[Openvas-commits] r13813 - in trunk/openvas-plugins: . scripts
scm-commit at wald.intevation.org
scm-commit at wald.intevation.org
Tue Jul 31 16:05:48 CEST 2012
Author: antu123
Date: 2012-07-31 16:05:43 +0200 (Tue, 31 Jul 2012)
New Revision: 13813
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/scripts/JM_Fluxay.nasl
trunk/openvas-plugins/scripts/JM_RemoteNC.nasl
trunk/openvas-plugins/scripts/JM_Wollf.nasl
trunk/openvas-plugins/scripts/Jserv_css.nasl
trunk/openvas-plugins/scripts/gb_tele_data_contact_management_server_dir_trav_vuln.nasl
trunk/openvas-plugins/scripts/gb_tikiwiki_url_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_tiny_server_file_disc_vuln.nasl
trunk/openvas-plugins/scripts/gb_trixbox_info_disc_vuln.nasl
trunk/openvas-plugins/scripts/gb_tversity_dir_trav_vuln.nasl
trunk/openvas-plugins/scripts/gb_typsoft_ftp_server_mult_cmd_dos_vuln.nasl
trunk/openvas-plugins/scripts/gb_vanilla_forum_lfi_vuln.nasl
trunk/openvas-plugins/scripts/gb_vbsedit_dos_vuln.nasl
trunk/openvas-plugins/scripts/gb_vbulletin_vbtube_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_vertrigo_serv_ext_param_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_viart_cms_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_vmware_web_server_dir_trav_vuln_win.nasl
trunk/openvas-plugins/scripts/gb_webcalendar_mult_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_webfilebrowser_file_download_vuln.nasl
trunk/openvas-plugins/scripts/gb_wiccle_multiple_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_wikidforum_mult_xss_n_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_cartpress_plugin_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_comment_rating_plugin_mult_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_comment_rating_plugin_sql_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_gd_star_rating_plugin_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_grand_fia_gallery_plugin_dir_trav_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_inline_gallery_plugin_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_iwantonebutton_plugin_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_media_library_categories_plugin_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_ops_old_post_spinner_plugin_ops_file_dir_trav.nasl
trunk/openvas-plugins/scripts/gb_wordpress_photosmash_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_code_exec_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_title_param_xss.nasl
trunk/openvas-plugins/scripts/gb_wordpress_register_plus_redux_mult_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_tagninja_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_upm_polls_plugin_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_whois_plugin_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_wp_forum_server_plugin_sql_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_wpecommerce_plugin_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_wordpress_zingiri_tickets_file_disc_vuln.nasl
trunk/openvas-plugins/scripts/gb_xadataface_webauction_n_librariandb_mult_vuln.nasl
trunk/openvas-plugins/scripts/gb_xampp_mult_xss_vuln.nasl
trunk/openvas-plugins/scripts/gb_xampp_webdav_php_upload_vuln.nasl
trunk/openvas-plugins/scripts/gb_xdataface_dataface_lfi_vuln.nasl
trunk/openvas-plugins/scripts/gb_xnview_mult_bof_vuln_mar12_win.nasl
trunk/openvas-plugins/scripts/gb_xoops_imagemanager_lfi_vuln.nasl
trunk/openvas-plugins/scripts/gb_zeuscart_xss_vuln.nasl
trunk/openvas-plugins/scripts/gentoo_unmaintained_packages.nasl
trunk/openvas-plugins/scripts/home_ftp_server_37041.nasl
trunk/openvas-plugins/scripts/ilohamail_email_header_html_injection.nasl
trunk/openvas-plugins/scripts/secpod_ms_ie_web_script_exec_vuln_jun09.nasl
trunk/openvas-plugins/scripts/secpod_ms_iis_default_welcome_page_info_disc_vuln.nasl
trunk/openvas-plugins/scripts/secpod_ms_iis_internal_ip_addr_disc_vuln.nasl
trunk/openvas-plugins/scripts/secpod_ms_smb_signing_info_disc_vuln.nasl
trunk/openvas-plugins/scripts/secpod_musicbox_sql_n_xss_vuln.nasl
trunk/openvas-plugins/scripts/secpod_mybb_tag_param_xss_vuln.nasl
trunk/openvas-plugins/scripts/secpod_myre_real_estate_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/secpod_nagiosxi_mult_xss_vuln.nasl
trunk/openvas-plugins/scripts/secpod_nam_carportal_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl
trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl
trunk/openvas-plugins/scripts/secpod_objectivity_db_adv_multi_trd_srv_dos_vuln.nasl
trunk/openvas-plugins/scripts/secpod_objectivity_db_lock_srv_dos_vuln.nasl
trunk/openvas-plugins/scripts/secpod_openx_ad_server_csrf_vuln.nasl
trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_lin.nasl
trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_win.nasl
trunk/openvas-plugins/scripts/secpod_oracle_http_server_xss_header_injection_vuln.nasl
trunk/openvas-plugins/scripts/secpod_oraclejsp_demos_mult_xss_vuln.nasl
trunk/openvas-plugins/scripts/secpod_orangehrm_lfi_vuln.nasl
trunk/openvas-plugins/scripts/secpod_oscss_id_param_dir_trav_vuln.nasl
trunk/openvas-plugins/scripts/secpod_php_built_in_web_srv_dos_vuln.nasl
trunk/openvas-plugins/scripts/secpod_php_nuke_sid_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/secpod_phpbb_mypage_plugin_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/secpod_phpbugtracker_multiple_xss.nasl
trunk/openvas-plugins/scripts/secpod_phpmyadmin_xss_vuln_900134.nasl
trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl
trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_win_900020.nasl
trunk/openvas-plugins/scripts/secpod_putty_dos_vuln_win.nasl
trunk/openvas-plugins/scripts/secpod_rhinosoft_serv-u_dir_trav_and_dos_vuln_900149.nasl
trunk/openvas-plugins/scripts/secpod_ricoh_dc_dl10_ftp_user_bof_vuln.nasl
trunk/openvas-plugins/scripts/secpod_sitemagic_cms_dir_traversal_vuln.nasl
trunk/openvas-plugins/scripts/secpod_smallftpd_mult_requests_dos_vuln.nasl
trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl
trunk/openvas-plugins/scripts/secpod_smartftp_client_info_disc_vuln.nasl
trunk/openvas-plugins/scripts/secpod_snews_reorder_xss_vuln.nasl
trunk/openvas-plugins/scripts/secpod_solarwinds_orion_storage_manager_mult_vuln.nasl
trunk/openvas-plugins/scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl
trunk/openvas-plugins/scripts/secpod_ssl_cookie_secure_flag_info_disc_vuln.nasl
trunk/openvas-plugins/scripts/secpod_support_incident_tracker_mult_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/secpod_telnet_ftp_server_dos_vuln.nasl
trunk/openvas-plugins/scripts/secpod_tikiwiki_show_errors_stored_xss_vuln.nasl
trunk/openvas-plugins/scripts/secpod_timelive_time_and_expense_tracking_mult_vuln.nasl
trunk/openvas-plugins/scripts/secpod_tiny_server_http_head_dos_vuln.nasl
trunk/openvas-plugins/scripts/secpod_todayu_xss_vuln.nasl
trunk/openvas-plugins/scripts/secpod_tvp_taghandling_bof_vuln_900409.nasl
trunk/openvas-plugins/scripts/secpod_vbulletin_search_mult_sql_inj_vuln.nasl
trunk/openvas-plugins/scripts/secpod_win_media_player_dos_vuln.nasl
trunk/openvas-plugins/scripts/secpod_wintftp_server_dir_trav_vuln.nasl
trunk/openvas-plugins/scripts/secpod_wordpress_backwpup_plugin_code_exec_vuln.nasl
trunk/openvas-plugins/scripts/secpod_wordpress_zingiri_web_shop_rfi_vuln.nasl
Log:
Added cvss_base, cvss_base_vector and updated risk_factor tags.
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/ChangeLog 2012-07-31 14:05:43 UTC (rev 13813)
@@ -1,5 +1,109 @@
2012-07-31 Antu Sanadi <santu at secpod.com>
+ * scripts/gb_tele_data_contact_management_server_dir_trav_vuln.nasl,
+ scripts/gb_tikiwiki_url_xss_vuln.nasl,
+ scripts/gb_tiny_server_file_disc_vuln.nasl,
+ scripts/gb_trixbox_info_disc_vuln.nasl,
+ scripts/gb_tversity_dir_trav_vuln.nasl,
+ scripts/gb_typsoft_ftp_server_mult_cmd_dos_vuln.nasl,
+ scripts/gb_vanilla_forum_lfi_vuln.nasl,
+ scripts/gb_vbsedit_dos_vuln.nasl,
+ scripts/gb_vbulletin_vbtube_xss_vuln.nasl,
+ scripts/gb_vertrigo_serv_ext_param_xss_vuln.nasl,
+ scripts/gb_viart_cms_xss_vuln.nasl,
+ scripts/gb_vmware_web_server_dir_trav_vuln_win.nasl,
+ scripts/gb_webcalendar_mult_xss_vuln.nasl,
+ scripts/gb_webfilebrowser_file_download_vuln.nasl,
+ scripts/gb_wiccle_multiple_xss_vuln.nasl,
+ scripts/gb_wikidforum_mult_xss_n_sql_inj_vuln.nasl,
+ scripts/gb_wordpress_cartpress_plugin_xss_vuln.nasl,
+ scripts/gb_wordpress_comment_rating_plugin_mult_vuln.nasl,
+ scripts/gb_wordpress_comment_rating_plugin_sql_vuln.nasl,
+ scripts/gb_wordpress_gd_star_rating_plugin_sql_inj_vuln.nasl,
+ scripts/gb_wordpress_grand_fia_gallery_plugin_dir_trav_vuln.nasl,
+ scripts/gb_wordpress_inline_gallery_plugin_xss_vuln.nasl,
+ scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl,
+ scripts/gb_wordpress_iwantonebutton_plugin_xss_vuln.nasl,
+ scripts/gb_wordpress_media_library_categories_plugin_sql_inj_vuln.nasl,
+ scripts/gb_wordpress_ops_old_post_spinner_plugin_ops_file_dir_trav.nasl,
+ scripts/gb_wordpress_photosmash_xss_vuln.nasl,
+ scripts/gb_wordpress_php_speedy_plugin_code_exec_vuln.nasl,
+ scripts/gb_wordpress_php_speedy_plugin_title_param_xss.nasl,
+ scripts/gb_wordpress_register_plus_redux_mult_xss_vuln.nasl,
+ scripts/gb_wordpress_tagninja_xss_vuln.nasl,
+ scripts/gb_wordpress_upm_polls_plugin_sql_inj_vuln.nasl,
+ scripts/gb_wordpress_whois_plugin_xss_vuln.nasl,
+ scripts/gb_wordpress_wpecommerce_plugin_xss_vuln.nasl,
+ scripts/gb_wordpress_wp_forum_server_plugin_sql_vuln.nasl,
+ scripts/gb_wordpress_zingiri_tickets_file_disc_vuln.nasl,
+ scripts/gb_xadataface_webauction_n_librariandb_mult_vuln.nasl,
+ scripts/gb_xampp_mult_xss_vuln.nasl,
+ scripts/gb_xampp_webdav_php_upload_vuln.nasl,
+ scripts/gb_xdataface_dataface_lfi_vuln.nasl,
+ scripts/gb_xnview_mult_bof_vuln_mar12_win.nasl,
+ scripts/gb_xoops_imagemanager_lfi_vuln.nasl,
+ scripts/gb_zeuscart_xss_vuln.nasl,
+ scripts/gentoo_unmaintained_packages.nasl,
+ scripts/home_ftp_server_37041.nasl,
+ scripts/ilohamail_email_header_html_injection.nasl,
+ scripts/JM_Fluxay.nasl,
+ scripts/JM_RemoteNC.nasl,
+ scripts/JM_Wollf.nasl,
+ scripts/Jserv_css.nasl,
+ scripts/secpod_ms_ie_web_script_exec_vuln_jun09.nasl,
+ scripts/secpod_ms_iis_default_welcome_page_info_disc_vuln.nasl,
+ scripts/secpod_ms_iis_internal_ip_addr_disc_vuln.nasl,
+ scripts/secpod_ms_smb_signing_info_disc_vuln.nasl,
+ scripts/secpod_musicbox_sql_n_xss_vuln.nasl,
+ scripts/secpod_mybb_tag_param_xss_vuln.nasl,
+ scripts/secpod_myre_real_estate_sql_inj_vuln.nasl,
+ scripts/secpod_nagiosxi_mult_xss_vuln.nasl,
+ scripts/secpod_nam_carportal_sql_inj_vuln.nasl,
+ scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl,
+ scripts/secpod_novell_edir_mult_vuln_win_900209.nasl,
+ scripts/secpod_objectivity_db_adv_multi_trd_srv_dos_vuln.nasl,
+ scripts/secpod_objectivity_db_lock_srv_dos_vuln.nasl,
+ scripts/secpod_openx_ad_server_csrf_vuln.nasl,
+ scripts/secpod_opera_web_script_exec_vuln_jun09_lin.nasl,
+ scripts/secpod_opera_web_script_exec_vuln_jun09_win.nasl,
+ scripts/secpod_oracle_http_server_xss_header_injection_vuln.nasl,
+ scripts/secpod_oraclejsp_demos_mult_xss_vuln.nasl,
+ scripts/secpod_orangehrm_lfi_vuln.nasl,
+ scripts/secpod_oscss_id_param_dir_trav_vuln.nasl,
+ scripts/secpod_phpbb_mypage_plugin_sql_inj_vuln.nasl,
+ scripts/secpod_phpbugtracker_multiple_xss.nasl,
+ scripts/secpod_php_built_in_web_srv_dos_vuln.nasl,
+ scripts/secpod_phpmyadmin_xss_vuln_900134.nasl,
+ scripts/secpod_php_nuke_sid_sql_inj_vuln.nasl,
+ scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl,
+ scripts/secpod_pidgin_ssl_sec_bypass_vuln_win_900020.nasl,
+ scripts/secpod_putty_dos_vuln_win.nasl,
+ scripts/secpod_rhinosoft_serv-u_dir_trav_and_dos_vuln_900149.nasl,
+ scripts/secpod_ricoh_dc_dl10_ftp_user_bof_vuln.nasl,
+ scripts/secpod_sitemagic_cms_dir_traversal_vuln.nasl,
+ scripts/secpod_smallftpd_mult_requests_dos_vuln.nasl,
+ scripts/secpod_smartermail_multiple_vuln.nasl,
+ scripts/secpod_smartftp_client_info_disc_vuln.nasl,
+ scripts/secpod_snews_reorder_xss_vuln.nasl,
+ scripts/secpod_solarwinds_orion_storage_manager_mult_vuln.nasl,
+ scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl,
+ scripts/secpod_ssl_cookie_secure_flag_info_disc_vuln.nasl,
+ scripts/secpod_support_incident_tracker_mult_sql_inj_vuln.nasl,
+ scripts/secpod_telnet_ftp_server_dos_vuln.nasl,
+ scripts/secpod_tikiwiki_show_errors_stored_xss_vuln.nasl,
+ scripts/secpod_timelive_time_and_expense_tracking_mult_vuln.nasl,
+ scripts/secpod_tiny_server_http_head_dos_vuln.nasl,
+ scripts/secpod_todayu_xss_vuln.nasl,
+ scripts/secpod_tvp_taghandling_bof_vuln_900409.nasl,
+ scripts/secpod_vbulletin_search_mult_sql_inj_vuln.nasl,
+ scripts/secpod_win_media_player_dos_vuln.nasl,
+ scripts/secpod_wintftp_server_dir_trav_vuln.nasl,
+ scripts/secpod_wordpress_backwpup_plugin_code_exec_vuln.nasl,
+ scripts/secpod_wordpress_zingiri_web_shop_rfi_vuln.nasl:
+ Added cvss_base, cvss_base_vector and updated risk_factor tags.
+
+2012-07-31 Antu Sanadi <santu at secpod.com>
+
* scripts/gb_httpdx_wildcards_remote_dos_vuln.nasl,
scripts/gb_httpdx_post_req_bof_vuln.nasl,
scripts/gb_apple_safari_mult_vuln_jul12_macosx.nasl,
Modified: trunk/openvas-plugins/scripts/JM_Fluxay.nasl
===================================================================
--- trunk/openvas-plugins/scripts/JM_Fluxay.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/JM_Fluxay.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"risk_factor", value:"Critical");
name = "Fluxay Sensor Detection";
script_name(name);
Property changes on: trunk/openvas-plugins/scripts/JM_Fluxay.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/JM_RemoteNC.nasl
===================================================================
--- trunk/openvas-plugins/scripts/JM_RemoteNC.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/JM_RemoteNC.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,6 +33,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"risk_factor", value:"Critical");
name = "RemoteNC detection";
script_name(name);
Property changes on: trunk/openvas-plugins/scripts/JM_RemoteNC.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/JM_Wollf.nasl
===================================================================
--- trunk/openvas-plugins/scripts/JM_Wollf.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/JM_Wollf.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"risk_factor", value:"Critical");
name = "Wollf backdoor detection";
script_name(name);
Property changes on: trunk/openvas-plugins/scripts/JM_Wollf.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/Jserv_css.nasl
===================================================================
--- trunk/openvas-plugins/scripts/Jserv_css.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/Jserv_css.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -28,7 +28,8 @@
script_version("$Revision$");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
- script_tag(name:"cvss_base", value:"3.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
name = "JServ Cross Site Scripting";
script_name(name);
@@ -48,10 +49,8 @@
Upgrade to the latest version of JServ available at http://java.apache.org.
Also consider switching from JServ to TomCat, since JServ is no longer
-maintained.
+maintained. ";
-CVSS Base Score : 3 (AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
-
script_description(desc);
summary = "Tests for JServ Cross Site Scripting";
Property changes on: trunk/openvas-plugins/scripts/Jserv_css.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_tele_data_contact_management_server_dir_trav_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_tele_data_contact_management_server_dir_trav_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_tele_data_contact_management_server_dir_trav_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -28,9 +28,11 @@
{
script_id(801899);
script_version("$Revision$");
+ script_bugtraq_id(48114);
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-06-13 15:28:04 +0200 (Mon, 13 Jun 2011)");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("Tele Data Contact Management Server Directory Traversal Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_tele_data_contact_management_server_dir_trav_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_tikiwiki_url_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_tikiwiki_url_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_tikiwiki_url_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,6 +34,7 @@
script_cve_id("CVE-2011-4454", "CVE-2011-4455");
script_bugtraq_id(50683);
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-12-06 16:09:33 +0530 (Tue, 06 Dec 2011)");
Modified: trunk/openvas-plugins/scripts/gb_tiny_server_file_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_tiny_server_file_disc_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_tiny_server_file_disc_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(802721);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-21 10:53:33 +0530 (Wed, 21 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/gb_trixbox_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_trixbox_info_disc_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_trixbox_info_disc_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"creation_date", value:"2011-07-13 17:31:13 +0200 (Wed, 13 Jul 2011)");
script_bugtraq_id(48503);
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("Trixbox Information Disclosure Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_trixbox_info_disc_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_tversity_dir_trav_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_tversity_dir_trav_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_tversity_dir_trav_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(802619);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-15 12:12:12 +0530 (Thu, 15 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/gb_typsoft_ftp_server_mult_cmd_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_typsoft_ftp_server_mult_cmd_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_typsoft_ftp_server_mult_cmd_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,8 +29,9 @@
script_id(802605);
script_version("$Revision$");
script_bugtraq_id(51891);
- script_tag(name:"cvss_base", value:"5.0");
- script_tag(name:"risk_factor", value:"Medium");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+ script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-02-08 12:12:12 +0530 (Wed, 08 Feb 2012)");
script_name("TYPSoft FTP Server Multiple Commands Remote Denial of Service Vulnerabilities");
@@ -143,7 +144,7 @@
banner = recv(socket:soc1, length:512);
if(! banner || "TYPSoft FTP Server" >!< banner)
{
- security_warning(ftpPort);
+ security_hole(ftpPort);
exit(0);
}
ftp_close(socket:soc1);
Modified: trunk/openvas-plugins/scripts/gb_vanilla_forum_lfi_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_vanilla_forum_lfi_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_vanilla_forum_lfi_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-06-07 13:29:28 +0200 (Tue, 07 Jun 2011)");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("Vanilla Forum Local File Inclusion Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_vanilla_forum_lfi_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_vbsedit_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_vbsedit_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_vbsedit_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,7 +31,8 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2010-08-25 17:02:03 +0200 (Wed, 25 Aug 2010)");
script_bugtraq_id(42525);
- script_tag(name:"cvss_base", value:"5.8");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Adersoft VbsEdit '.vbs' File Denial Of Service Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_vbsedit_dos_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_vbulletin_vbtube_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_vbulletin_vbtube_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_vbulletin_vbtube_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -28,9 +28,11 @@
{
script_id(802209);
script_version("$Revision$");
+ script_bugtraq_id(48280);
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-06-17 11:16:31 +0200 (Fri, 17 Jun 2011)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("vBulletin vBTube Multiple Cross-Site Scripting Vulnerabilities");
desc = "
@@ -56,6 +58,8 @@
For updates refer, http://www.vbulletin.org/forum/showthread.php?t=173083
References:
+ http://xforce.iss.net/xforce/xfdb/68060
+ http://www.vbulletin.org/forum/showthread.php?t=173083
http://packetstormsecurity.org/files/view/102238/vbtube129-xss.txt ";
script_description(desc);
Property changes on: trunk/openvas-plugins/scripts/gb_vbulletin_vbtube_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_vertrigo_serv_ext_param_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_vertrigo_serv_ext_param_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_vertrigo_serv_ext_param_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -28,7 +28,8 @@
{
script_id(802556);
script_version("$Revision$");
- script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-01-09 12:11:55 +0530 (Mon, 09 Jan 2012)");
Modified: trunk/openvas-plugins/scripts/gb_viart_cms_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_viart_cms_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_viart_cms_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,8 +31,9 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)");
script_bugtraq_id(41700);
- script_tag(name:"cvss_base", value:"6.0");
- script_tag(name:"risk_factor", value:"High");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
+ script_tag(name:"risk_factor", value:"Medium");
script_name("ViArt CMS 'admin_articles.php' Cross Site Scripting Vulnerability");
desc = "
Overview: This host is running ViArt CMS and is prone to cross site scripting
@@ -99,7 +100,7 @@
{
## Check for ViArt CMS Version 3.6
if(version_is_equal(version:ver[1], test_version:"3.6")){
- security_hole(port);
+ security_warning(port);
}
}
}
Property changes on: trunk/openvas-plugins/scripts/gb_viart_cms_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_vmware_web_server_dir_trav_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_vmware_web_server_dir_trav_vuln_win.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_vmware_web_server_dir_trav_vuln_win.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,7 +30,8 @@
script_version("$Revision$");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2010-12-27 09:55:05 +0100 (Mon, 27 Dec 2010)");
- script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("VMware 2 Web Server Directory Traversal Vulnerability (Win)");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_vmware_web_server_dir_trav_vuln_win.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_webcalendar_mult_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_webcalendar_mult_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_webcalendar_mult_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-07-07 15:43:33 +0200 (Thu, 07 Jul 2011)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("WebCalendar Multiple Cross Site Scripting Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_webcalendar_mult_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_webfilebrowser_file_download_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_webfilebrowser_file_download_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_webfilebrowser_file_download_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -1,6 +1,6 @@
###############################################################################
# OpenVAS Vulnerability Test
-# $Id: gb_webfilebrowser_file_download_vuln.nasl 18358 2011-11-08 17:09:26Z nov $
+# $Id$
#
# Web File Browser 'act' Parameter File Download Vulnerability
#
@@ -27,11 +27,13 @@
if(description)
{
script_id(802341);
- script_version("$Revision: $");
+ script_version("$Revision$");
+ script_cve_id("CVE-2011-4831");
script_bugtraq_id(50508);
- script_tag(name:"cvss_base", value:"7.5");
- script_tag(name:"risk_factor", value:"High");
- script_tag(name:"last_modification", value:"$Date: $");
+ script_tag(name:"cvss_base", value:"4.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:P/I:N/A:N");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-11-08 17:09:26 +0530 (Tue, 08 Nov 2011)");
script_name("Web File Browser 'act' Parameter File Download Vulnerability");
desc = "
@@ -113,7 +115,7 @@
## Confirm exploit worked properly or not
if(http_vuln_check(port:port, url:url,pattern:file))
{
- security_hole(port:port);
+ security_warning(port:port);
exit(0);
}
}
Property changes on: trunk/openvas-plugins/scripts/gb_webfilebrowser_file_download_vuln.nasl
___________________________________________________________________
Added: svn:keywords
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wiccle_multiple_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wiccle_multiple_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wiccle_multiple_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"creation_date", value:"2011-08-04 10:01:53 +0200 (Thu, 04 Aug 2011)");
script_bugtraq_id(44295);
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("Wiccle Web Builder CMS and iWiccle CMS Community Builder Multiple XSS Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wiccle_multiple_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wikidforum_mult_xss_n_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wikidforum_mult_xss_n_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wikidforum_mult_xss_n_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,6 +30,7 @@
script_version("$Revision$");
script_bugtraq_id(52425);
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-16 13:30:44 +0530 (Fri, 16 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/gb_wordpress_cartpress_plugin_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_cartpress_plugin_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_cartpress_plugin_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_oid(SCRIPT_OID);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-01-04 13:54:24 +0530 (Wed, 04 Jan 2012)");
Modified: trunk/openvas-plugins/scripts/gb_wordpress_comment_rating_plugin_mult_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_comment_rating_plugin_mult_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_comment_rating_plugin_mult_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,6 +33,7 @@
script_version("$Revision$");
script_bugtraq_id(51241);
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-01-04 17:17:17 +0530 (Wed, 04 Jan 2012)");
Modified: trunk/openvas-plugins/scripts/gb_wordpress_comment_rating_plugin_sql_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_comment_rating_plugin_sql_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_comment_rating_plugin_sql_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,8 +33,9 @@
script_version("$Revision$");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-03-10 13:33:28 +0100 (Thu, 10 Mar 2011)");
- script_tag(name:"cvss_base", value:"4.3");
- script_tag(name:"risk_factor", value:"Medium");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+ script_tag(name:"risk_factor", value:"High");
script_name("WordPress Comment Rating 'id' Parameter SQL Injection Vulnerability");
desc = "
Overview:
@@ -105,6 +106,6 @@
if(http_vuln_check(port:port, url:url, pattern:"You have an error in" +
" your SQL syntax", check_header: TRUE))
{
- security_warning(port);
+ security_hole(port);
exit(0);
}
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_comment_rating_plugin_sql_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_gd_star_rating_plugin_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_gd_star_rating_plugin_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_gd_star_rating_plugin_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -35,6 +35,7 @@
script_tag(name:"creation_date", value:"2011-06-13 15:28:04 +0200 (Mon, 13 Jun 2011)");
script_bugtraq_id(48166);
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("WordPress GD Star Rating Plugin 'votes' Parameter SQL Injection Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_gd_star_rating_plugin_sql_inj_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_grand_fia_gallery_plugin_dir_trav_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_grand_fia_gallery_plugin_dir_trav_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_grand_fia_gallery_plugin_dir_trav_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,6 +34,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-04-22 16:38:12 +0200 (Fri, 22 Apr 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("WordPress GRAND Flash Album Gallery Plugin Multiple Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_grand_fia_gallery_plugin_dir_trav_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_inline_gallery_plugin_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_inline_gallery_plugin_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_inline_gallery_plugin_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,7 +34,8 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-05-11 15:50:14 +0200 (Wed, 11 May 2011)");
script_bugtraq_id(46781);
- script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("WordPress Inline Gallery 'do' Parameter Cross-site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_inline_gallery_plugin_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -35,6 +35,7 @@
script_tag(name:"creation_date", value:"2011-09-16 17:22:17 +0200 (Fri, 16 Sep 2011)");
script_bugtraq_id(49168);
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("WordPress IP Logger Plugin map-details.php SQL Injection Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_iwantonebutton_plugin_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_iwantonebutton_plugin_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_iwantonebutton_plugin_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,6 +34,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-03-10 13:33:28 +0100 (Thu, 10 Mar 2011)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("WordPress IWantOneButton 'post_id' Parameter Cross-site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_iwantonebutton_plugin_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_media_library_categories_plugin_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_media_library_categories_plugin_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_media_library_categories_plugin_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -35,6 +35,7 @@
script_tag(name:"creation_date", value:"2011-08-12 14:44:50 +0200 (Fri, 12 Aug 2011)");
script_bugtraq_id(49062);
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("WordPress Media Library Categories Plugin 'termid' Parameter SQL Injection Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_media_library_categories_plugin_sql_inj_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_ops_old_post_spinner_plugin_ops_file_dir_trav.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_ops_old_post_spinner_plugin_ops_file_dir_trav.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_ops_old_post_spinner_plugin_ops_file_dir_trav.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,8 +33,9 @@
script_version("$Revision$");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-04-22 16:38:12 +0200 (Fri, 22 Apr 2011)");
- script_tag(name:"cvss_base", value:"7.5");
- script_tag(name:"risk_factor", value:"High");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
+ script_tag(name:"risk_factor", value:"Medium");
script_name("WordPress OPS Old Post Spinner Plugin 'ops_file' Parameter Directory Traversal Vulnerability");
desc = "
Overview:
@@ -113,7 +114,7 @@
## Confirm exploit worked properly or not
if(http_vuln_check(port:port, url:url,pattern:file))
{
- security_hole(port:port);
+ security_warning(port:port);
exit(0);
}
}
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_ops_old_post_spinner_plugin_ops_file_dir_trav.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_photosmash_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_photosmash_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_photosmash_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -35,6 +35,7 @@
script_tag(name:"creation_date", value:"2011-05-16 15:25:30 +0200 (Mon, 16 May 2011)");
script_bugtraq_id(46782);
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("PhotoSmash Galleries WordPress Plugin 'action' Parameter XSS Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_photosmash_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_code_exec_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_code_exec_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_code_exec_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -35,6 +35,7 @@
script_tag(name:"creation_date", value:"2011-03-22 08:43:18 +0100 (Tue, 22 Mar 2011)");
script_bugtraq_id(46743);
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("WordPress PHP Speedy Plugin 'page' Parameter Remote PHP Code Execution Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_code_exec_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_title_param_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_title_param_xss.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_title_param_xss.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,6 +34,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-03-16 15:16:52 +0100 (Wed, 16 Mar 2011)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("WordPress PHP Speedy Plugin 'title' Parameter Cross Site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_title_param_xss.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_register_plus_redux_mult_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_register_plus_redux_mult_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_register_plus_redux_mult_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,7 +34,8 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-08-18 14:57:45 +0200 (Thu, 18 Aug 2011)");
script_bugtraq_id(45179);
- script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("WordPress Register Plus Redux Plugin Multiple Cross-Site Scripting Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_register_plus_redux_mult_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_tagninja_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_tagninja_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_tagninja_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"creation_date", value:"2011-02-17 16:08:28 +0100 (Thu, 17 Feb 2011)");
script_bugtraq_id(46090);
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("WordPress TagNinja Plugin 'id' Parameter Cross Site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_tagninja_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_upm_polls_plugin_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_upm_polls_plugin_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_upm_polls_plugin_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,6 +34,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-08-18 14:57:45 +0200 (Thu, 18 Aug 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("WordPress UPM Polls Plugin 'qid' Parameter SQL Injection Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_upm_polls_plugin_sql_inj_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_whois_plugin_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_whois_plugin_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_whois_plugin_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,6 +33,7 @@
script_version("$Revision$");
script_bugtraq_id(51244);
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-01-04 13:54:24 +0530 (Wed, 04 Jan 2012)");
Modified: trunk/openvas-plugins/scripts/gb_wordpress_wp_forum_server_plugin_sql_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_wp_forum_server_plugin_sql_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_wp_forum_server_plugin_sql_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,8 +33,9 @@
script_version("$Revision$");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-03-10 13:33:28 +0100 (Thu, 10 Mar 2011)");
- script_tag(name:"cvss_base", value:"4.3");
- script_tag(name:"risk_factor", value:"Medium");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+ script_tag(name:"risk_factor", value:"High");
script_name("WordPress WP Forum Server 'topic' Parameter SQL Injection Vulnerability");
desc = "
Overview:
@@ -105,6 +106,6 @@
if(http_vuln_check(port:port, url:url, pattern:"<title>.* Topic:" +
" [0-9]+\.[0-9a-zA-Z\.]+ ?</title>", check_header: TRUE))
{
- security_warning(port);
+ security_hole(port);
exit(0);
}
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_wp_forum_server_plugin_sql_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_wpecommerce_plugin_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_wpecommerce_plugin_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_wpecommerce_plugin_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -35,6 +35,7 @@
script_tag(name:"creation_date", value:"2011-08-12 14:44:50 +0200 (Fri, 12 Aug 2011)");
script_bugtraq_id(49009);
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("WordPress WP e-Commerce Plugin 'cart_messages' Parameter Cross-site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_wordpress_wpecommerce_plugin_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_wordpress_zingiri_tickets_file_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_zingiri_tickets_file_disc_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_wordpress_zingiri_tickets_file_disc_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_oid(SCRIPT_OID);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-04-18 11:03:03 +0530 (Wed, 18 Apr 2012)");
Modified: trunk/openvas-plugins/scripts/gb_xadataface_webauction_n_librariandb_mult_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_xadataface_webauction_n_librariandb_mult_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_xadataface_webauction_n_librariandb_mult_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,7 +30,8 @@
script_version("$Revision$");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-09-09 17:36:48 +0200 (Fri, 09 Sep 2011)");
- script_tag(name:"cvss_base", value:"6.4");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_xadataface_webauction_n_librariandb_mult_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_xampp_mult_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_xampp_mult_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_xampp_mult_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-10-28 16:17:13 +0200 (Fri, 28 Oct 2011)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("XAMPP Web Server Multiple Cross Site Scripting Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_xampp_mult_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_xampp_webdav_php_upload_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_xampp_webdav_php_upload_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_xampp_webdav_php_upload_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -28,7 +28,8 @@
{
script_id(802293);
script_version("$Revision$");
- script_tag(name:"cvss_base", value:"6.5");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-01-17 12:12:12 +0530 (Tue, 17 Jan 2012)");
Modified: trunk/openvas-plugins/scripts/gb_xdataface_dataface_lfi_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_xdataface_dataface_lfi_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_xdataface_dataface_lfi_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"creation_date", value:"2011-06-13 15:28:04 +0200 (Mon, 13 Jun 2011)");
script_bugtraq_id(48126);
script_tag(name:"cvss_base", value:"6.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Xataface Dataface '-action' Local File Inclusion Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_xdataface_dataface_lfi_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_xnview_mult_bof_vuln_mar12_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_xnview_mult_bof_vuln_mar12_win.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_xnview_mult_bof_vuln_mar12_win.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,8 +29,9 @@
script_id(802815);
script_version("$Revision$");
script_bugtraq_id(52405);
- script_tag(name:"cvss_base", value:"7.2");
- script_tag(name:"risk_factor", value:"High");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
+ script_tag(name:"risk_factor", value:"Critical");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-15 12:56:44 +0530 (Thu, 15 Mar 2012)");
script_name("XnView Multiple Buffer Overflow Vulnerabilities - Mar12 (Win)");
Modified: trunk/openvas-plugins/scripts/gb_xoops_imagemanager_lfi_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_xoops_imagemanager_lfi_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_xoops_imagemanager_lfi_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"creation_date", value:"2011-05-16 15:25:30 +0200 (Mon, 16 May 2011)");
script_bugtraq_id(47418);
script_tag(name:"cvss_base", value:"6.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Xoops 'imagemanager.php' Local File Inclusion Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_xoops_imagemanager_lfi_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gb_zeuscart_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_zeuscart_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gb_zeuscart_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2010-08-10 14:39:31 +0200 (Tue, 10 Aug 2010)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("ZeusCart 'search' Parameter Cross Site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/gb_zeuscart_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/gentoo_unmaintained_packages.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_unmaintained_packages.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/gentoo_unmaintained_packages.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -42,11 +42,8 @@
Solution:
-Remove or upgrade those packages.
+Remove or upgrade those packages. ";
-CVSS Base Score : 6 (AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)
-';
-
if (description)
{
script_id(24017);
@@ -54,6 +51,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2008-10-08 21:18:44 +0200 (Wed, 08 Oct 2008)");
script_tag(name:"cvss_base", value:"6.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_description( desc);
Property changes on: trunk/openvas-plugins/scripts/gentoo_unmaintained_packages.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/home_ftp_server_37041.nasl
===================================================================
--- trunk/openvas-plugins/scripts/home_ftp_server_37041.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/home_ftp_server_37041.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -48,7 +48,8 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2009-11-18 12:44:57 +0100 (Wed, 18 Nov 2009)");
script_bugtraq_id(37041);
- script_tag(name:"cvss_base", value:"4.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("Home FTP Server 'MKD' Command Directory Traversal Vulnerability");
Property changes on: trunk/openvas-plugins/scripts/home_ftp_server_37041.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/ilohamail_email_header_html_injection.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ilohamail_email_header_html_injection.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/ilohamail_email_header_html_injection.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -28,7 +28,8 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_bugtraq_id(10668);
- script_tag(name:"cvss_base", value:"3.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_tag(name:"risk_factor", value:"Medium");
name = "IlohaMail Email Header HTML Injection Vulnerability";
@@ -51,9 +52,8 @@
Solution :
-Upgrade to IlohaMail version 0.8.13 or later.
+Upgrade to IlohaMail version 0.8.13 or later. ";
-CVSS Base Score : 3 (AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)";
script_description(desc);
summary = "Checks for Email Header HTML Injection vulnerability in IlohaMail";
Property changes on: trunk/openvas-plugins/scripts/ilohamail_email_header_html_injection.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_ms_ie_web_script_exec_vuln_jun09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms_ie_web_script_exec_vuln_jun09.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_ms_ie_web_script_exec_vuln_jun09.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -82,12 +82,8 @@
References:
http://research.microsoft.com/apps/pubs/default.aspx?id=79323
- http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf
+ http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf ";
- CVSS Score Report:
- CVSS Base Score : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P)
- CVSS Temporal Score : 6.1";
-
if(description)
{
script_id(900366);
@@ -95,6 +91,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2009-06-17 17:54:48 +0200 (Wed, 17 Jun 2009)");
script_tag(name:"cvss_base", value:"6.8");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Microsoft Internet Explorer Web Script Execution Vulnerabilites");
script_description(desc1);
Property changes on: trunk/openvas-plugins/scripts/secpod_ms_ie_web_script_exec_vuln_jun09.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_ms_iis_default_welcome_page_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms_iis_default_welcome_page_info_disc_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_ms_iis_default_welcome_page_info_disc_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(802806);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"4.6");
+ script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-02-23 16:21:11 +0530 (Thu, 23 Feb 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_ms_iis_internal_ip_addr_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms_iis_internal_ip_addr_disc_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_ms_iis_internal_ip_addr_disc_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-02-23 15:45:49 +0530 (Thu, 23 Feb 2012)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("Microsoft IIS IP Address/Internal Network Name Disclosure Vulnerability");
desc = "
Modified: trunk/openvas-plugins/scripts/secpod_ms_smb_signing_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms_smb_signing_info_disc_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_ms_smb_signing_info_disc_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(902797);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-04-02 16:53:51 +0530 (Mon, 02 Apr 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_musicbox_sql_n_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_musicbox_sql_n_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_musicbox_sql_n_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-07-27 09:16:39 +0200 (Wed, 27 Jul 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Musicbox SQL Injection and Cross Site Scripting Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_musicbox_sql_n_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_mybb_tag_param_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_mybb_tag_param_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_mybb_tag_param_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,6 +30,7 @@
script_version("$Revision$");
script_bugtraq_id(45388);
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-12-27 15:15:15 +0530 (Tue, 27 Dec 2011)");
Modified: trunk/openvas-plugins/scripts/secpod_myre_real_estate_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_myre_real_estate_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_myre_real_estate_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-07-22 12:16:19 +0200 (Fri, 22 Jul 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("MYRE Real Estate Software URL SQL Injection Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_myre_real_estate_sql_inj_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_nagiosxi_mult_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_nagiosxi_mult_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_nagiosxi_mult_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,6 +30,7 @@
script_version("$Revision$");
script_bugtraq_id(51069);
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-12-16 10:10:10 +0530 (Fri, 16 Dec 2011)");
Modified: trunk/openvas-plugins/scripts/secpod_nam_carportal_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_nam_carportal_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_nam_carportal_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-09-23 16:39:49 +0200 (Fri, 23 Sep 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("NetArt Media Car Portal SQL injection Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_nam_carportal_sql_inj_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,6 +33,7 @@
script_bugtraq_id(30947);
script_copyright("Copyright (C) 2008 SecPod");
script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"risk_factor", value:"Critical");
script_category(ACT_GATHER_INFO);
script_family("Buffer overflow");
@@ -68,12 +69,8 @@
http://securitytracker.com/alerts/2008/Aug/1020788.html
http://securitytracker.com/alerts/2008/Aug/1020787.html
http://securitytracker.com/alerts/2008/Aug/1020786.html
- http://securitytracker.com/alerts/2008/Aug/1020785.html
+ http://securitytracker.com/alerts/2008/Aug/1020785.html ";
- CVSS Score :
- CVSS Base Score : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C)
- CVSS Temporal Score : 6.9";
-
script_description(desc);
script_dependencies("gather-package-list.nasl");
script_require_keys("ssh/login/uname");
Property changes on: trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,6 +33,7 @@
script_bugtraq_id(30947);
script_copyright("Copyright (C) 2008 SecPod");
script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"risk_factor", value:"Critical");
script_category(ACT_GATHER_INFO);
script_family("General");
@@ -68,12 +69,8 @@
http://securitytracker.com/alerts/2008/Aug/1020788.html
http://securitytracker.com/alerts/2008/Aug/1020787.html
http://securitytracker.com/alerts/2008/Aug/1020786.html
- http://securitytracker.com/alerts/2008/Aug/1020785.html
+ http://securitytracker.com/alerts/2008/Aug/1020785.html ";
- CVSS Score :
- CVSS Base Score : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C)
- CVSS Temporal Score : 6.9";
-
script_description(desc);
script_dependencies("secpod_reg_enum.nasl");
script_require_keys("SMB/WindowsVersion");
Property changes on: trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_objectivity_db_adv_multi_trd_srv_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_objectivity_db_adv_multi_trd_srv_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_objectivity_db_adv_multi_trd_srv_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-02-05 04:12:38 +0100 (Sat, 05 Feb 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Objectivity/DB Advanced Multithreaded Server Denial of Service Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_objectivity_db_adv_multi_trd_srv_dos_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_objectivity_db_lock_srv_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_objectivity_db_lock_srv_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_objectivity_db_lock_srv_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-02-05 04:12:38 +0100 (Sat, 05 Feb 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Objectivity/DB Lock Server Denial of Service Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_objectivity_db_lock_srv_dos_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_openx_ad_server_csrf_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_openx_ad_server_csrf_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_openx_ad_server_csrf_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-07-27 09:16:39 +0200 (Wed, 27 Jul 2011)");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("OpenX Ad Server Cross Site Request Forgery Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_openx_ad_server_csrf_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_lin.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_lin.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -93,12 +93,8 @@
References:
http://research.microsoft.com/apps/pubs/default.aspx?id=79323
- http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf
+ http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf ";
- CVSS Score Report:
- CVSS Base Score : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P)
- CVSS Temporal Score : 6.1";
-
if(description)
{
script_id(900368);
@@ -106,6 +102,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2009-06-17 17:54:48 +0200 (Wed, 17 Jun 2009)");
script_tag(name:"cvss_base", value:"6.8");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Opera Web Script Execution Vulnerabilities - June09 (Linux)");
script_description(desc1);
Property changes on: trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_lin.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_win.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_win.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -93,12 +93,8 @@
References:
http://research.microsoft.com/apps/pubs/default.aspx?id=79323
- http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf
+ http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf ";
- CVSS Score Report:
- CVSS Base Score : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P)
- CVSS Temporal Score : 6.1";
-
if(description)
{
script_id(900367);
@@ -106,6 +102,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2009-06-17 17:54:48 +0200 (Wed, 17 Jun 2009)");
script_tag(name:"cvss_base", value:"6.8");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Opera Web Script Execution Vulnerabilities - June09 (Win)");
script_description(desc1);
Property changes on: trunk/openvas-plugins/scripts/secpod_opera_web_script_exec_vuln_jun09_win.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_oracle_http_server_xss_header_injection_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_oracle_http_server_xss_header_injection_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_oracle_http_server_xss_header_injection_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-06-24 16:31:03 +0200 (Fri, 24 Jun 2011)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("Oracle HTTP Server 'Expect' Header Cross-Site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_oracle_http_server_xss_header_injection_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_oraclejsp_demos_mult_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_oraclejsp_demos_mult_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_oraclejsp_demos_mult_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-04-26 15:24:49 +0200 (Tue, 26 Apr 2011)");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("OracleJSP Demos Multiple Cross Site Scripting Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_oraclejsp_demos_mult_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_orangehrm_lfi_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_orangehrm_lfi_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_orangehrm_lfi_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,8 +30,9 @@
script_version("$Revision$");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-05-11 15:50:14 +0200 (Wed, 11 May 2011)");
- script_tag(name:"cvss_base", value:"7.5");
- script_tag(name:"risk_factor", value:"High");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
+ script_tag(name:"risk_factor", value:"Medium");
script_name("OrangeHRM 'PluginController.php' Local File Inclusion Vulnerability");
desc = "
Overview:
@@ -107,7 +108,7 @@
## Confirm exploit worked properly or not
if(http_vuln_check(port:port, url:url,pattern:file))
{
- security_hole(port:port);
+ security_warning(port:port);
exit(0);
}
}
Property changes on: trunk/openvas-plugins/scripts/secpod_orangehrm_lfi_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_oscss_id_param_dir_trav_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_oscss_id_param_dir_trav_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_oscss_id_param_dir_trav_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(902763);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-12-12 03:17:35 +0530 (Mon, 12 Dec 2011)");
Modified: trunk/openvas-plugins/scripts/secpod_php_built_in_web_srv_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_php_built_in_web_srv_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_php_built_in_web_srv_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,6 +30,7 @@
script_bugtraq_id(52704);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"7.8");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-26 15:15:15 +0530 (Mon, 26 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_php_nuke_sid_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_php_nuke_sid_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_php_nuke_sid_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-07-27 09:16:39 +0200 (Wed, 27 Jul 2011)");
script_tag(name:"cvss_base", value:"7.0");
+ script_tag(name:"cvss_base_vector", value:"AV:A/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("PHP-Nuke 'sid' Parameter SQL Injection Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_php_nuke_sid_sql_inj_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_phpbb_mypage_plugin_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_phpbb_mypage_plugin_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_phpbb_mypage_plugin_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(902641);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-12-13 12:30:52 +0530 (Tue, 13 Dec 2011)");
Modified: trunk/openvas-plugins/scripts/secpod_phpbugtracker_multiple_xss.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_phpbugtracker_multiple_xss.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_phpbugtracker_multiple_xss.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-03-25 15:52:06 +0100 (Fri, 25 Mar 2011)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("phpBugTracker Multiple Reflected Cross Site Scripting Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_phpbugtracker_multiple_xss.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_phpmyadmin_xss_vuln_900134.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_phpmyadmin_xss_vuln_900134.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_phpmyadmin_xss_vuln_900134.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,6 +33,7 @@
script_bugtraq_id(31327);
script_copyright("Copyright (C) 2008 SecPod");
script_tag(name:"cvss_base", value:"7.9");
+ script_tag(name:"cvss_base_vector", value:"AV:A/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"risk_factor", value:"High");
script_category(ACT_GATHER_INFO);
script_family("Web application abuses");
@@ -66,12 +67,8 @@
References :
http://www.phpmyadmin.net/home_page/downloads.php?relnotes=1
http://secunia.com/advisories/31974/
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8
+ http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8 ";
- CVSS Score :
- CVSS Base Score : 7.9 (AV:N/AC:M/Au:SI/C:C/I:C/A:N)
- CVSS Temporal Score : 5.9";
-
script_description(desc);
script_dependencies("secpod_phpmyadmin_detect_900129.nasl");
script_require_keys("phpMyAdmin/installed");
Property changes on: trunk/openvas-plugins/scripts/secpod_phpmyadmin_xss_vuln_900134.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,6 +33,7 @@
script_bugtraq_id(30553);
script_copyright("Copyright (C) 2008 SecPod");
script_tag(name:"cvss_base", value:"7.8");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"risk_factor", value:"High");
script_category(ACT_GATHER_INFO);
script_family("General");
@@ -57,12 +58,8 @@
Fix : Apply the patch,
http://developer.pidgin.im/attachment/ticket/6500/nss-cert-verify.patc h
- References : http://developer.pidgin.im/ticket/6500
+ References : http://developer.pidgin.im/ticket/6500 ";
- CVSS Score :
- CVSS Base Score : 7.8 (AV:N/AC:M/Au:NR/C:C/I:P/A:N)
- CVSS Temporal Score : 6.1";
-
script_description(desc);
script_dependencies("gather-package-list.nasl");
script_require_keys("ssh/login/uname");
Property changes on: trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_win_900020.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_win_900020.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_win_900020.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -33,6 +33,7 @@
script_bugtraq_id(30553);
script_copyright("Copyright (C) 2008 SecPod");
script_tag(name:"cvss_base", value:"7.8");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"risk_factor", value:"High");
script_category(ACT_GATHER_INFO);
script_family("General");
@@ -57,12 +58,8 @@
Fix : Apply the patch from,
http://developer.pidgin.im/attachment/ticket/6500/nss-cert-verify.patc h
- References : http://developer.pidgin.im/ticket/6500
+ References : http://developer.pidgin.im/ticket/6500 ";
- CVSS Score :
- CVSS Base Score : 7.8 (AV:N/AC:M/Au:NR/C:C/I:P/A:N)
- CVSS Temporal Score : 6.1";
-
script_description(desc);
script_dependencies("secpod_reg_enum.nasl");
script_require_keys("SMB/WindowsVersion");
Property changes on: trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_win_900020.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_putty_dos_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_putty_dos_vuln_win.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_putty_dos_vuln_win.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(902780);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"creation_date", value:"2011-12-26 18:52:49 +0530 (Mon, 26 Dec 2011)");
script_tag(name:"last_modification", value:"$Date$");
Modified: trunk/openvas-plugins/scripts/secpod_rhinosoft_serv-u_dir_trav_and_dos_vuln_900149.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_rhinosoft_serv-u_dir_trav_and_dos_vuln_900149.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_rhinosoft_serv-u_dir_trav_and_dos_vuln_900149.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_bugtraq_id(31563);
script_copyright("Copyright (C) 2008 SecPod");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_category(ACT_GATHER_INFO);
script_family("Denial of Service");
@@ -62,12 +63,8 @@
References :
http://milw0rm.com/exploits/6660
http://secunia.com/advisories/32150/
- http://xforce.iss.net/xforce/xfdb/45653
+ http://xforce.iss.net/xforce/xfdb/45653 ";
- CVSS Score :
- CVSS Base Score : 7.5 (AV:N/AC:M/Au:SI/C:P/I:P/A:C)
- CVSS Temporal Score : 6.7";
-
script_description(desc);
script_dependencies("secpod_reg_enum.nasl", "find_service.nes");
script_require_keys("SMB/WindowsVersion");
Property changes on: trunk/openvas-plugins/scripts/secpod_rhinosoft_serv-u_dir_trav_and_dos_vuln_900149.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_ricoh_dc_dl10_ftp_user_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ricoh_dc_dl10_ftp_user_bof_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_ricoh_dc_dl10_ftp_user_bof_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,6 +30,7 @@
script_bugtraq_id(52235);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-26 14:14:14 +0530 (Mon, 26 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_sitemagic_cms_dir_traversal_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_sitemagic_cms_dir_traversal_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_sitemagic_cms_dir_traversal_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"creation_date", value:"2011-07-01 16:09:45 +0200 (Fri, 01 Jul 2011)");
script_bugtraq_id(48399);
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("Sitemagic CMS 'SMTpl' Parameter Directory Traversal Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_sitemagic_cms_dir_traversal_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_smallftpd_mult_requests_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_smallftpd_mult_requests_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_smallftpd_mult_requests_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-07-01 16:09:45 +0200 (Fri, 01 Jul 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Smallftpd FTP Server Multiple Requests Denial of Service Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_smallftpd_mult_requests_dos_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-03-25 15:52:06 +0100 (Fri, 25 Mar 2011)");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("SmarterMail Multiple Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_smartermail_multiple_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_smartftp_client_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_smartftp_client_info_disc_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_smartftp_client_info_disc_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-06-24 16:31:03 +0200 (Fri, 24 Jun 2011)");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("SmartFTP Client Information Disclosure Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_smartftp_client_info_disc_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_snews_reorder_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_snews_reorder_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_snews_reorder_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"creation_date", value:"2011-07-27 09:16:39 +0200 (Wed, 27 Jul 2011)");
script_cve_id("CVE-2011-2706");
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("sNews 'reorder' Functions Cross Site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_snews_reorder_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_solarwinds_orion_storage_manager_mult_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_solarwinds_orion_storage_manager_mult_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_solarwinds_orion_storage_manager_mult_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(902902);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-01-24 11:53:50 +0530 (Tue, 24 Jan 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-03-25 15:52:06 +0100 (Fri, 25 Mar 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("SpoonFTP 'RETR' Command Remote Denial of Service Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_spoonftp_retr_cmd_dos_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_ssl_cookie_secure_flag_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ssl_cookie_secure_flag_info_disc_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_ssl_cookie_secure_flag_info_disc_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-01 17:10:53 +0530 (Thu, 01 Mar 2012)");
script_tag(name:"cvss_base", value:"6.4");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_tag(name:"risk_factor", value:"High");
script_name("Missing Secure Attribute SSL Cookie Information Disclosure Vulnerability");
desc = "
Modified: trunk/openvas-plugins/scripts/secpod_support_incident_tracker_mult_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_support_incident_tracker_mult_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_support_incident_tracker_mult_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,7 +31,8 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-08-02 09:08:31 +0200 (Tue, 02 Aug 2011)");
script_bugtraq_id(48896);
- script_tag(name:"cvss_base", value:"6.5");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("Support Incident Tracker SiT! Multiple SQL Injection Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_support_incident_tracker_mult_sql_inj_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_telnet_ftp_server_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_telnet_ftp_server_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_telnet_ftp_server_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(902819);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-21 16:16:16 +0530 (Wed, 21 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_tikiwiki_show_errors_stored_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_tikiwiki_show_errors_stored_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_tikiwiki_show_errors_stored_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,8 +34,9 @@
script_cve_id("CVE-2011-4551");
script_bugtraq_id(51128);
script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
- script_tag(name:"last_modification", value:"$Date: 2011-12-23 19:41:03 +0530 (Fri, 23 Dec 2011) $");
+ script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-12-21 15:59:55 +0530 (Wed, 21 Dec 2011)");
script_name("TikiWiki 'show_errors' Parameter Stored Cross-Site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_tikiwiki_show_errors_stored_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Revision Id
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_timelive_time_and_expense_tracking_mult_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_timelive_time_and_expense_tracking_mult_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_timelive_time_and_expense_tracking_mult_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-09-30 15:58:03 +0200 (Fri, 30 Sep 2011)");
script_tag(name:"cvss_base", value:"6.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("TimeLive Time and Expense Tracking Multiple Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_timelive_time_and_expense_tracking_mult_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_tiny_server_http_head_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_tiny_server_http_head_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_tiny_server_http_head_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,6 +30,7 @@
script_version("$Revision$");
script_bugtraq_id(52635);
script_tag(name:"cvss_base", value:"7.8");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-22 12:12:12 +0530 (Thu, 22 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_todayu_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_todayu_xss_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_todayu_xss_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -30,7 +30,8 @@
script_version("$Revision$");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-05-02 12:20:04 +0200 (Mon, 02 May 2011)");
- script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"risk_factor", value:"Medium");
script_name("Todayu Cross Site Scripting Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_todayu_xss_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_tvp_taghandling_bof_vuln_900409.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_tvp_taghandling_bof_vuln_900409.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_tvp_taghandling_bof_vuln_900409.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_bugtraq_id(32456);
script_copyright("Copyright (C) 2008 SecPod");
script_tag(name:"cvss_base", value:"8.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:C");
script_tag(name:"risk_factor", value:"Critical");
script_category(ACT_GATHER_INFO);
script_family("Denial of Service");
@@ -60,12 +61,8 @@
References:
http://milw0rm.com/exploits/7219
- http://www.juniper.net/security/auto/vulnerabilities/vuln32456.html
+ http://www.juniper.net/security/auto/vulnerabilities/vuln32456.html ";
- CVSS Score:
- CVSS Base Score : 8.3 (AV:N/AC:M/Au:NR/C:P/I:P/A:C)
- CVSS Temporal Score : 7.5";
-
script_description(desc);
script_dependencies("secpod_reg_enum.nasl");
script_require_keys("SMB/WindowsVersion");
Property changes on: trunk/openvas-plugins/scripts/secpod_tvp_taghandling_bof_vuln_900409.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_vbulletin_search_mult_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_vbulletin_search_mult_sql_inj_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_vbulletin_search_mult_sql_inj_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -32,6 +32,7 @@
script_tag(name:"creation_date", value:"2011-07-22 12:16:19 +0200 (Fri, 22 Jul 2011)");
script_bugtraq_id(48815);
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("vBulletin Search UI Multiple SQL Injection Vulnerabilities");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_vbulletin_search_mult_sql_inj_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_win_media_player_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_win_media_player_dos_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_win_media_player_dos_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -29,6 +29,7 @@
script_id(902781);
script_version("$Revision$");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"creation_date", value:"2011-12-27 18:30:35 +0530 (Tue, 27 Dec 2011)");
script_tag(name:"last_modification", value:"$Date$");
Modified: trunk/openvas-plugins/scripts/secpod_wintftp_server_dir_trav_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_wintftp_server_dir_trav_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_wintftp_server_dir_trav_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -31,6 +31,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2010-12-09 06:49:11 +0100 (Thu, 09 Dec 2010)");
script_tag(name:"cvss_base", value:"6.4");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_tag(name:"risk_factor", value:"High");
script_name("WinTFTP Server Pro Remote Directory Traversal Vulnerability");
desc = "
Modified: trunk/openvas-plugins/scripts/secpod_wordpress_backwpup_plugin_code_exec_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_wordpress_backwpup_plugin_code_exec_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_wordpress_backwpup_plugin_code_exec_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,6 +34,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-04-01 15:39:52 +0200 (Fri, 01 Apr 2011)");
script_tag(name:"cvss_base", value:"9.7");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:C/A:C");
script_tag(name:"risk_factor", value:"Critical");
script_name("WordPress BackWPup Plugin 'wpabs' Parameter Remote PHP Code Execution Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_wordpress_backwpup_plugin_code_exec_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
Modified: trunk/openvas-plugins/scripts/secpod_wordpress_zingiri_web_shop_rfi_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_wordpress_zingiri_web_shop_rfi_vuln.nasl 2012-07-31 13:40:13 UTC (rev 13812)
+++ trunk/openvas-plugins/scripts/secpod_wordpress_zingiri_web_shop_rfi_vuln.nasl 2012-07-31 14:05:43 UTC (rev 13813)
@@ -34,6 +34,7 @@
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2011-09-22 10:24:03 +0200 (Thu, 22 Sep 2011)");
script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"risk_factor", value:"High");
script_name("WordPress Zingiri Web Shop Plugin Remote File Inclusion Vulnerability");
desc = "
Property changes on: trunk/openvas-plugins/scripts/secpod_wordpress_zingiri_web_shop_rfi_vuln.nasl
___________________________________________________________________
Modified: svn:keywords
- Author Date Id Revision
+ Revision Date Id
More information about the Openvas-commits
mailing list