foreach pangobin (paths)
+foreach executableFile (paths)
 {
-  pangoVer = get_bin_version(full_prog_name:chomp(pangobin), sock:sock,
+  executableFile = chomp(executableFile);
+  pangoVer = get_bin_version(full_prog_name:executableFile, sock:sock,
                              version_argv:"--version", ver_pattern:"([0-9.]+)");
   if(pangoVer[1] != NULL){
     set_kb_item(name:"Pango/Ver", value:pangoVer[1]);
-    security_note(data:"Pango version " + pangoVer[1] + " running at location "+
-                       pangobin +  " was detected on the host");
-   
-    ## build cpe and store it as host_detail
     cpe = build_cpe(value:pangoVer[1], exp:"^([0-9.]+)", base:"cpe:/a:pango:pango:");
     if(!isnull(cpe))
-       register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+      register_product(cpe:cpe, location:executableFile, nvt:SCRIPT_OID);
+    else
+      cpe = "Failed";
 
+    log_message(data:'Detected Pango version: ' + pangoVer[1] +
+        '\nLocation: ' + executableFile +
+        '\nCPE: '+ cpe +
+        '\n\nConcluded from version identification result:\n' + pangoVer[max_index(pangoVer)-1]);
   }
 }
 ssh_close_connection();

Modified: trunk/openvas-plugins/scripts/secpod_pidgin_detect_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_pidgin_detect_lin.nasl	2011-11-25 17:03:39 UTC (rev 12200)
+++ trunk/openvas-plugins/scripts/secpod_pidgin_detect_lin.nasl	2011-11-25 22:22:12 UTC (rev 12201)
@@ -13,6 +13,9 @@
 # Modified to detect multiple versions by using find_file().
 #  - By Nikita MR <rnikita at secpod.com> On 2009-09-15 #4622
 #
+# Updated by: <jan-oliver.wagner at greenbone.net> on 2011-11-24
+# Revised to comply with Change Request #57.
+#
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2
 # (or any later version), as published by the Free Software Foundation.
@@ -27,58 +30,63 @@
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 ###############################################################################
 
+SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900661";
+
 if(description)
 {
-  script_id(900661);
+  script_oid(SCRIPT_OID);
   script_version("$Revision$");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-06-01 09:35:57 +0200 (Mon, 01 Jun 2009)");
   script_tag(name:"risk_factor", value:"None");
+  script_tag(name:"cvss_base", value:"0.0");
+  script_tag(name:"detection", value:"executable version check");
   script_name("Pidgin Version Detection (Linux)");
-  desc = "
-  Overview: This script detects the installed version of Pidgin and
-  sets the result in KB.";
+  script_description("Detection of installed version of Pidgin.
 
-  script_description(desc);
-  script_summary("Sets KB for the version of Pidgin");
+The script logs in via ssh, searches for executable 'pidgin' and
+queries the found executables via command line option '--version'.");
+  script_summary("Detection of installed version of Pidgin");
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2009 SecPod");
-  script_family("Service detection");
+  script_family("Product detection");
   exit(0);
 }
 
-
 include("ssh_func.inc");
 include("version_func.inc");
 include("cpe.inc");
 include("host_details.inc");
 
-## Constant values
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900661";
-SCRIPT_DESC = "Pidgin Version Detection (Linux)";
-
 sock = ssh_login_or_reuse_connection();
-if(!sock)
-  exit(0);
+if(!sock) {
+  if (defined_func("error_message"))
+    error_message(port:port, data:"Failed to open ssh port.");
+  exit(-1);
+}
 
 paths = find_file(file_name:"pidgin", file_path:"/", useregex:TRUE,
                   regexpar:"$", sock:sock);
 
-foreach pidginbin (paths)
+foreach executableFile (paths)
 {
-  pidginVer = get_bin_version(full_prog_name:chomp(pidginbin), sock:sock,
+  executableFile = chomp(executableFile);
+  pidginVer = get_bin_version(full_prog_name:executableFile, sock:sock,
                               version_argv:"--version",
                               ver_pattern:"Pidgin ([0-9.]+)");
   if(pidginVer[1] != NULL){
     set_kb_item(name:"Pidgin/Lin/Ver", value:pidginVer[1]);
-    security_note(data:"Pidgin version " + pidginVer[1] + " running at " +
-                       "location " + pidginbin +  " was detected on the host");
-   
-    ## build cpe and store it as host_detail
     cpe = build_cpe(value:pidginVer[1], exp:"^([0-9.]+)", base:"cpe:/a:pidgin:pidgin:");
     if(!isnull(cpe))
-       register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+      register_product(cpe:cpe, location:executableFile, nvt:SCRIPT_OID);
+    else
+      cpe = "Failed";
 
+    log_message(data:'Detected Pidgin version: ' + pidginVer[1] +
+        '\nLocation: ' + executableFile +
+        '\nCPE: '+ cpe +
+        '\n\nConcluded from version identification result:\n' + pidginVer[max_index(pidginVer)-1]);
   }
 }
+
 ssh_close_connection();

Modified: trunk/openvas-plugins/scripts/secpod_postgresql_detect_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_postgresql_detect_lin.nasl	2011-11-25 17:03:39 UTC (rev 12200)
+++ trunk/openvas-plugins/scripts/secpod_postgresql_detect_lin.nasl	2011-11-25 22:22:12 UTC (rev 12201)
@@ -1,4 +1,4 @@
-#####################i##i########################################################
+###############################################################################
 # OpenVAS Vulnerability Test
 # $Id$
 #
@@ -7,6 +7,9 @@
 # Authors:
 # Sujit Ghosal <sghosal at secpod.com>
 #
+# Updated by: <jan-oliver.wagner at greenbone.net> on 2011-11-24
+# Revised to comply with Change Request #57.
+#
 # Copyright:
 # Copyright (c) 2009 SecPod, http://www.secpod.com
 #
@@ -24,24 +27,26 @@
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 ###############################################################################
 
+SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900478";
+
 if(description)
 {
-  script_id(900478);
+  script_oid(SCRIPT_OID);
   script_version("$Revision$");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-03-26 11:19:12 +0100 (Thu, 26 Mar 2009)");
   script_tag(name:"risk_factor", value:"None");
+  script_tag(name:"cvss_base", value:"0.0");
+  script_tag(name:"detection", value:"executable version check");
   script_name("PostgreSQL Version Detection (Linux)");
-  desc = "
+  script_description("Detection of installed version of PostgreSQL.
 
-  Overview: The script detects the installed version of PostgreSQL and sets
-  the result in KB.";
-
-  script_description(desc);
-  script_summary("Set the KB for the Version of PostgreSQL");
+The script logs in via ssh, searches for executable 'psql' and
+queries the found executables via command line option '--version'.");
+  script_summary("Detection of installed version of PostgreSQL");
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2009 SecPod");
-  script_family("General");
+  script_family("Product detection");
   exit(0);
 }
 
@@ -50,35 +55,32 @@
 include("ssh_func.inc");
 include("version_func.inc");
 
-## Constant values
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900478";
-SCRIPT_DESC = "PostgreSQL Version Detection (Linux)";
-
 sock = ssh_login_or_reuse_connection();
 if(!sock){
-  exit(0);
+  if (defined_func("error_message"))
+    error_message(port:port, data:"Failed to open ssh port.");
+  exit(-1);
 }
 
 postgresql = find_file(file_name:"psql", file_path:"/", useregex:TRUE,
                         regexpar:"$", sock:sock);
-foreach binaryName (postgresql)
+foreach executableFile (postgresql)
 {
-  binaryName = chomp(binaryName);
-  postgresqlVer = get_bin_version(full_prog_name:binaryName, version_argv:"--version",
+  executableFile = chomp(executableFile);
+  postgresqlVer = get_bin_version(full_prog_name:executableFile, version_argv:"--version",
                                   ver_pattern:"psql \(PostgreSQL\) ([0-9.]+)", sock:sock);
   if(postgresqlVer[1] != NULL)
   {
     set_kb_item(name:"PostgreSQL/Lin/Ver", value:postgresqlVer[1]);
-    security_note(data:"PostgreSQL version " + postgresqlVer[1] + " running at"+
-                       " location " + binaryName +  " was detected on the host");
-    ssh_close_connection();
-
-    ## build cpe and store it as host_detail
     cpe = build_cpe(value: postgresqlVer[1], exp:"^([0-9.]+)",base:"cpe:/a:postgresql:postgresql:");
     if(!isnull(cpe))
-       register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+      register_product(cpe:cpe, location:executableFile, nvt:SCRIPT_OID);
 
-    exit(0);
+    log_message(data:'Detected PostgreSQL version: ' + postgresqlVer[1] +
+        '\nLocation: ' + executableFile +
+        '\nCPE: '+ cpe +
+        '\n\nConcluded from version identification result:\n' + postgresqlVer[max_index(postgresqlVer)-1]);
   }
 }
+
 ssh_close_connection();



More information about the Openvas-commits mailing list